Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Reviewing pull request annotations in GitHub and Azure DevOps is crucial for maintaining code quality and security. This process helps identify and resolve potential issues early in the development cycle, ensuring that the codebase remains robust and secure.
Resolve security issues in GitHub
To resolve security issues in GitHub:
Navigate through the page and locate an affected file with an annotation.
Follow the remediation steps in the annotation. If you choose not to remediate the annotation, select Dismiss alert.
Select a reason to dismiss:
- Won't fix - The alert is noted but won't be fixed.
- False positive - The alert isn't valid.
- Used in tests - The alert isn't in the production code.
Resolve security issues in Azure DevOps
After configuring the scanner, you can view all detected issues.
To resolve security issues in Azure DevOps:
Sign in to the Azure DevOps.
Navigate to Pull requests.
On the Overview, or files page, locate an affected line with an annotation.
Follow the remediation steps in the annotation.
Select Active to change the status of the annotation and access the dropdown menu.
Select an action to take:
- Active - The default status for new annotations.
- Pending - The finding is being worked on.
- Resolved - The finding is addressed.
- Won't fix - The finding is noted but won't be fixed.
- Closed - The discussion in this annotation is closed.
DevOps security in Defender for Cloud reactivates an annotation if the security issue isn't fixed in a new iteration.
Learn more
Learn more about DevOps security in Defender for Cloud.
Learn how to Discover misconfigurations in Infrastructure as Code.