Permissions for AI autodetect

To activate AI Code Autodetection, a SonarQube Server Instance Admin must first check that the feature is enabled.

Then, a DevOps platform administrator must set the correct permission level in your AI-powered web service. For specific instructions in your DevOps platform, please refer to the applicable section below.

GitHub Copilot Business

When a SonarQube Server administrator activates Autodetect AI code for a instance of SonarQube Server, GitHub Copilot Business app administrators must enable the GitHub integration. Check Step 2: Enable your GitHub integration, for the complete details. Once enabling the integration in GitHub, the GitHub Copilot Business app administrator will receive an will receive an email notification to confirm the SonarQube App’s permission request.

With access to your GitHub Copilot Business App, SonarQube Server can evaluate users’ GitHub Copilot usage and code contribution patterns to identify potential AI-generated code. If there is a match in user data, SonarQube Server will display the AI code detected status on the project’s Overview and Project Information pages. The GitHub organization connected to Copilot should match the organization bound to SonarQube Server.

SonarQube Server does not retroactively check older code from previous commits. In addition, projects that have the applied by a quality standards admin will be excluded from automatic AI code detection. See the Labeling projects with AI code article for details.

Related pages

• Overview of AI capabilities

• Learn about AI Code Assurance

• See also Enable AI CodeFix to get AI-generated fix suggestions