Improvements to the code scanning and GitHub Advanced Security APIs

We've shipped a couple of changes to our APIs:

  • The code scanning API now returns the CodeQL query version used for an analysis. This can be used to reproduce results or confirm that an analysis used the latest query.
  • Admin users can now use the REST API to enable or disable GitHub Advanced Security for repositories using the security_and_analysis object on repos/:org/:repo. In addition, admin users can check whether Advanced Security is currently enabled for a repository by using a GET /repos/{owner}/{repo} request. These changes help you manage Advanced Security repository access at scale. For more information, see the repos REST API documentation.

A dark high contrast theme, with greater contrast between foreground and background elements, is now available to all github.com users as a public beta. Opt-in to the beta by enabling the theme in your Feature Preview settings, located in the profile menu dropdown. Once the Feature Preview has been enabled, navigate to the "Appearance" page in your profile settings to choose the dark high contrast theme.

Please note, you may notice color issues with other themes when in this beta. If they are disruptive you can opt-out by disabling in Feature Preview.

Share feedback

Animated image of switching between dark default theme and dark high contrast on the appearance settings page

See more

Code scanning with CodeQL now generates diagnostic information for all supported languages.

Before analyzing your code, CodeQL first creates a CodeQL database containing all of the important information about your codebase. This database is then analyzed by executing CodeQL queries against it.

The new diagnostic information includes important information to help learn more about the CodeQL analysis.

Diagnostic information includes:

  • Lines of code in your codebase (as a baseline)
  • Lines of code in the CodeQL database extracted from your code
  • Lines of code in the CodeQL database excluding auto-generated files and external libraries
  • Number of files successfully analyzed
  • Number of files that generate extractor errors and warnings during database creation

You can see the detailed diagnostic information in GitHub CodeQL Actions Logs.

CodeQL Action Log

You also can view Lines of code in your codebase and Lines of code in the CodeQL database by going to the Security tab and selecting Code scanning alerts.

Code scanning CodeQL security tab

Diagnostic information queries are available in CodeQL CLI 2.5.6 and later. The CodeQL bundle includes both the CodeQL CLI and a compatible set of queries.

See more