Overview
Patching lets you generate a pull request that addresses a finding, directly from MindFort. The platform analyzes the finding, writes a fix, and opens a PR against the repository and branch you select.Patching Use Cases
Use patching when you want MindFort to turn finding context into a proposed code change.| Use Case | How It Helps |
|---|---|
| Fix a confirmed finding | Generate a PR from the finding’s evidence, impact, and remediation advice. |
| Speed up remediation review | Give engineers a concrete patch to inspect instead of starting from a blank ticket. |
| Handle repeated bug classes | Patch similar access-control, validation, or configuration issues faster after a pattern is understood. |
| Prepare for retest | Merge a reviewed fix, then re-run an assessment or targeted task to validate the result. |
| Connect security and engineering workflows | Keep the finding linked to the generated PR so teams can move from evidence to code review. |
Prerequisites
- A GitHub integration must be connected. Go to Settings > Integrations to set up the connection.
Create a Patch
- Open a finding from the Findings view.
- Click the Create Patch button in the finding actions bar.
- Select the repository that corresponds to the target.
- Select the base branch the PR should target.
- Click Create PR.
Review and Merge
After the PR is created:- Review the proposed changes on GitHub.
- Run your CI/CD checks as usual.
- Merge when satisfied.
Recommended Process
- Start with high- and critical-severity findings.
- Always review the generated PR before merging — treat it as a starting point.
- Re-run an assessment or retest after merging to confirm the finding is resolved.