Skip to main content

Autofix

Overview​

Autofix extends AI-assisted remediation by generating code changes for eligible vulnerabilities and opening them as pull requests in your repository.

This helps reduce manual effort and speeds up the remediation workflow while preserving the normal code review process.

How Autofix Works​

There are two ways to use Autofix:

  1. Manual trigger: Click Generate Fix inside the vulnerability details view. The agent analyzes the vulnerability context, proposes a fix, and creates a pull request with the suggested changes.

Generate Fix button

  1. Automatic mode: When the Autofix policy is enabled in Policies, the platform can automatically generate pull requests for eligible vulnerabilities without manual intervention.

Autofix policy

Review Flow​

All generated fixes are delivered as pull requests so your team can review, test, and approve the changes before merging them into the codebase.

Contribute to the Docs

Found something outdated or missing? Help us improve the documentation with a quick suggestion or edit.

How to contribute

Resources

By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.

Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.

Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.