To stay secure I would like code env to be scanned periodically for modules and libraries with known vulnerabilities. If a vulnerability is detected the environment is resolved with patched modules/libraries.
For projects running on automation a vulnerable environment is flagged and a bundle with updated env is created and owner/admins are allerted