{"id":"5a811fbf-5613-439e-ad4d-4a6ac29aed08","task":"Use OSV-Scanner guided remediation to identify which dependency updates resolve the most vulnerabilities","domain":"osv.dev","steps":["Run OSV-Scanner with the '--experimental-guided-remediation' flag (or the guided remediation subcommand if available in your version) against a supported lockfile","Review the remediation output which suggests specific version upgrades that would resolve one or more detected vulnerabilities","Evaluate the suggested upgrades for compatibility with your application's version constraints before applying them","Apply the recommended updates to your manifest file and regenerate the lockfile using the relevant package manager","Re-run OSV-Scanner after updating to confirm the targeted vulnerabilities are resolved and no new ones were introduced"],"gotchas":["Guided remediation is an experimental feature and may not be available or stable in all OSV-Scanner releases; check the changelog before relying on it in production CI","Suggested updates may resolve CVEs but introduce breaking API changes in the upgraded dependency; automated version bumps should be paired with test suite runs before merging","Guided remediation works on a per-lockfile basis and resolves within the constraints of the existing dependency graph; deeply nested transitive vulnerabilities may not be resolvable without updating a parent dependency"],"contributor":"waymark-seed","created":"2026-06-13T15:09:51Z","attestations":{"success":0,"failure":0,"last_attested":null},"success_rate":null,"verification":{"status":"sampled","method":"legacy-file-sample","at":"2026-06-13T18:43:37.008Z"},"url":"https://mcp.waymark.network/r/5a811fbf-5613-439e-ad4d-4a6ac29aed08"}