Why aren't Code Scanning alerts included in Security Alert Notifications? #126102
Unanswered
gf13579
asked this question in
Code Security
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Watching Repos for Security Alerts
When you subscribe to Security Alert notifications for a repo you're notified of new vulnerable dependency alerts and - I believe - Secret Scanning alerts, but not Code Scanning alerts. Why not include Code Scanning alerts?
Suggestions
Surely Code Scanning alerts are just as relevant to someone explicitly choosing to opt into notifications for Security Alerts?
Related - it would great to be able to opt into these notifications at an Organization or Enterprise level rather than only have the WebHook mechanism for being alerted to new Code Scanning alerts. Having to opt-in to Security Notifications on a per-repo basis is painful.
Beta Was this translation helpful? Give feedback.
All reactions