GitHub-Code-Scanning-Security
Image: GitHub

Users on GitHub handling code scanning on the platform now have a new setup option that provides a default setup. With this addition, developers can automatically enable code scanning on their repositories.

“Default setup simplifies getting started with code scanning on Python, JavaScript, and Ruby repositories,” details Walker Chabbott, a product marketing manager at GitHub, in the blog post.

“You can now enable code scanning in just a few clicks and without using a .yaml file, helping open source developers and enterprises streamline code scanning setup so they can secure more of their software. Once enabled, you’ll immediately start getting insights from code scanning in your code to help you find and fix vulnerabilities quickly without disrupting your workflow.”

If you are unfamiliar with code scanning, it is a tool in GitHub that allows users to analyze their code. By scanning code in their repository, users can locate coding errors and security vulnerabilities. The new default setup will help users to do this more efficiently.

Availability

To access this option, head to the “Settings2 tab on a GitHub repository and under the “Security” option choose the “Code security and analysis” section. Here you can see the new code scanning setup tool, you just select “Set up” and choose “Default.”

“When you click on ‘Default,’ you’ll automatically see a tailored configuration summary based on the contents of the repository,” adds Chabbott. “This includes the languages detected in the repository, the query packs that will be used, and the events that will trigger scans. In the future, these options will be customizable.”

Chabbott points out the new default setup tool is only available for repositories using JavaScript, Python, or Ruby code. GitHub plans to expand the compatibility to more code languages through the year.

“We are working hard to make this experience available for all languages supported by the CodeQL analysis engine,” explains Chabbott. “We will continue rolling out support for new languages based on popularity and build complexity over the next six months.”

Tip of the day: File History is a Windows back up feature that saves each version of files in the Documents, Pictures, Videos, Desktop, and Offline OneDrive folders. Though its name implies a primary focus on version control, you can actually use it as a fully-fledged backup tool for your important documents.