Copilot Autofix for code scanning is now available for public reposit…

…ories (OS) on GitHub.com (#52311)

Co-authored-by: Ben Ahmady <[email protected]>
Co-authored-by: hubwriter <[email protected]>

content/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning.md

@@ -6,34 +6,29 @@ allowTitleToDifferFromFilename: true
 product: '{% data reusables.rai.code-scanning.gated-feature-autofix %}'
 versions:
   feature: code-scanning-autofix
-  fpt: '*'
 type: rai
 topics:
   - Advanced Security
   - Code scanning
   - CodeQL
   - AI
 ---
-<!--Note on the versioning above ^. This article is visible to free, pro, team users for transparency. They cannot use the feature so `fpt` is not included in the feature definition.-->
-
-{% data reusables.rai.code-scanning.autofix-note %}
 
 ## About {% data variables.product.prodname_copilot_autofix_short %} for {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %}
 
 {% data variables.product.prodname_copilot_autofix %} is an expansion of {% data variables.product.prodname_code_scanning %} that provides users with targeted recommendations to help them fix {% data variables.product.prodname_code_scanning %} alerts so they can avoid introducing new security vulnerabilities. The potential fixes are generated automatically by large language models (LLMs) using data from the codebase and from {% data variables.product.prodname_codeql %} analysis.
 
-> [!NOTE]
-> While {% data variables.product.prodname_copilot_autofix_short %} is powered by {% data variables.product.prodname_copilot %}, your enterprise does not need a subscription to {% data variables.product.prodname_copilot %} to use {% data variables.product.prodname_copilot_autofix_short %}. As long as your enterprise has {% data variables.product.prodname_GH_advanced_security %}, you will have access to {% data variables.product.prodname_copilot_autofix_short %}.
+{% data reusables.rai.code-scanning.copilot-autofix-note %}
 
 {% data variables.product.prodname_copilot_autofix_short %} generates potential fixes that are relevant to the existing source code and translates the description and location of an alert into code changes that may fix the alert. {% data variables.product.prodname_copilot_autofix_short %} uses internal {% data variables.product.prodname_copilot %} APIs interfacing with the large language model GPT-4o from OpenAI, which has sufficient generative capabilities to produce both suggested fixes in code and explanatory text for those fixes.
 
-{% ifversion code-scanning-autofix %}While {% data variables.product.prodname_copilot_autofix_short %} is allowed by default in an enterprise and enabled for every repository using {% data variables.product.prodname_codeql %}, you can choose to opt out and disable {% data variables.product.prodname_copilot_autofix_short %}. To learn how to disable {% data variables.product.prodname_copilot_autofix_short %} at the enterprise, organization and repository levels, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/disabling-autofix-for-code-scanning)."{% endif %}
+While {% data variables.product.prodname_copilot_autofix_short %} is allowed by default and enabled for every repository using {% data variables.product.prodname_codeql %}, you can choose to opt out and disable {% data variables.product.prodname_copilot_autofix_short %}. To learn how to disable {% data variables.product.prodname_copilot_autofix_short %} at the enterprise, organization and repository levels, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/disabling-autofix-for-code-scanning)."
 
 In an organization's security overview dashboard, you can view the total number of code suggestions generated on open and closed pull requests in the organization for a given time period. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/code-security/security-overview/viewing-security-insights#autofix-suggestions)" in the {% data variables.product.prodname_ghe_cloud %} documentation.
 
 ## Developer experience
 
-{% data variables.product.prodname_GH_advanced_security %} users can already see any security alerts detected by {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %} to analyze their pull requests. However, developers often have little training in code security so fixing these alerts requires substantial effort. They must first read and understand the alert location and description, and then use that understanding to edit the source code to fix the vulnerability.
+{% data variables.product.prodname_code_scanning_caps %} users can already see any security alerts detected by {% data variables.product.prodname_codeql %} to analyze their pull requests. However, developers often have little training in code security so fixing these alerts requires substantial effort. They must first read and understand the alert location and description, and then use that understanding to edit the source code to fix the vulnerability.
 
 {% data variables.product.prodname_copilot_autofix_short %} lowers the barrier of entry to developers by combining information on best practices with details of the codebase and alert to suggest a potential fix to the developer. Instead of starting with a search for information about the vulnerability, the developer starts with a code suggestion that demonstrates a potential solution for their codebase. The developer evaluates the potential fix to determine whether it is the best solution for their codebase and to ensure that it maintains the intended behavior.
 
