Global SCA Settings
Configure organization-wide SCA defaults that apply to all repositories. Per-repo settings override these defaults when customized.
How Inheritance Works
CodeStax uses a 3-tier cascade for SCA settings:
| Priority | Source | Description |
|---|---|---|
| 1 (highest) | Per-repo override | Settings configured on a specific repository |
| 2 | Org default | Global settings set by the org admin |
| 3 (lowest) | Platform default | Built-in CodeStax defaults |
When a repo has no custom setting for a field, it inherits from the org default. If no org default is set, the platform default applies.
Configuring Global Defaults
- Navigate to Dashboard → SCA → Global Settings
- Select a settings category (tab)
- Configure the desired defaults
- Click Save
Changes apply immediately to all repos that haven’t overridden that specific setting.
Settings Categories
Scan Exclusions
Default paths and file extensions to exclude from SCA scans across all repos.
Jira Integration
Default Jira project key, auto-create behavior, and minimum severity for ticket creation.
Email Notifications
Default recipients and triggers for scan completion and vulnerability alerts.
Scan Schedule
Default scan frequency (Daily, Weekly, Monthly) and cron expression for automated scans.
Auto-Update Policy
Default merge strategy for dependency updates (patch/minor/major auto-merge toggles).
Security Thresholds
- Notification threshold — Minimum severity to send alerts (default: High)
- CI/CD blocking threshold — Minimum severity to fail merge checks (default: Critical)
Per-Repo Overrides
When viewing a repository’s SCA settings, each field shows its source:
- Org Default (blue badge) — Value inherited from global settings
- Custom (green badge) — Value overridden for this specific repo
- Default (gray badge) — Using platform default (no org or repo config)
Overriding a Setting
Simply change the value in the repo’s Settings tab. It automatically becomes a per-repo override.
Resetting to Org Default
- Click the reset icon (↺) next to any “Custom” field to remove the override
- Click Reset All to Org Defaults to clear all per-repo overrides at once
API Reference
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/sca/global-settings | Get org SCA defaults |
| PUT | /api/sca/global-settings | Update org defaults (partial) |
| DELETE | /api/sca/global-settings/{field} | Reset a field to platform default |
| GET | /api/sca/settings/{repo_id}/effective | Get merged settings with sources |
| POST | /api/sca/settings/{repo_id}/reset | Reset all repo overrides |
| POST | /api/sca/settings/{repo_id}/reset/{field} | Reset single repo field |
Permissions
- View global settings: ORG_ADMIN, ORG_OWNER
- Edit global settings: ORG_ADMIN, ORG_OWNER
- View per-repo effective settings: All members
- Override per-repo settings: ORG_ADMIN, ORG_OWNER