Skip to content

Incremental CodeQL analysis reduces scan times during Pull Requests [GA] #1113

New issue
New issue
Open
Open
Incremental CodeQL analysis reduces scan times during Pull Requests [GA]#1113
Labels
EnterpriseProduct SKU: GitHub EnterpriseFreeProduct SKU: GitHub FreeTeamProduct SKU: GitHub TeamgaFeature phase: Generally available
@glider-bot

Description

@glider-bot
glider-bot
opened on Mar 20, 2025

Value Prop

CodeQL is the static analysis engine that powers GitHub’s code scanning capabilities. In Pull Requests, it can pinpoint potential vulnerabilities and deliver detailed insights alongside automated remediation suggestions through Copilot Autofix. With this update, CodeQL queries focus exclusively on newly introduced code rather than rescanning the entire codebase, streamlining the analysis process.

Expected Outcome

Developers receive faster feedback during Pull Requests, reducing the time needed to identify and fix emerging vulnerabilities. This speed enhancement maintains the same quality of results on the Pull Requests page while accelerating the remediation process, enabling teams to secure their code more efficiently without compromising on thoroughness.

Metadata

Metadata

Assignees

No one assigned

    Labels

    EnterpriseProduct SKU: GitHub EnterpriseFreeProduct SKU: GitHub FreeTeamProduct SKU: GitHub TeamgaFeature phase: Generally available

    Type

    No type

    Projects

    GitHub Public Roadmap

    Status

    Q2 2025 – Apr-Jun

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions