Pull request support with gradle

Hi, there is no pull request support for gradle as in:


Is there an ETA for pull request support with gradle? Or are there workarounds?



Best answer by felix.kruuse 7 June 2023, 09:28

View original

2 replies

Userlevel 4

Hello @felix ! Thanks for your question. As far as I am aware there are no workarounds for PRs for Gradle. At the moment this is not planned in our roadmap but I will be sure to share this interest with our product team and we will come back to you if we have any questions that would help us define this functionality.


Please let me know if you have any more questions :)


Badge +2

Hi @felix,

Benedita is correct, there’s no workaround in creating Pull Requests but there is in fixing your vulnerabilities. 

However, the Pull Requests use our “Root Fix” technology in the background which is available for Gradle. The root fix is where the magic happens of calculating what version you need to update your dependencies to in order to get rid of the vulnerability, this is then used both in the Pull Request and in the dependency trees in the UI.


While using the PR feature certainly is convenient, updating your dependencies manually using the information in the tree achieves the same results (Updating Jest from version 23.6.0 → 24.0.0 in the below example to solve the vuln in y18n).