Skip to content

[2.19] Configure whitesource remediate to auto create PRs for deps with known vulnerabilities #10792

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 5 commits into
base: 2.19
Choose a base branch
from
Draft

[2.19] Configure whitesource remediate to auto create PRs for deps with known vulnerabilities #10792

wants to merge 5 commits into from
+32 −353

Conversation

@cwperks
Copy link
Member

@cwperks cwperks commented Oct 23, 2025
edited
Loading

Description

This PR copies the whitesource config from skills-eval repo which has been successfully creating PRs like opensearch-project/skills-eval#62 to auto resolve dependency updates with known vulnerabilies.

This is an alternative to dependabot to keep the number of PRs down, but dependabot may also be useful to try out as well.

Changelog

  • chore: Configure whitesource remediate to auto create PRs for deps with known vulnerabilities

Check List

  • All tests pass
    • yarn test:jest
    • yarn test:jest_integration
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

@codecov
Copy link

codecov bot commented Oct 23, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 61.15%. Comparing base (a659762) to head (90969c5).

Additional details and impacted files 
@@            Coverage Diff             @@
##             2.19   #10792      +/-   ##
==========================================
- Coverage   61.16%   61.15%   -0.02%     
==========================================
  Files        3815     3815              
  Lines       91512    91512              
  Branches    14459    14459              
==========================================
- Hits        55975    55960      -15     
- Misses      31980    31993      +13     
- Partials     3557     3559       +2
Flag Coverage Δ
Linux_1 29.13% <ø> (ø)
Linux_2 56.60% <ø> (ø)
Linux_3 38.06% <ø> (-0.01%) ⬇️
Linux_4 29.17% <ø> (-0.01%) ⬇️
Windows_1 29.14% <ø> (-0.02%) ⬇️
Windows_2 56.55% <ø> (ø)
Windows_3 38.06% <ø> (ø)
Windows_4 29.17% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@cwperks cwperks changed the title [2.19] Test whitesource scanning [2.19] Configure whitesource remediate to auto create PRs for deps with known vulnerabilities Oct 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ananzh ananzh Awaiting requested review from ananzh ananzh will be requested when the pull request is marked ready for review ananzh is a code owner

@kavilla kavilla Awaiting requested review from kavilla kavilla will be requested when the pull request is marked ready for review kavilla is a code owner

@AMoo-Miki AMoo-Miki Awaiting requested review from AMoo-Miki AMoo-Miki will be requested when the pull request is marked ready for review AMoo-Miki is a code owner

@ashwin-pc ashwin-pc Awaiting requested review from ashwin-pc ashwin-pc will be requested when the pull request is marked ready for review ashwin-pc is a code owner

@joshuarrrr joshuarrrr Awaiting requested review from joshuarrrr joshuarrrr will be requested when the pull request is marked ready for review joshuarrrr is a code owner

@abbyhu2000 abbyhu2000 Awaiting requested review from abbyhu2000 abbyhu2000 will be requested when the pull request is marked ready for review abbyhu2000 is a code owner

@zengyan-amazon zengyan-amazon Awaiting requested review from zengyan-amazon zengyan-amazon will be requested when the pull request is marked ready for review zengyan-amazon is a code owner

@zhongnansu zhongnansu Awaiting requested review from zhongnansu zhongnansu will be requested when the pull request is marked ready for review zhongnansu is a code owner

@manasvinibs manasvinibs Awaiting requested review from manasvinibs manasvinibs will be requested when the pull request is marked ready for review manasvinibs is a code owner

@ZilongX ZilongX Awaiting requested review from ZilongX ZilongX will be requested when the pull request is marked ready for review ZilongX is a code owner

@Flyingliuhub Flyingliuhub Awaiting requested review from Flyingliuhub Flyingliuhub will be requested when the pull request is marked ready for review Flyingliuhub is a code owner

@curq curq Awaiting requested review from curq curq will be requested when the pull request is marked ready for review curq is a code owner

@bandinib-amzn bandinib-amzn Awaiting requested review from bandinib-amzn bandinib-amzn will be requested when the pull request is marked ready for review bandinib-amzn is a code owner

@SuZhou-Joe SuZhou-Joe Awaiting requested review from SuZhou-Joe SuZhou-Joe will be requested when the pull request is marked ready for review SuZhou-Joe is a code owner

@ruanyl ruanyl Awaiting requested review from ruanyl ruanyl will be requested when the pull request is marked ready for review ruanyl is a code owner

@BionIT BionIT Awaiting requested review from BionIT BionIT will be requested when the pull request is marked ready for review BionIT is a code owner

@xinruiba xinruiba Awaiting requested review from xinruiba xinruiba will be requested when the pull request is marked ready for review xinruiba is a code owner

@zhyuanqi zhyuanqi Awaiting requested review from zhyuanqi zhyuanqi will be requested when the pull request is marked ready for review zhyuanqi is a code owner

@mengweieric mengweieric Awaiting requested review from mengweieric mengweieric will be requested when the pull request is marked ready for review mengweieric is a code owner

@LDrago27 LDrago27 Awaiting requested review from LDrago27 LDrago27 will be requested when the pull request is marked ready for review LDrago27 is a code owner

@virajsanghvi virajsanghvi Awaiting requested review from virajsanghvi virajsanghvi will be requested when the pull request is marked ready for review virajsanghvi is a code owner

@sejli sejli Awaiting requested review from sejli sejli will be requested when the pull request is marked ready for review sejli is a code owner

@joshuali925 joshuali925 Awaiting requested review from joshuali925 joshuali925 will be requested when the pull request is marked ready for review joshuali925 is a code owner

@huyaboo huyaboo Awaiting requested review from huyaboo huyaboo will be requested when the pull request is marked ready for review huyaboo is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

backport main

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cwperks