Posted On: Sep 13, 2021

Today, we are announcing the enhancement of security findings generated by CodeGuru Reviewer’s GitHub action by adding severity fields and CWE (Common Weakness Enumerations) tags. Customers can use these new features to sort, filter, and prioritize their backlog of security vulnerabilities within GitHub’s user interface.

Amazon CodeGuru Reviewer is a developer tool that analyzes your code and provides intelligent recommendations for improving your code’s quality and security. CodeGuru Reviewer recently launched a CI/CD experience for GitHub Actions which allows developers to receive security findings as a step within their GitHub CI workflows. The recommendations generated by CodeGuru Reviewer’s GitHub Action now have either a low, medium, high, or critical severity, in addition to a CWE tag, which allows customers to dive deeper into the ramifications of their findings and fix security vulnerabilities.

You can get started using the CodeGuru Reviewer’s GitHub Action by visiting the GitHub Marketplace page.

To learn more about CodeGuru Reviewer, take a look at the Amazon CodeGuru page. To contact the team visit the Amazon CodeGuru developer forum.