These PRs are raised during recurring tests, to fix vulnerabilities which are:
- New since last scan, and have a fix.
- Pre-dated the last scan, but a fix has been found since the last scan.
They are on by default for new integrations.
For supported Git repository integrations, you can enable or disable these for an entire integration (and all projects monitored through that integration), or override, enable or disable them for each project.
See Git repository SCM integrations for full details of supported integrations.
To enable at the integration level:
- Navigate to Settings > Integrations.
- Select a SCM integration (for example, GitHub).
- Enable New vulnerabilities - PRs to fix vulnerabilities found since the last recurring test:
Where it can be enabled per-project:
- Navigate to the project, then select Settings for that project.
- Select GitHub Integration.
- Under the Automatic fix pull requests section:
- Select to Customize for only this project
- Enable New vulnerabilities - PRs to fix vulnerabilities found since the last recurring test.