diff --git a/content/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning.md b/content/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning.md index 2c31d6f6c1..ca23b52546 100644 --- a/content/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning.md +++ b/content/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning.md @@ -43,7 +43,7 @@ After committing a suggested fix or modified fix, the developer should always ve ## Supported languages -{% data variables.product.prodname_code_scanning_caps %} autofix supports fix generation for a subset of queries included in the default query suite for JavaScript, TypeScript, Python, and Java. For more information on the default query suite, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites)." +{% data variables.product.prodname_code_scanning_caps %} autofix supports fix generation for a subset of queries included in the default query suite for JavaScript, TypeScript, Python, Java, and C#. For more information on the default query suite, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites)." ## Autofix generation process @@ -65,7 +65,7 @@ The process of generating fixes does not gather or utilize any customer data bey {% data variables.product.prodname_dotcom %} uses an automated test harness to continuously monitor the quality of autofix suggestions. This allows us to understand how the autofix suggestions generated by the LLM change as the model develops. -The test harness includes a set of over 1,400 alerts from a diverse set of public repositories where the highlighted code has test coverage. Autofix suggestions for these alerts are tested to see how good they are, that is, how much a developer would need to edit them before committing them to the codebase. For many of the test alerts, autofixes generated by the LLM could be committed as-is to fix the alert while continuing to successfully pass all the existing CI tests. +The test harness includes a set of over 1,870 alerts from a diverse set of public repositories where the highlighted code has test coverage. Autofix suggestions for these alerts are tested to see how good they are, that is, how much a developer would need to edit them before committing them to the codebase. For many of the test alerts, autofixes generated by the LLM could be committed as-is to fix the alert while continuing to successfully pass all the existing CI tests. In addition, the system is stress-tested to check for any potential harm (often referred to as red teaming), and a filtering system on the LLM helps prevent potentially harmful suggestions being displayed to users.