Product Update - 12/30/2025

Agentic Remediation for Java & Go

Heeler now supports agentic remediation for Java and Go, upgrading vulnerable dependencies while validating compatibility to prevent breaking changes.

Remediations that support agentic remediation are clearly marked with the Auto-Fixable status. This allows you to quickly filter for fixes that can be safely automated and combine them with other context, such as Direct vs. Transitive dependency classification. This lets teams start with low-risk, high-confidence fixes and gradually expand automation as trust builds.

When triggered, Heeler:

• Performs the dependency upgrade

• Validates the change using package ecosystem-specific build and resolution checks

• Creates a validated pull request, automatically linked to the associated ticket

You can trigger agentic remediation directly from the dependency listing or the dependency detail page using the Fix Now action.

Once a remediation is triggered, the Heeler agent provides real-time status updates, giving full visibility into each step taken during the fix.

The remediation status links directly to the generated pull request. Both the status view and the PR clearly show:

• The changes made

• The validation steps performed

• The vulnerabilities remediated

This ensures every automated fix is auditable, explainable, and non-breaking by design — even when automation is doing the work.

Heeler is expanding agentic remediation to support:

• More complex fixes that require first-party code changes

• Additional languages, including Python and JavaScript

Global Dependency View

Heeler’s new Global Dependency View provides a centralized view of all first- and third-party dependencies used across your entire environment. You can quickly generate an SBOM (CycloneDX format) for your entire environment.

Dependencies are enriched with critical context, including:

• Direct vs. Transitive usage

• Reachability

• Maintenance status (e.g. unmaintained)

• Version hygiene (e.g. unpinned)

• License approval status

This view makes it easy to identify systemic risk, reduce dependency sprawl, and enforce consistent dependency standards across teams.

For each dependency you can click the versions link to quickly see which versions are in use and the associated risk with each version.

You can drill into any dependency for an overiew, showing the package hygiene and version distribution accross the environment. You can also view the specific repositories, findings, and deployments associated with the dependency

From the overview, you can see which repositories and modules are using each specific version. This makes it easier to understand blast radius before remediation and verify impact after fixes are rolled out.

Direct / Indirect Classification

Heeler now clearly distinguishes between Direct and Indirect (Transitive) dependencies throughout the product.

This classification helps you:

• Prioritize fixes you can control directly

• Identify vulnerabilities introduced indirectly through dependency chains

• Combine dependency type with other filters such as risk, feasibility, and auto-fixability

This is especially useful when deciding whether a fix requires a code change, a version bump, or a broader dependency strategy. By understanding how a dependency is introduced, teams can make more informed remediation decisions and avoid unnecessary churn.

From a remediation you can quickly see whether the upgrade requires a direct or transitive upgrade.

New Ticketing Integrations

Linear

Heeler now integrates natively with Linear, allowing security findings and remediations to be created and tracked directly within Linear workflows.

With this integration, you can:

• Automatically create Linear issues from Heeler findings

• Keep security work aligned with engineering backlogs

• Maintain traceability between findings, remediations, and code changes

Jira App (OAuth)

Heeler’s new Jira App (OAuth) provides a secure, modern integration with Jira. This is the recommended integration method for Jira and we recommend modifying your existing integration to the Jira App when ready.

The Jira app allows Heeler to:

• Create and update Jira issues based on security findings

• Maintain synchronized status between Heeler and Jira

• Operate with fine-grained, workspace-level permissions

This replaces legacy authentication methods and simplifies Jira integration setup and management.

Expanded Image and Artifact Support

Heeler has expanded image and artifact support with new integrations for:

• Docker Hub (container images)

• GitHub Packages (artifacts)

These additions improve visibility into vulnerabilities and dependency risk across more of your build and delivery pipeline, helping you apply the same security context and remediation workflows beyond source code alone. These registries are now treated as first-class inputs, using the same dependency analysis and risk context as source code.