GitHub can now squash even more code bugs before release

News
By published

GitHub has released new code scanning tools for developers

(Image credit: Pixabay)

GitHub has announced that 10 new third-party tools have been made available for use with its recently released code scanning feature. This means more developers will be able to remove security vulnerabilities and other faults before they are committed to code.

Code scanning was announced at the end of September as a developer-first, GitHub-native approach to reducing the number of vulnerabilities that reach the production stage. Developers are freed up to focus on writing their most creative and beautiful lines of code, while GitHub’s CodeQL static scanning engine automatically runs actionable security rules.

Scanning occurs as new code is created and integrates with GitHub Actions or your existing CI/CD environment to provide maximum flexibility for developers.

Welcome to the party

The code scanning feature has been an early success, identifying some 20,000 security issues since its beta launch in May. The addition of 10 new third-party tools will provide added customisation options for developers, while still allowing them to use their preferred  GitHub tools and continue enjoying a single-user experience.

“Today, we’re happy to introduce 10 new third-party tools available with GitHub code scanning,” Jose Palafox, a senior business development manager at GitHub confirmed in a blog post. “These open source projects and static application security testing (SAST) solutions bring a wide array of additional security tools directly into the developer workflow, ensuring that vulnerabilities can be identified and fixed before they are committed to the code base.”

Among the ten new tools are Checkmarx, the leading software security solution for enterprise software development, and Codacy, which provides static analysis, cyclomatic complexity, duplication and code unit test coverage changes for every commit and pull request. The remaining new tools consist of CodeScan, DefenseCode ThunderScan, Fortify on Demand, Muse, Secure Code Warrior, Synopsys Intelligent Security Scan, Veracode Static Analysis, and Xanitizer.

The third-party scanning tools are available from the GitHub Marketplace now.

Barclay Ballard
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things. 

Latest in Security
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Avast cybersecurity
UK cybersecurity sector could be worth £13bn, research shows
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Trump
Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
Latest in News
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'
Elayne, Egwene, and Nynaeve dressed regally and on horseback in The Wheel of Time season 3
'There's a reason why we do it': The Wheel of Time showrunner responds to fans who are still upset over the Prime Video show's plot alterations
Google Pixel 9
Android 16 could bring an improved Samsung DeX-style desktop mode to more phones
An Nvidia GeForce RTX 4060 Ti
Nvidia could unleash RTX 5060 and 5060 Ti GPUs on PC gamers tomorrow, but there’s no sign of rumored RTX 5050 yet
AI writing
ChatGPT just wrote the most beautiful short story, and I wonder what I'm even doing here
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
More about security
Google Chrome dark mode

Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Trump

Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
Some of the best mobile controllers on a colorful background.

The best mobile controllers 2025: upgrade your portable play
See more latest
Most Popular
Apple products all showing different versions of the Apple Photos app
Apple Photos could actually win you over in iOS 18.4 – here are 4 improvements that are coming
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
JBL Charge 6
JBL's new Bluetooth speakers bring all the upgrades I most wanted to see, and they're coming soon
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'
Windows 10 button on a keyboard
Microsoft’s Remote Desktop app becomes the Windows App
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Thursday, March 13 (game #375)
Trump
Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Thursday, March 13 (game #641)
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Quordle on a smartphone held in a hand
Quordle hints and answers for Thursday, March 13 (game #1144)