At any time, engineers can use Dependency Autofix to upgrade anything that fits into the category of “outdated” or “outdated with a vulernability”.
First, select which category you’d like to create a Proposal for:
EdgeBit will find an outdated or vulnerable library in your dependency tree and calculate the most suitable version to use. By default, an analysis report is created but an optional Pull Request can also be opened once the analysis is complete.
Click the start button to create the Proposal and start the analysis. The proposal will contain the upgrade, if available, and any transitive dependencies that may be required for that new version.
An analysis will be completed across all of the upgraded dependencies to determine how the upgrade will interact with your app code and any risk that it poses.