autoremediator 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +27 -14
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -14,6 +14,8 @@ Autoremediator is an automation-first Node.js CVE remediation platform package.
|
|
|
14
14
|
|
|
15
15
|
This package is designed for teams that want remediation integrated into GitHub workflows and CI pipelines.
|
|
16
16
|
|
|
17
|
+
It exposes stable SDK and CLI surfaces for direct CVE remediation and scanner-driven automation.
|
|
18
|
+
|
|
17
19
|
## Why Teams Use It
|
|
18
20
|
|
|
19
21
|
- Continuous remediation in CI and scheduled GitHub workflows
|
|
@@ -30,6 +32,18 @@ This package is designed for teams that want remediation integrated into GitHub
|
|
|
30
32
|
- Platform-level remediation orchestration across many services
|
|
31
33
|
- Agentic integration via CLI, SDK, MCP, and OpenAPI
|
|
32
34
|
|
|
35
|
+
## How Remediation Works
|
|
36
|
+
|
|
37
|
+
Core pipeline behavior:
|
|
38
|
+
|
|
39
|
+
1. CVE lookup and enrichment
|
|
40
|
+
2. installed dependency inventory detection
|
|
41
|
+
3. vulnerable version matching
|
|
42
|
+
4. safe version bump attempt
|
|
43
|
+
5. controlled fallback patch flow when no safe bump exists
|
|
44
|
+
|
|
45
|
+
Safety and policy controls are applied through each stage.
|
|
46
|
+
|
|
33
47
|
## Surfaces
|
|
34
48
|
|
|
35
49
|
- CLI: workflow and CI execution
|
|
@@ -39,15 +53,14 @@ This package is designed for teams that want remediation integrated into GitHub
|
|
|
39
53
|
|
|
40
54
|
## Documentation
|
|
41
55
|
|
|
42
|
-
- https://rawlings.github.io/autoremediator/
|
|
43
|
-
|
|
44
|
-
-
|
|
45
|
-
-
|
|
46
|
-
-
|
|
47
|
-
-
|
|
48
|
-
-
|
|
49
|
-
-
|
|
50
|
-
- Contributor Guide: https://rawlings.github.io/autoremediator/docs/contributor-guide
|
|
56
|
+
- [Docs Home](https://rawlings.github.io/autoremediator/)
|
|
57
|
+
- [Getting Started](https://rawlings.github.io/autoremediator/docs/getting-started): install and first remediation runs
|
|
58
|
+
- [CLI Reference](https://rawlings.github.io/autoremediator/docs/cli): command and option semantics
|
|
59
|
+
- [Scanner Inputs](https://rawlings.github.io/autoremediator/docs/scanner-inputs): scanner adapters and format constraints
|
|
60
|
+
- [Policy and Safety](https://rawlings.github.io/autoremediator/docs/policy-and-safety): policy precedence and operational guardrails
|
|
61
|
+
- [API and SDK](https://rawlings.github.io/autoremediator/docs/api-sdk): public programmatic entry points
|
|
62
|
+
- [Integrations](https://rawlings.github.io/autoremediator/docs/integrations): CI workflows and service integrations
|
|
63
|
+
- [Contributor Guide](https://rawlings.github.io/autoremediator/docs/contributor-guide): architecture and extension guidance
|
|
51
64
|
|
|
52
65
|
## Product Direction
|
|
53
66
|
|
|
@@ -59,14 +72,14 @@ This package is designed for teams that want remediation integrated into GitHub
|
|
|
59
72
|
|
|
60
73
|
Start from the live guides instead of repo markdown:
|
|
61
74
|
|
|
62
|
-
- Quick setup
|
|
63
|
-
- Automation workflows
|
|
64
|
-
- Safety controls
|
|
75
|
+
- [Quick setup](https://rawlings.github.io/autoremediator/docs/getting-started)
|
|
76
|
+
- [Automation workflows](https://rawlings.github.io/autoremediator/docs/integrations)
|
|
77
|
+
- [Safety controls](https://rawlings.github.io/autoremediator/docs/policy-and-safety)
|
|
65
78
|
|
|
66
79
|
## Package
|
|
67
80
|
|
|
68
|
-
- npm
|
|
69
|
-
- repository
|
|
81
|
+
- [npm package](https://www.npmjs.com/package/autoremediator)
|
|
82
|
+
- [repository](https://github.com/Rawlings/autoremediator)
|
|
70
83
|
|
|
71
84
|
## License
|
|
72
85
|
|
package/package.json
CHANGED