Static code analysis tools can discover vulnerabilities inside your code before they make their way to production. Jit integrates code scanners (SAST tools) to CI/CD to automatically scan the full code base and every new Pull Request.
For SAST vulnerabilities, Jit can auto-generate fix code that resolves the finding. Remediation is made available in two modes:
- Remediation in a Pull Request - In those cases, the suggested code is displayed in the PR itself, and the developer can accept it by clicking Commit suggestion.
- Remediation from the Actions page - In those cases, the user views the finding in the Jit Platform and clicks the Create a Fix PR button to generate a new Pull Request which introduces the fix code. In GitHub, the developer will review the newly created Pull Request and merge it to apply the fix.
Updated about 1 month ago