How GitHub Checks Work
CodeThreat posts a check status on every pull request:- ✅ Success: No Critical/High severity violations
- ❌ Failed: Security issues requiring attention
- ⏳ Pending: Scan in progress
Require Checks Before Merge
Prevent merging vulnerable code with branch protection:1
Open Branch Settings
Repository → Settings → Branches → Select branch (e.g.,
main)2
Require Status Checks
Enable Require status checks to pass before merging
3
Select CodeThreat
Search for and select CodeThreat Security Scan
4
Save
Click Save changes
Pull requests with failing security checks cannot be merged.
Configure Pass/Fail Criteria
Repository Settings → Pull Requests → Pass Criteria Choose what causes checks to fail:- Fail on Critical violations
- Fail on High violations
- Fail on Medium violations
- Fail on Low violations