Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
532b078
Add `model` to custom agent config docs (#60011)
belaltaher8 Mar 9, 2026
977934e
Sync secret scanning data (#60105)
docs-bot Mar 10, 2026
39d0b77
[EDI] Enabling delegated bypass for push protection (#60089)
mchammer01 Mar 10, 2026
f8b6f07
[EDI] Reviewing requests to bypass push protection (#60091)
mchammer01 Mar 10, 2026
8ac7cd9
Add "Example schema for Copilot usage metrics" reference article (#60…
sophietheking Mar 10, 2026
582d431
Delete orphaned files (2026-03-09-16-39) (#60104)
docs-bot Mar 10, 2026
ab2f4f2
Delete orphaned features (2026-03-09-16-41) (#60108)
docs-bot Mar 10, 2026
0c6cc0b
Update audit log event data (#60106)
docs-bot Mar 10, 2026
03d3b6c
docs: update copilot-cli content from source docs (#60107)
docs-bot Mar 10, 2026
92d6c0c
Add content linter rule for curly quotes in frontmatter (GHD034) (#60…
heiskr Mar 10, 2026
09438af
[EDI] Viewing metrics for pull request alerts + push protection (#60113)
sabrowning1 Mar 10, 2026
aa17a0e
Merge pull request #43292 from github/repo-sync
docs-bot Mar 10, 2026
2029096
[EDI] Push protection for users (#59319)
sabrowning1 Mar 10, 2026
2c92c49
Expose document type for articles in API (#60109)
jennysharps Mar 10, 2026
ef1b934
Remove model field from dependabot-triage-agent (default to claude-so…
heiskr Mar 10, 2026
6d236d5
GraphQL schema update (#60132)
docs-bot Mar 10, 2026
e22f157
Patch release notes for GitHub Enterprise Server (#60081)
release-controller[bot] Mar 10, 2026
221c825
Bump liquidjs from 10.24.0 to 10.25.0 in the npm_and_yarn group acros…
dependabot[bot] Mar 10, 2026
4154a54
Merge pull request #43294 from github/repo-sync
docs-bot Mar 10, 2026
492ec50
Copilot CLI: Add list of supported models (#60115)
sunbrye Mar 10, 2026
8ddbd40
Fix event validation rejections (#60142)
heiskr Mar 10, 2026
e3d5c0c
Update copilot-matrix.yml with support statuses (#59888)
anandmeg Mar 10, 2026
30e613a
Merge pull request #43297 from github/repo-sync
docs-bot Mar 10, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .github/aw/actions-lock.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"version": "v8",
"sha": "ed597411d8f924073f98dfc5c65a23a2325f34cd"
},
"github/gh-aw/actions/setup@v0.57.0": {
"github/gh-aw/actions/setup@v0.57.1": {
"repo": "github/gh-aw/actions/setup",
"version": "v0.57.0",
"sha": "902845080df391b1f71845fcd7c303dfc0ac90b3"
"version": "v0.57.1",
"sha": "36e5751f7c3d40ec9df8f44c0252b7bfabfc4dd6"
}
}
}
26 changes: 13 additions & 13 deletions .github/workflows/dependabot-triage-agent.lock.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion .github/workflows/dependabot-triage-agent.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ permissions:
timeout-minutes: 90
engine:
id: copilot
model: claude-opus-4.6
env:
COPILOT_GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_COPILOT }}
tools:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
title: Publicizing or hiding organization membership
intro: Show avatars for organizations where youre an organization member.
intro: Show avatars for organizations where you're an organization member.
redirect_from:
- /articles/publicizing-or-concealing-organization-membership
- /articles/publicizing-or-hiding-organization-membership
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: Metadata syntax reference
shortTitle: Metadata syntax
intro: You can create actions to perform tasks in your repository. If youre making a custom action, it will require a metadata file that uses YAML syntax.
intro: You can create actions to perform tasks in your repository. If you're making a custom action, it will require a metadata file that uses YAML syntax.
redirect_from:
- /articles/metadata-syntax-for-github-actions
- /github/automating-your-workflow-with-github-actions/metadata-syntax-for-github-actions
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ With a {% data variables.copilot.copilot_enterprise %} license, you can also ask

