Track progress on code scanning alerts with the new development section

We’ve created a new section in the code scanning alerts page called Development that tracks critical information for alerts such as affected branches, fixes, and associated pull requests. This helps you and your team stay informed about the progress of fixing alerts.

The new development section on the code scanning alert page

You can now easily answer important questions when investigating alerts:

  • If the alert is still present on a branch, is someone already working on fixing it?
  • If the alert has been fixed on a particular branch, what was the PR or commit that resolved it?

This update empowers teams to streamline their alert resolution process by offering visibility into where and how fixes are being applied.

Learn more about code scanning and Copilot Autofix for CodeQL code scanning.

GitHub now provides a warning about hidden Unicode text

A warning is now displayed when a file’s contents include hidden Unicode text on github.com. Such text can be interpreted differently than it appears in a user interface. For example, hidden Unicode characters can hide text in a file. This can cause code to appear one way and be interpreted another way, especially by AI.

Warning about the presence of hidden Unicode text.

To review a file for which this warning is displayed, open it in an editor that will display the hidden Unicode characters, like Visual Studio Code which highlights the characters by default. Then, verify that the characters are necessary and not disguising text that will be interpreted or compiled differently than it appears.

For more information, refer to Pillar Security: Rules File Backdoor and Hiding and Finding Text with Unicode Tags.

See more

Improved accessibility features in GitHub CLI

We’ve introduced new accessibility updates to the GitHub CLI, designed to make terminal workflows more inclusive for all developers. These improvements focus on:

  • Speech synthesis screen reader support: Enhanced prompting and progress indicators now provide better context and clarity for users relying on screen readers.
  • Color and contrast customization: Optimized color palettes ensure compatibility with terminal preferences, maintaining readability for users with low vision or colorblindness. Alignment with ANSI 4-bit color standards allows users to tailor their color usage to their needs.

These updates are available in public preview. To start using these features, run gh a11y.

To learn more, check out the GitHub CLI release notes for version 2.72.0.

Have any questions, feedback, or other comments? Share them in our community discussion post.

See more
View all changes