This new GitHub tool will automatically fix security flaws in your code
GitHub launches new AI-powered code fixer
GitHub has introduced a new AI-powered code scanning autofix feature, a convenient tool designed to automatically rectify flaws in your code.
The new feature – a blend of CodeQL and GitHub Copilot, the company’s generative AI tool for writing and tweaking code – is designed to address the process of vulnerability remediation during the coding phase with the hope of inspiring developer confidence in their codebase.
Currently available in public beta, code scanning autofix has been automatically enabled for all private repositories among GitHub Advanced Security (GHAS) customers.
GitHub code scanning autofix launches in beta
GitHub’s Pierre Tempel and Eric Tooley, authors of the new announcement, said that the feature is designed to tackle more than 90% of alert types in popular programming languages such as JavaScript, Typescript, Java, and Python, promising to speed up the fixing process with minimal developer intervention.
Tempel and Tooley explained: “When a vulnerability is discovered in a supported language, fix suggestions will include a natural language explanation of the suggested fix, together with a preview of the code suggestion that the developer can accept, edit, or dismiss.”
Moreover, code scanning autofix extends its reach to include changes across multiple files and project dependencies, which is hoped to allow organizations to reduce the burden on security teams, in turn allowing them to focus on more proactive work instead of constantly fighting vulnerabilities.
The platform has already expressed its commitment to making this an even more valuable tool by promising upcoming support for more languages, including C# and Go.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
And of course, because this tool is in beta, the company is also keen to stress that developer feedback is vital to shaping the product, urging customers to share their findings.
More from TechRadar Pro
- Check out the best AI tools and best AI writers
- GitHub reminds users to enable 2FA or lose account functionality
- These are the best Python online courses to get your head around the coding language
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!