Default setup now includes scheduled scans and supports all languages covered by CodeQL
We’ve added new improvements to default setup, including automatically scheduling scans on repositories and support for all CodeQL covered languages.
This year, we’ve made a number of improvements focused on simplifying the enablement process for code scanning. We started back in January with the release of default setup, which allows you to automatically enable code scanning on a repository in just a few clicks.
We then gave you the ability to rapidly scale code scanning through multi-repository enablement, allowing you to use default setup on groups of repositories or your entire organization at once. Now, we’re giving you even more flexibility in how you can use default setup, whether it’s at the org level or just on your own personal repository.
Default setup will now automatically set up scheduled scans, and we’ve expanded language coverage to all CodeQL supported languages.
Scheduled scanning keeps you continuously secure
Scheduled scans have always been a feature of code scanning, allowing scans to be run automatically on a fixed schedule. This helps continuously keep your repositories secure by helping you find and fix any new vulnerabilities that are introduced on a regular cadence. Default setup will now automatically schedule scans on a weekly basis, ensuring you’re seeing accurate and up-to-date alerts on your repositories.
Default setup now supports all CodeQL supported languages
CodeQL natively supports C, C++, JavaScript, TypeScript, Python, Ruby, Go, Kotlin/Java, Swift, and C#. Now, you can use the default setup on any repository using a CodeQL supported language. If a language fails, it will be automatically deselected from the configuration. The analysis and any alerts from the successful languages will be available.
This will ensure that default setup uses the best configuration for your repository, no matter what language(s) you’re using. With auto-deselecting you’ll have peace of mind, knowing that default setup can troubleshoot itself if any issues are encountered during the setup process. Default setup will also automatically evolve its configuration to include any new languages you add to your repository. If the new language fails, the previous configuration will be resumed, without you having to prompt it.
Learn more about GitHub security solutions
GitHub is committed to helping build safer and more secure software without compromising on the developer experience. To learn more or enable GitHub’s security features in repositories, check out the getting started guide.
Tags:
Written by
Related posts
Racing into 2025 with new GitHub Innovation Graph data
Discover the latest trends and insights on public software development activity on GitHub with the quarterly release of data for the Innovation Graph, updated through December 2024.
GitHub Availability Report: March 2025
In March, we experienced one incident that resulted in degraded performance across GitHub services.
Vibe coding with GitHub Copilot: Agent mode and MCP support rolling out to all VS Code users
In celebration of MSFT’s 50th anniversary, we’re rolling out Agent Mode with MCP support to all VS Code users. We are also announcing the new GitHub Copilot Pro+ plan w/ premium requests, the general availability of models from Anthropic, Google, and OpenAI, next edit suggestions for code completions & the Copilot code review agent.