BOLT For Azure Devops video 1.0
This video will explain what Mend Bolt is and how to integrate it into your GitHub workflow.
In just a few minutes, you’ll learn how Mend Bolt helps you identify vulnerabilities and license risks in your open source dependencies—and how to get started with it quickly and easily.
What is Mend Bolt?
Mend Bolt is a free security tool that integrates directly with GitHub to scan your repositories for open source vulnerabilities and license issues. It’s designed for developers who want to keep their projects secure without adding friction to their workflow.
Once installed, Mend Bolt automatically analyzes your project’s dependencies and highlights security risks directly in your GitHub interface. It provides clear details on the nature of each vulnerability and, where possible, suggests safer versions or alternative packages. It even opens pull requests with recommended fixes, helping you resolve issues fast and stay focused on building.
How to Integrate Mend Bolt with GitHub
Integrating Mend Bolt is quick and straightforward. You simply connect it to your GitHub account, select the repositories you want to monitor, and let it run its first scan. Within moments, Mend Bolt will display a summary of known vulnerabilities and license risks in your dependencies.
The video will walk you through each step—from installation to reviewing results—so you can start securing your code with minimal effort. Whether you're working on a personal project or contributing to a team repo, Mend Bolt helps you build securely from the start.
