Documentation Index
Fetch the complete documentation index at: https://docs.replit.com/llms.txt
Use this file to discover all available pages before exploring further.
Definitions of the security terms used across the Project Security Center and Workspace Security Center.
CVE
Common Vulnerabilities and Exposures. A CVE is a unique identifier, such as CVE-2024-12345, for a publicly disclosed software vulnerability.
Severity
The risk rating for a vulnerability: critical, high, medium, or low. Use severity with exposure to decide which projects to fix first.
Dependency
A third-party package that your project depends on. Vulnerabilities in dependencies affect every project that uses them until the dependency is updated or replaced.
SBOM
Software Bill of Materials. An SBOM is a machine-readable inventory of packages, versions, and licenses in a project.
SPDX and CycloneDX
Standard SBOM formats used by security and compliance tooling. Choose the format your audit, compliance, or software composition analysis tool expects.
Exposure
The risk surface created by publishing status and visibility. A public, published project has higher exposure than a private or unpublished project.
Fix with Agent
An action that asks Replit Agent to draft a patch for an affected project as a background task. Review the generated change before applying it.
Republish
Redeploys a project using its existing deployment configuration. Use Republish after a fix is applied to release the patched version.
Auto-Protect
An admin opt-in mode that continuously monitors newly disclosed CVEs against your projects’ dependencies. When a match is found, Replit Agent prepares a patch and notifies the project owner.
