Incremental CodeQL analysis reduces scan times during Pull Requests [GA] #1113
Labels
Enterprise
Product SKU: GitHub Enterprise
Free
Product SKU: GitHub Free
ga
Feature phase: Generally available
Team
Product SKU: GitHub Team
Comments
glider-bot
added
Enterprise
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Value Prop
CodeQL is the static analysis engine that powers GitHub’s code scanning capabilities. In Pull Requests, it can pinpoint potential vulnerabilities and deliver detailed insights alongside automated remediation suggestions through Copilot Autofix. With this update, CodeQL queries focus exclusively on newly introduced code rather than rescanning the entire codebase, streamlining the analysis process.
Expected Outcome
Developers receive faster feedback during Pull Requests, reducing the time needed to identify and fix emerging vulnerabilities. This speed enhancement maintains the same quality of results on the Pull Requests page while accelerating the remediation process, enabling teams to secure their code more efficiently without compromising on thoroughness.
The text was updated successfully, but these errors were encountered: