随着软件开发复杂性的不断提升,代码中出现的安全漏洞也成为了众多企业和开发者的共同难题。为了解决这一问题,全球最大的代码托管和协作平台GitHub近日宣布,推出其代码扫描自动修复功能的首个测试版。这一功能旨在帮助开发者在编程过程中实时发现并自动修复安全漏洞,提升代码的安全性和质量。
GitHub的这项新功能结合了其人工智能助手GitHub Copilot的实时功能和公司的语义代码分析引擎CodeQL。Copilot自去年推出以来,便因其能够根据上下文自动补全代码的功能而备受开发者青睐。而CodeQL则是一个专门用于识别和分析代码中潜在安全问题的工具。
据GitHub公司透露,这一新系统可以修复其发现的三分之二以上的漏洞。这意味着,大多数情况下,开发人员无需亲自编辑任何代码,就可以解决潜在的安全风险。这对于那些追求高效和安全并重的软件开发团队来说,无疑是一个巨大的福音。
此外,GitHub承诺将不断优化和完善这一新功能,以确保其能够更好地满足开发者社区的需求。随着测试版的推出,GitHub也鼓励广大开发者参与进来,提供反馈和建议,共同推动这一技术的进步。
这一自动化代码漏洞修复工具的推出,标志着人工智能在软件开发领域的应用又向前迈进了一大步。它不仅能够提升开发效率,还能够帮助确保软件的安全性,对于推动整个软件行业的发展具有重要意义。
英文翻译内容:
Title: GitHub Launches Automated Code Vulnerability Fixing Tool
Keywords: Code Scanning, Autofixing, Security Vulnerabilities
News Content:
As the complexity of software development continues to increase, the issue of security vulnerabilities in code has become a common concern for many enterprises and developers. To address this problem, GitHub, the world’s largest platform for code hosting and collaboration, recently announced the launch of the first beta version of its automated code scanning and fixing feature. This feature is designed to help developers find and fix security vulnerabilities in real-time during the coding process, improving the security and quality of the code.
The new feature from GitHub combines the real-time capabilities of its AI assistant, GitHub Copilot, which has been well-received for its ability to automatically complete code based on context, with the company’s semantic code analysis engine, CodeQL. CodeQL is a tool specifically designed to identify and analyze potential security issues in code.
According to GitHub, this new system can fix over two-thirds of the vulnerabilities it detects. This means that in most cases, developers do not need to manually edit any code to address potential security risks. This is undoubtedly a boon for software development teams that strive for efficiency and safety.
Moreover, GitHub has promised to continuously optimize and improve this new feature to ensure that it meets the needs of the developer community. With the launch of the beta version, GitHub also encourages the wider developer community to participate, provide feedback, and contribute to the advancement of this technology.
The introduction of this automated code vulnerability fixing tool marks another significant step forward for AI in software development. It not only improves development efficiency but also helps ensure the security of software, which is significant for the development of the entire software industry.
【来源】https://www.msn.cn/zh-cn/news/other/github%E7%9A%84%E6%9C%80%E6%96%B0%E4%BA%BA%E5%B7%A5%E6%99%BA%E8%83%BD%E5%B7%A5%E5%85%B7%E5%8F%AF%E8%87%AA%E5%8A%A8%E4%BF%AE%E5%A4%8D%E4%BB%A3%E7%A0%81%E6%BC%8F%E6%B4%9E/ar-BB1kenoy
Views: 1