Solved

Pull request support with gradle

  • 2 June 2023
  • 2 replies
  • 64 views
F

Hi, there is no pull request support for gradle as in:

 

Is there an ETA for pull request support with gradle? Or are there workarounds?

Thanks

icon

Best answer by felix.kruuse 7 June 2023, 09:28

View original

2 replies

Benedita
Rank
Userlevel 4

Hello @felix ! Thanks for your question. As far as I am aware there are no workarounds for PRs for Gradle. At the moment this is not planned in our roadmap but I will be sure to share this interest with our product team and we will come back to you if we have any questions that would help us define this functionality.

 

Please let me know if you have any more questions :)

 

/ Benedita
felix.kruuse
Rank
Badge +2

Hi @felix,

Benedita is correct, there’s no workaround in creating Pull Requests but there is in fixing your vulnerabilities. 

However, the Pull Requests use our “Root Fix” technology in the background which is available for Gradle. The root fix is where the magic happens of calculating what version you need to update your dependencies to in order to get rid of the vulnerability, this is then used both in the Pull Request and in the dependency trees in the UI.

 

While using the PR feature certainly is convenient, updating your dependencies manually using the information in the tree achieves the same results (Updating Jest from version 23.6.0 → 24.0.0 in the below example to solve the vuln in y18n).

 

 

 

Reply


Terms & ConditionsCookie settings