Integrating your security scanner

Filter Infield for dependencies with an open CVE

Infield integrates with security scanners so you can prioritize dependency upgrades based on open vulnerabilities. Connect your security scanner and you'll see a "Open CVEs" filter on your dependencies list, where you can filter your packages based on the severity of open CVEs. You can then use Infield to understand what breaking changes sit between the version you're running and the patched one.


When installing Infield, if you use our Github app, we support Dependabot out of the box. This means that Dependabot alerts will be synced in Infield and when prioritizing upgrade work, you can filter on which dependencies in your projects have open CVEs.

Note that you need to have "Dependabot Security Alerts" enabled on your repository within Github. Learn how to set that up.


If you use Snyk or another security scanner, contact us to set up a custom integration for your repository.