GitHub has launched a new feature called Copilot Autofix, designed to enhance its GitHub Advanced Security (GHAS) service by automatically identifying and suggesting fixes for code vulnerabilities.
On August 14, GitHub officially rolled out Copilot Autofix, which evaluates vulnerabilities in code, clarifies their implications, and provides actionable code suggestions for developers. This tool aims to expedite the process of addressing security issues.
For GitHub Enterprise Cloud subscribers, Copilot Autofix is now included in their GHAS package, with the feature activated by default in the code scanning settings. Starting in September, the service will also be available at no cost for pull requests in open-source projects.
During its public beta phase, which began in March, GitHub observed that developers leveraging Copilot Autofix resolved code vulnerabilities over three times faster than those who did so manually. This highlights the potential of AI tools like Copilot Autofix to streamline and enhance software development. The tool can generate fixes for various vulnerability types, including SQL injection and cross-site scripting, allowing developers to accept, modify, or implement these suggestions in their pull requests.