Code scanning can now be enabled on repositories before they contain CodeQL supported languages

Code scanning can now be enabled on repositories even if they don’t contain any code written in the languages currently supported by CodeQL. Default setup will automatically trigger the first scan when a supported language is detected on the default branch. This means users can now enable code scanning using default setup, for example on empty repositories, and have confidence that they will be automatically protected in the future when the languages in the repository change to include supported languages.

This also takes effect from the organization level so you can bulk-enable code scanning on repositories without CodeQL supported languages.

Enabled on repo without supported languages

This change is now on GitHub.com and will be available in GitHub Enterprise Server 3.13. For more information, see “About code scanning default setup.”

Support tickets created for GitHub Enterprise are assigned a priority based on the circumstances and impact of the issue.

Enterprise members with support entitlements were able to suggest the initial priority of a support ticket when contacting GitHub Support. To ensure that support requests are handled in order, and according to their circumstances and impact, GitHub Support will set the initial priority of all support tickets.

See more

If you’re using starter workflows to prepare the build and release steps for your Java projects that use Gradle, these projects will now have more comprehensive dependency graph information in GitHub. The Gradle starter workflows have been updated to automatically submit transitive dependencies to GitHub, improving the quality of dependency graph data and Dependabot updates for these apps.

Learn more about the action these starter workflows use by checking out the Build with Gradle action on the GitHub Marketplace. Thank you Gradle for making these updates!

Join the discussion within GitHub Community.

See more