Skip to main content

In PR Detection

Our Github integration allows you to automaticlaly scan PRs after each push.

Summary

On opening a PR you will see a Security Summary comment that list all issues introduced and/or remediated by this PR. Security Summary In this summary you will find a table of vulnerabilities with the following information:
  • Severity
  • ID of the rule
  • Name of the rule
  • Filepath
  • Line
You can click on the rule id to open our vulnerability database or on the line to see the snippet of code that triggered the rule.
Summary Table

Review

If you want to know more about a specific issue you can launch a review using the command /symbot review <vuln-id> posted as a PR comment. It will create a review comment on the code snippet that triggered the issue with the following information:
  • Rule explanation
  • Potential impact
  • Tailored remediation suggestion
Review Comment

Chat

If you have any questions, you can ask directly our model by answering in the comment and tagging /symbot. Chat Comment

In PR Activation

Our Github integration allows you to push the usage of our extension using an automatic comment. On a regular basis, we will remind developers that havent scan the branch thay are working in their IDE that they can use our extension to detect issues earlier. Activation Comment
I