Skip to Content
FeaturesEmail Notifications

Email Notifications

CodeStax sends email notifications to keep your team informed about security findings, scan completions, and account events.

Email Types

CodeStax sends 14 types of email notifications:

Security & Scan Events

Email TypeTriggerDefault
Critical Finding AlertA critical-severity vulnerability is foundEnabled
Scan CompletedA scan finishes successfullyEnabled
Scan FailedA scan encounters an errorEnabled

Digest & Usage

Email TypeTriggerDefault
Weekly DigestWeekly summary of findings across all reposEnabled
Usage Limit WarningAn account is approaching a plan usage limitEnabled

Account & Team Events

Email TypeTriggerDefault
Email VerificationA new account needs to confirm its email addressEnabled
WelcomeA new account has been createdEnabled
Password ResetA password reset is requestedEnabled
Password ChangedAn account password is changedEnabled
Team InvitationYou are invited to join an organizationEnabled
Invitation AcceptedAn invited member accepts and joinsEnabled
Plan ChangedOrganization plan is changedEnabled
Account DeactivatedAn account is deactivatedEnabled
Account ReactivatedA previously deactivated account is reactivatedEnabled

Configuration

Per-User Preferences

Each user can configure their notification preferences:

  1. Go to Settings → Notifications
  2. Toggle each email type on or off
  3. Click Save

Some transactional emails (such as email verification and password reset) are essential to account security and access and are sent regardless of preference.

Organization-Level Policies

Organization admins can set notification policies that apply to all members:

  1. Go to Settings → Policies → Notifications
  2. Set which notifications are force-enabled for all members
  3. Set notification recipients for security alerts (additional emails beyond the triggering user)

Per-Repository Overrides

Override notification settings for specific repositories:

  1. Go to Repository Settings → Notifications
  2. Toggle notifications for that repo only
  3. Add additional recipients specific to that repository

Email Delivery

Reliability

  • Emails are queued and retried automatically on failure with exponential backoff
  • Failed deliveries are logged and visible in Settings → Email Logs (admin only)

Email Content

Security Alert Emails Include:

  • Finding severity and type
  • Affected file and line number
  • Repository name and branch
  • Direct link to the finding in the dashboard
  • Recommended fix summary

Digest Emails Include:

  • Summary counts by severity
  • Top 5 new findings since last digest
  • DORA metric snapshot
  • Link to the full dashboard

Unsubscribing

Every email includes an unsubscribe link in the footer. Clicking it disables that specific email type for your account. You can re-enable it anytime from Settings → Notifications.