Skip to main content
Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Enabling Code Scanning Failure Criteria

What is a failure criteria?

Code Scanning Failure Criteria are a feature of GitHub Advanced Security that allow you to define the conditions under which a pull request can be merged when new code scanning vulnerabilities are found. You can use failure criteria to prevent pull requests from being merged if they introduce new security vulnerabilities or increase the severity of existing vulnerabilities.

How do I enable failure criteria?

To enable failure criteria, an admin of the repository may navigate to the following tab in your repository:

Settings -> Code security and analysis

From there, you may enable failure criteria by selecting the dropdown in the “Pull request check failure” section and selecting “High or higher” in the “Security” section of the dropdown:

Your configuration should look like the following

Enabling failure criteria

Note: To remain compliant with VA policy, you must enable failure criteria at the “High or higher” level.