# AUTO PR

{% embed url="<https://youtu.be/CSjCJMzcRO4>" %}

### Prerequisite

* Must have an online scan either from UI or CLI.

### Step 1: Patch the vulnerable dependencies

Once SCA scan is done, we can patch the vulnerable dependencies directly from UI if Source Control (Github/ Gitlab/ Bitbucket) is configured and you know that repo.

Open the SCA results and click on any dependency that is present in the manager file. For this example, we will take pom.xml

<figure><img src="https://lh6.googleusercontent.com/3Mc52zzQSfhGeVkFISBj94vwvcgBzGqMXS1Vk1eOS_ba20GcO87OYwHCFPJx0QxH0fnf0XyQJoUwopgQA7vd8sAfgRBPqXzEm28T67_15GcYcO3RZMCh3kd4GqmyqF91e9No0hXVWssilL57qhQfM4xp0-oaHPkhh5dBivqhjpbTuoXzO7QdBB5XviDj5Q" alt=""><figcaption></figcaption></figure>

And now click on Fox this vulnerability, if success full we get,

<figure><img src="https://lh4.googleusercontent.com/4pkYA6Iuu2QRSOReHWVFjqyNUF1GXuVV-5UXrYJfh217NEJmwO3X_vcTfT2ZfHkY4yl631zBnvIc0TL8tdPKKRvrqNC0HssouqvTvAXETjgEQqGSrH7yXQmJJjQpbNvYn6B1cKImHgmOKGk5Kv-aclw2-LYMZkjAfUVuOsedz56NjLBxbwdB54TxN8bMcg" alt=""><figcaption></figcaption></figure>

### Step 2: GitHub Check

On Github, we check if a pull request is generated or not.

<figure><img src="https://lh6.googleusercontent.com/v9whLJLmbCPYBwt7nBluuGPd2OJg_vFor9ZJbE7up-JPkeUd17-ULm5Vaq4n61-rhI1UnUel0ZN1gTkRgC2okdPvUQhK3rXM36Cl-2HRxz4m-o5vlvXXeQ6GyZZ0kVHIJNxElwzgO5wtiWKi3aWfjwb9KwpCyDGelTiZADIsvZUyKhbrIvphLiRg9VxwUw" alt=""><figcaption></figcaption></figure>

PR is requested, which can be merged.