codeql

“Automatically Repair Your Code Vulnerabilities with GitHub’s Cutting-Edge AI Tool”

Gettyimages 1785159335
Earlier today, Sentry announced its AI Autofix feature for debugging production code and now, a few hours later, GitHub is launching the first beta of its code scanning autofix feature for finding and fixing security vulnerabilities during the coding process. This new feature combines the real-time capabilities of GitHub’s Copilot with CodeQL, the company’s semantic code analysis engine. The company also promises that code scanning autofix will cover more than 90% of alert types in the languages it supports, which are currently JavaScript, Typescript, Java, and Python. “Just as GitHub Copilot relieves developers of tedious and repetitive tasks, code scanning autofix will help development teams reclaim time formerly spent on remediation,” GitHub writes in today’s announcement. To generate the fixes and their explanations, GitHub uses OpenAI’s GPT-4 model.