Multi-repository enablement: effortlessly scale code scanning across your repositories

In January, GitHub launched the default setup for code scanning, a feature that simplifies the process of enabling code scanning on repositories without needing a .yaml workflow file. This feature has been well-received, with nearly half of new code scanning implementations adopting it and 96% of users continuing its use. Recent enhancements to the default setup include multi-repository enablement, allowing users to apply security features across selected groups of repositories with ease, and an API for programmatic enablement. The multi-repository enablement provides granular control, enabling users to filter repositories by attributes and exclude specific ones from code scanning. An "Enable all" option is also available for applying code scanning across all eligible repositories, using the latest starter workflow configuration. Improvements at the repository level include extended query suites for broader alert coverage and the ability to use the API for setup customization. Future enhancements will focus on supporting additional languages and customization options, as part of GitHub's commitment to enhancing software security while maintaining a positive developer experience.