Code scanning: AI-powered autofixes for CodeQL alerts integrated into VS Code #916
Labels
code scanning
Feature: Github Code Scanning
codeql
Feature: GitHub codeql
ga
Feature phase: Generally available
GitHub Advanced Security (GHAS)
Product SKU: GitHub Advanced Security
Comments
github-product-roadmap
added
code scanning
github-product-roadmap
changed the title
|
Please continue to refer to our updated Public Roadmap for the latest ships, including updates on the continuation of these projects. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Summary
By default, code scanning with CodeQL scans code in pull requests, and code on all default/protected branches. We recently shipped our AI-powered autofixes for alerts in pull requests. In the future, code scanning will also provide AI-generated fixes for CodeQL alerts that are present on default and protected branches, outside the pull request experience. To help developers interact with these fixes more easily and quickly, we will integrate alerts and autofixes into VS Code.
Intended Outcome
AI-powered autofixes will help developers fix existing security vulnerabilities on the main or default branches more quickly and with less effort, straight in their code editor on their local machine, without leaving their flow. This helps reduce the number of active vulnerabilities and improves the security posture.
How will it work?
The VS Code extension will integrate code scanning alerts (and autofixes) into VS Code.
The text was updated successfully, but these errors were encountered: