Hi, there is no pull request support for gradle as in:
Is there an ETA for pull request support with gradle? Or are there workarounds?
Thanks
Best answer by felix.kruuse
View originalHi, there is no pull request support for gradle as in:
Is there an ETA for pull request support with gradle? Or are there workarounds?
Thanks
Best answer by felix.kruuse
View originalHello
Please let me know if you have any more questions :)
Hi
Benedita is correct, there’s no workaround in creating Pull Requests but there is in fixing your vulnerabilities.
However, the Pull Requests use our “Root Fix” technology in the background which is available for Gradle. The root fix is where the magic happens of calculating what version you need to update your dependencies to in order to get rid of the vulnerability, this is then used both in the Pull Request and in the dependency trees in the UI.
While using the PR feature certainly is convenient, updating your dependencies manually using the information in the tree achieves the same results (Updating Jest from version 23.6.0 → 24.0.0 in the below example to solve the vuln in y18n).
You can create an account below using either single sign-on or a username/password. Already have an account? Log in
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.