Source: This demo uses npm/promise-spawn, a real-world npm package with genuine CodeQL security alerts.
This repository demonstrates Copilot Autofix capabilities for security campaigns. The alerts you'll see are real vulnerabilities detected by CodeQL in production code — not synthetic examples.
 Andrew Eisenberg @aeisenberg |
 Nick Fyson @nickfyson |
 Chris Smowton @smowton |
 Sunakshi Zutshi @zutshisunakshi |