Manage code scanning alerts

Discover how to assess, manage, and resolve code scanning alerts to keep your code secure.

Assessing code scanning alerts for your repository

From the security view, you can explore and evaluate alerts for potential vulnerabilities or errors in your project's code.

Triaging code scanning alerts in pull requests

When code scanning identifies a problem in a pull request, you can review the highlighted code and resolve the alert.

Resolving code scanning alerts

From the security view, you can view, fix, or dismiss alerts for potential vulnerabilities or errors in your project's code.

Enabling delegated alert dismissal for code scanning

You can use delegated alert dismissal to control who can dismiss an alert found by code scanning.

Disabling Copilot Autofix for code scanning security alerts

You can block availability of GitHub Copilot Autofix for security alerts for an enterprise or disable GitHub Copilot Autofix at the organization and repository level.