@@ -120,16 +115,7 @@ It is important to remember that the author of a pull request retains responsibi
 
 ## Next steps
 
-{% ifversion code-scanning-autofix %}
-
 * "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts)"
 * "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests#working-with-autofix-suggestions-for-alerts-on-a-pull-request)"
 * "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository#generating-suggested-fixes-for-code-scanning-alerts)
 * "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/disabling-autofix-for-code-scanning)"
-
-{% elsif fpt %}
-
-* "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts)"
-* [AUTOTITLE](/enterprise-cloud@latest/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests#working-with-autofix-suggestions-for-alerts-on-a-pull-request) in the {% data variables.product.prodname_ghe_cloud %} documentation
-
-{% endif %}

content/code-security/code-scanning/managing-code-scanning-alerts/disabling-autofix-for-code-scanning.md

@@ -14,13 +14,13 @@ topics:
   - AI
 ---
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 ## About disabling {% data variables.product.prodname_copilot_autofix_short %} for {% data variables.product.prodname_code_scanning %}
 
 {% data variables.product.prodname_copilot_autofix %} is a {% data variables.product.prodname_copilot %}-powered is an expansion of {% data variables.product.prodname_code_scanning %} that provides users with targeted recommendations to help them fix {% data variables.product.prodname_code_scanning %} alerts so they can avoid introducing new security vulnerabilities. To learn more about {% data variables.product.prodname_copilot_autofix_short %} for {% data variables.product.prodname_code_scanning %}, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning)."
 
-{% data variables.product.prodname_copilot_autofix_short %} is allowed by default in an enterprise and enabled for every repository that uses {% data variables.product.prodname_codeql %}, regardless of whether it uses default or advanced setup for {% data variables.product.prodname_code_scanning %}. Administrators at the enterprise, organization and repository levels can choose to opt-out and disable {% data variables.product.prodname_copilot_autofix_short %}.
+{% data reusables.rai.code-scanning.copilot-autofix-note %}
+
+{% data variables.product.prodname_copilot_autofix_short %} is allowed by default and enabled for every repository that uses {% data variables.product.prodname_codeql %}, regardless of whether it uses default or advanced setup for {% data variables.product.prodname_code_scanning %}. Administrators at the enterprise, organization and repository levels can choose to opt out and disable {% data variables.product.prodname_copilot_autofix_short %}.
 
 Note that disabling {% data variables.product.prodname_copilot_autofix_short %} at any level will close all open {% data variables.product.prodname_copilot_autofix_short %} comments. If {% data variables.product.prodname_copilot_autofix_short %} is disabled and then subsequently enabled, {% data variables.product.prodname_copilot_autofix_short %} won't automatically suggest fixes for any pull requests that are already open. The suggestions will only be generated for any pull requests that are opened after {% data variables.product.prodname_copilot_autofix_short %} is enabled, or after re-running {% data variables.product.prodname_codeql %} analysis on existing pull requests.
 

content/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository.md

@@ -136,9 +136,9 @@ Alternatively, to track a {% data variables.product.prodname_code_scanning %} al
 
 ## Generating suggested fixes for {% data variables.product.prodname_code_scanning %} alerts
 
-{% data reusables.rai.code-scanning.autofix-note %}
+{% data variables.product.prodname_copilot_autofix %} can generate fixes for alerts from {% data variables.product.prodname_codeql %} analysis. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning)."
 
-{% data variables.product.prodname_copilot_autofix %} can generate fixes for alerts from {% data variables.product.prodname_codeql %} analysis in private repositories. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning)."
+{% data reusables.rai.code-scanning.copilot-autofix-note %}
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-security %}

content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md

@@ -132,10 +132,10 @@ Anyone with push access to a pull request can fix a {% data variables.product.pr
 
 ## Working with {% data variables.product.prodname_copilot_autofix_short %} suggestions for alerts on a pull request
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data variables.product.prodname_copilot_autofix %} is an expansion of {% data variables.product.prodname_code_scanning %} that provides you with targeted recommendations to help you fix {% data variables.product.prodname_code_scanning %} alerts in pull requests. The potential fixes are generated automatically by large language models (LLMs) using data from the codebase, the pull request, and from {% data variables.product.prodname_codeql %} analysis.
 
+{% data reusables.rai.code-scanning.copilot-autofix-note %}
+
 ![Screenshot of the check failure for a {% data variables.product.prodname_code_scanning %} alert in a pull request. Part of the "autofix" suggestion is outlined in dark orange.](/assets/images/help/code-scanning/alert+autofix.png)
 
 ### Generating {% data variables.product.prodname_copilot_autofix_short %} suggestions and publishing to a pull request

content/code-security/code-scanning/managing-your-code-scanning-configuration/c-cpp-built-in-queries.md

@@ -20,6 +20,4 @@ topics:
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data reusables.code-scanning.codeql-query-tables.cpp %}

content/code-security/code-scanning/managing-your-code-scanning-configuration/csharp-built-in-queries.md

@@ -20,6 +20,4 @@ topics:
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data reusables.code-scanning.codeql-query-tables.csharp %}

content/code-security/code-scanning/managing-your-code-scanning-configuration/go-built-in-queries.md

@@ -20,6 +20,4 @@ topics:
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data reusables.code-scanning.codeql-query-tables.go %}

content/code-security/code-scanning/managing-your-code-scanning-configuration/java-kotlin-built-in-queries.md

@@ -20,6 +20,4 @@ topics:
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data reusables.code-scanning.codeql-query-tables.java %}

content/code-security/code-scanning/managing-your-code-scanning-configuration/javascript-typescript-built-in-queries.md

@@ -20,6 +20,4 @@ topics:
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data reusables.code-scanning.codeql-query-tables.javascript %}

content/code-security/code-scanning/managing-your-code-scanning-configuration/python-built-in-queries.md

@@ -20,6 +20,4 @@ topics:
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data reusables.code-scanning.codeql-query-tables.python %}

content/code-security/code-scanning/managing-your-code-scanning-configuration/ruby-built-in-queries.md

@@ -20,6 +20,4 @@ topics:
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data reusables.code-scanning.codeql-query-tables.ruby %}

content/code-security/code-scanning/managing-your-code-scanning-configuration/swift-built-in-queries.md

@@ -20,6 +20,4 @@ topics:
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data reusables.code-scanning.codeql-query-tables.swift %}

content/code-security/security-overview/viewing-security-insights.md

@@ -148,8 +148,6 @@ Alerts that are reopened and re-closed during the chosen time period are ignored
 
 ### {% data variables.product.prodname_copilot_autofix_short %} suggestions
 
-{% data reusables.rai.code-scanning.autofix-note %}
-
 {% data variables.product.prodname_copilot_autofix %} is an expansion of {% data variables.product.prodname_code_scanning %} that provides you with targeted recommendations to help you fix {% data variables.product.prodname_code_scanning %} alerts. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning)."
 
 The "{% data variables.product.prodname_copilot_autofix_short %} suggestions" metric is the total number of {% data variables.product.prodname_copilot_autofix_short %} suggestions generated in open and closed pull requests during the chosen time period.

data/features/code-scanning-autofix.yml

@@ -1,4 +1,5 @@
-# Reference: #11173
+# Reference: #11173, and 14966
 
 versions:
   ghec: '*'
+  fpt: '*'

data/reusables/rai/code-scanning/copilot-autofix-note.md

@@ -0,0 +1,6 @@
+{% ifversion code-scanning-autofix %}
+
+> [!NOTE]
+> You do not need a subscription to {% data variables.product.prodname_copilot %} to use {% data variables.product.prodname_copilot_autofix %}. {% data variables.product.prodname_copilot_autofix_short %} is available to all public repositories on {% data variables.product.prodname_dotcom_the_website %}, as well as private repositories in {% data variables.product.prodname_ghe_cloud %} enterprises that have a license for {% data variables.product.prodname_GH_advanced_security %}.
+
+{% endif %}

data/reusables/rai/code-scanning/gated-feature-autofix.md

@@ -1 +1 @@
-{% data variables.product.prodname_copilot_autofix %} for {% data variables.product.prodname_code_scanning %} is available only to {% data variables.product.prodname_ghe_cloud %} users who have {% data variables.product.prodname_GH_advanced_security %}. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)."
+{% data variables.product.prodname_copilot_autofix %} for {% data variables.product.prodname_code_scanning %} is available for all public repositories on {% data variables.product.prodname_dotcom_the_website %}. {% data variables.product.prodname_copilot_autofix %} for {% data variables.product.prodname_code_scanning %} is also available for private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)."