JFrog Frogbot version 2
Frogbot scans every pull request created for security vulnerabilities with JFrog Xray and in version 2 it even opens pull requests for upgrading vulnerable dependencies to a version with a fix!.
With Frogbot installed, you can make sure that new pull requests don’t add new security vulnerabilities to your code base alongside them. If they do, the creator of the pull request has the opportunity to change the code before it is merged.
Frogbot reports its findings directly in the git UI. It simply adds a comment with its findings. You can think of Frogbot as your new team member, keeping your code safe.
If by some reason a vulnerable dependency finds its way into your repository, frogbot can create pull requests automatically to upgrade to a new version that fixes said dependency.