PR Scan

PR scans run when you open a pull request and post results directly to the PR. They’re designed for daily development workflows: catch issues before they merge.

Prerequisites

The SecAlly GitHub App is installed for your organization.
The repository is toggled Monitored in SecAlly (see Onboarding.)

Triggering a PR scan

Open a pull request in a monitored repository.
SecAlly creates a GitHub check run and starts analysis.
Results appear as a PR review with a summary and inline comments.

PR scan results posted as a GitHub review

What gets scanned

PR scans focus on the PR diff and prioritize newly introduced security-relevant changes. For broader coverage, request a Full scan.

Troubleshooting

No scan activity: confirm the repository is Monitored in SecAlly.
No check run or comments: confirm the SecAlly GitHub App still has access to the repository in GitHub.

Getting Started

Scans

Billing

Prerequisites

Triggering a PR scan

What gets scanned

Troubleshooting

Getting Started

Scans

Billing

​Prerequisites

​Triggering a PR scan

​What gets scanned

​Troubleshooting

Prerequisites

Triggering a PR scan

What gets scanned

Troubleshooting