Security News > 2024 > March > GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code

GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code
2024-03-20 18:52

GitHub introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding.

Known as Code Scanning Autofix and powered by GitHub Copilot and CodeQL, it helps deal with over 90% of alert types in JavaScript, Typescript, Java, and Python.

After being toggled on, it provides potential fixes that GitHub claims will likely address more than two-thirds of found vulnerabilities while coding with little or no editing.

"Just as GitHub Copilot relieves developers of tedious and repetitive tasks, code scanning autofix will help development teams reclaim time formerly spent on remediation."

More details about the GitHub Copilot-powered code scanning autofix tool are available on GitHub's documentation website.

Last month, the company also enabled push protection by default for all public repositories to stop the accidental exposure of secrets like access tokens and API keys when pushing new code.


News URL

https://www.bleepingcomputer.com/news/security/githubs-new-ai-powered-tool-auto-fixes-vulnerabilities-in-your-code/