GitHub is previewing code scanning autofix, a function that mixes its GitHub Copilot AI assistant with its CodeQL code scanner to supply instructed fixes to found vulnerabilities. Code scanning autofix is accessible in a public beta to GitHub Superior Safety clients.
Launched March 20, code scanning autofix makes vulnerability fixes accessible instantly as a developer is coding, GitHub stated. GitHub Copilot AI is used to supply a code suggestion and rationalization immediately within the pull request. Code scanning autofix covers greater than 90% of alert varieties in JavaScript, TypeScript, Java, and Python, and remediates greater than two-thirds of discovered vulnerabilities with little or no enhancing, based on the corporate.
Code scanning autofix leverages the CodeQL engine and a mix of heuristics and GitHub Copilot APIs to generate code recommendations. The function builds on the November 2023 unveiling of GitHub Software Safety, which offers extra safety features together with code scanning, secrets and techniques scanning, auto-triage guidelines for safety alerts, and dependency evaluations. These options require a GitHub Superior Safety license to run on repositories aside from public repositories on GitHub.
Copyright © 2024 IDG Communications, Inc.