{% ifversion security-overview-org-codeql-pr-alerts %}

For {% data variables.product.prodname_code_scanning %} alerts from {% data variables.product.prodname_codeql %} analysis, you can use security overview to see how {% data variables.product.prodname_codeql %} is performing in pull requests in repositories across your organization, and to identify repositories where you may need to take action. For more information, see [AUTOTITLE](/code-security/security-overview/viewing-metrics-for-pull-request-alerts).
For {% data variables.product.prodname_code_scanning %} alerts from {% data variables.product.prodname_codeql %} analysis, you can use security overview to see how {% data variables.product.prodname_codeql %} is performing in pull requests in repositories across your organization, and to identify repositories where you may need to take action. For more information, see [AUTOTITLE](/code-security/concepts/code-scanning/pull-request-alert-metrics).

{% endif %}

Expand Down
1 change: 1 addition & 0 deletions content/code-security/concepts/code-scanning/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,4 +23,5 @@ children:
- /multi-repository-variant-analysis
- /codeql
- /tool-status-page
- /pull-request-alert-metrics
---
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
---
title: CodeQL pull request alert metrics
shortTitle: Pull request alert metrics
intro: Understand {% data variables.product.prodname_codeql %}'s performance in pull requests across your organizations.
permissions: '{% data reusables.permissions.security-overview %}'
product: '{% data reusables.gated-features.security-overview-fpt-cs-only %}'
topics:
- Security overview
- Code Security
- Code scanning
- CodeQL
- Organizations
- Teams
contentType: concepts
versions:
feature: security-overview-org-codeql-pr-alerts
---

## Overview

The metrics overview for {% data variables.product.prodname_codeql %} pull request alerts on security overview helps you understand how well {% data variables.product.prodname_codeql %} is preventing vulnerabilities in pull requests in your organization or across organizations in your enterprise. You can view the entire dataset or filter for specific criteria, making it easy to identify repositories where you may need to take action to find and reduce security risks.

## Available metrics

The overview shows you a summary of how many vulnerabilities prevented by {% data variables.product.prodname_codeql %} have been caught in pull requests. The metrics are only tracked for pull requests that have been merged into the default branches of repositories in your organizations.

You can also find more granular metrics, such as how many alerts were fixed{% ifversion code-scanning-autofix %} with and without {% data variables.copilot.copilot_autofix_short %} suggestions{% endif %}, how many were unresolved and merged, and how many were dismissed as false positive or risk accepted.

You can also view:

* The rules that are causing the most alerts, and how many alerts each rule is associated with.

* The number of alerts that were merged into the default branch without resolution, and the number of alerts dismissed as an acceptable risk.

{% ifversion code-scanning-autofix %}
* The number of alerts that were fixed with an accepted {% data variables.copilot.copilot_autofix_short %} suggestion, displayed as a fraction of how many total {% data variables.copilot.copilot_autofix_short %} suggestions were available.

* Remediation rates, in a graph showing the percentage of alerts that were remediated with an available {% data variables.copilot.copilot_autofix_short %} suggestion, and the percentage of alerts that were remediated without a {% data variables.copilot.copilot_autofix_short %} suggestion.

* Mean time to remediate, in a graph showing the average age of closed alerts that were remediated with an available {% data variables.copilot.copilot_autofix_short %} suggestion, and the average age of closed alerts that were remediated without a {% data variables.copilot.copilot_autofix_short %} suggestion.
{% endif %}

{% ifversion code-scanning-autofix %}
> [!NOTE] Metrics for {% data variables.copilot.copilot_autofix_short %} will be shown only for repositories where {% data variables.copilot.copilot_autofix_short %} is enabled.
{% else %}
> [!NOTE] Metrics for {% data variables.copilot.copilot_autofix_short %} are omitted because {% data variables.copilot.copilot_autofix_short %} is available only on {% data variables.product.github %} cloud platforms.
{% endif %}

## Visibility

You can see {% data variables.product.prodname_code_scanning %} metrics for a repository if you have:

* The `admin` role for the repository
* A custom repository role with the "View {% data variables.product.prodname_code_scanning %} alerts" fine-grained permissions for the repository
* Access to alerts for the repository

## Next steps

To find your pull request alert metrics, see [AUTOTITLE](/code-security/how-tos/view-and-interpret-data/analyze-organization-data/viewing-metrics-for-pull-request-alerts).
Loading