Skip to main content
CodeThreat appears as a required check on GitHub pull requests to gate insecure code.

How GitHub Checks Work

CodeThreat posts a check status on every pull request:
  • Success: No Critical/High severity violations
  • Failed: Security issues requiring attention
  • Pending: Scan in progress

Require Checks Before Merge

Prevent merging vulnerable code with branch protection:
1

Open Branch Settings

Repository → SettingsBranches → Select branch (e.g., main)
2

Require Status Checks

Enable Require status checks to pass before merging
3

Select CodeThreat

Search for and select CodeThreat Security Scan
4

Save

Click Save changes
Pull requests with failing security checks cannot be merged.

Configure Pass/Fail Criteria

Repository SettingsPull RequestsPass Criteria Choose what causes checks to fail:
  • Fail on Critical violations
  • Fail on High violations
  • Fail on Medium violations
  • Fail on Low violations
Start by failing only on Critical violations, then progressively tighten criteria as your security posture improves.

What’s Next?

PR Scanning

Configure PR security scanning

Automated Scanning

Set up automation