Corgea seamlessly integrates through the GitHub app in the following steps:
- Register to install: After registering on the Corgea website, log in to GitHub to install the app and authorize target repository permissions.
- Configuration Scanning: Select the warehouse in the dashboard and set the scanning frequency (e.g. per submission or daily scanning).
- SAST Tool Integration(Optional): add the API key for Snyk/Semgrep and Corgea will automatically synchronize the scan results.
When integrated, the platform is automated:
- Trigger real-time scanning on code commit
- Push vulnerability fix code to GitHub as a Pull Request
- Send SLA expiration reminders via email/Slack
Note that the free version only supports 2 warehouses, you need to make sure the network is stable to synchronize the scanning results.
This answer comes from the articleCorgea: an AI security platform that automatically fixes code vulnerabilitiesThe
May not be reproduced without permission:AI productivity tools " How to integrate Corgea into a GitHub development workflow?
English 
简体中文 
日本語 
Deutsch 
Português do Brasil