For further actions, you may consider blocking this person and/or reporting abuse
Join us for AWS Security LIVE!
Discover the future of cloud security. Tune in live for trends, tips, and solutions from AWS and AWS Partners.
Read next
How to Crack Your First DevOps Interview: Tips and Sample Questions
H A R S H H A A -
AI Dashboard Camera Dataset Predicts Car Crashes with 87% Accuracy in Real-World Conditions
Mike Young -
Million-Scale Video Dataset Helps AI Better Understand What Users Want When Generating Videos
Mike Young -
How to make sure you review your monkey patch when updating Ruby gems
Lucian Ghinda -
Top comments (2)
Not 100% automatic (but this type of thing absolutely should not be 100% automated), but you can opt-in to getting automated PR's from GitHub that fix the vulnerabilities it finds as they are found.
You can turn this on by going to the repository's 'Security' tab. At the top right of the 'Alerts' page on the security tab, there should be a button that says 'Automated Security Fixes'. Click it, then select the 'Automated Security Fixes' item in the drop-down that comes up.
This obviously requires that you're using a packaging system that GitHub recognizes (though you wouldn't be getting security alerts if you weren't). Somewhat interestingly, it seems to be freely available for private repositories even if you don't have a Pro account, though I'm not sure if it actually works or not.
Under the hood, this is powered by Dependabot (which was acquired by GitHub back in May).
dependabot.com/ you should check this out!