We have improved the metrics for CodeQL pull request alerts and Copilot autofixes on the security overview dashboard. This change enables you to gain a better understanding of how Copilot Autofix contributes to the remediation of security alerts and helps improve your organization’s security posture.

Screenshot of report showing CodeQL pull request alerts and Copilot autofixes on the security overview dashboard

These updates ensure you have more precise insights into the number of security alerts identified in pull requests, whether these alerts are being resolved, and how Copilot Autofix helps developers with remediation.

Important notes:

  • These changes will not retroactively affect dashboard numbers. Updated metrics will only reflect data starting from the time of this announcement.
  • As of today, the data is still scoped to pull requests that are opened against the repository’s default branch. In the future, we’ll start including data from pull requests against other branches. Depending on your teams’ branching strategy, this could further improve visibility into security alerts and Copilot’s automatic remediation suggestions.

This update is now generally available on GitHub Enterprise Cloud and will be included in GHES 3.18.

Learn more by checking out our security overview documentation and our code scanning documentation.