Skip to content

Code scanning shows the health of tools enabled on a repository

The new code scanning tool status page allows users to view the status of CodeQL and other code scanning tools.
The page shows all the tools that are enabled on the repository and provides information about their setup types, configurations, and any relevant failures or warnings. If a tool is not working as expected, this is a good place to start troubleshooting the issue.

You can visit the new tool status page by using the button at the top of the repository's Code Scanning page.


Statuses for the tool

The page indicates three possible statuses for the tool: all configurations are working, some need attention, and some are not working.

Code scanning needs to have received at least one analysis for the default branch to provide a tool status. Only the status of the default branch is reported.

The page shows the latest state of all analysis configurations for the tool. For instance, if you created two separate workflows to scan two distinct parts of the repository independently, the page displays the most recent state of the tool by combining the statuses of both.

The page structure

For each tool, the page provides actionable information about misconfigurations and errors, the number of scanned files per language, the setup types and configurations, the list of rules the tool checks against, and detailed CSV reports.


Error messages

To help you with debugging, the tool status page shows error messages gathered from multiple code scanning system components during tool setup and analysis execution. These include errors from CodeQL, code scanning workflows, SARIF upload limits, and the internal code scanning system.

Third party code scanning tools are not yet able to deliver tool related errors to the page. In the future, these tools will be able to submit error messages to code scanning via SARIF uploads.

Scanned files

A Scanned Files section shows the number of analysed files per language compared to the number of files in the repository.

The section helps you determine whether code scanning tools are operating correctly on your repository and only shows information about languages supported and analysed by the tool while ignoring languages that are present in the repository but are not supported or being analysed by the tool.

This section is not yet displayed for third party code scanning tools. In the future, third party tools will be able to submit error messages to code scanning via SARIF uploads.

Delivery dates

This has shipped to and will be available in GitHub Enterprise Server 3.9.

Learn more about code scanning and the tool status page.

Learn more about GitHub Advanced Security.

a11y contrast improvement

We improved the color contrast of our default light and dark themes on, making them accessible to all users. These changes were made to Primer, GitHub's Design System, as part of our commitment to making GitHub inclusive to all developers. Visit for more information.

The VS Code light and dark themes will also be updated to match these changes.

See more

Educators using GitHub Classroom can now optionally set a assignment deadline to be a "hard cutoff." If you use a cutoff date, students will lose write access to their assignment repositories after the cutoff date has passed.

You can grant individual students and groups extensions to allow them more time to submit an assignment.

The assignment dashboard view is now updated to better indicate whether a student has committed to their repository on-time (before the deadline), late (after the deadline), or both. You can easily filter the dashboard view on these states, and quickly click through to the latest on-time and late commits of a student's repository.

Addressing a big ask from students, they can now click a button in their assignment README to view the deadline of the assignment at any time.

Read more about creating a new assignment, extending a deadline, and students' ability to view their assignment's deadline.

See more