You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CodeQL and other static analysis tools tend to produce a higher volume of alerts than Dependabot, and sending out email notifications for all of them is probably not a good idea. However, it would make sense to allow a user to configure notifications for example for critical security alerts. I don't think that is currently possible, I'll let the product team know so they can consider this idea.
Unlike Dependabot, I don't appear to receive any email notifications for CodeQL.
CodeQL shows various warnings and security findings on individual repo pages. But neither of these results trigger followup emails.
This reduces the visibility of security alerts.
The text was updated successfully, but these errors were encountered: