Frequently Asked Questions

ScanFix is an AI-powered code analysis platform that helps developers identify bugs, security vulnerabilities, and performance issues before they reach production. We analyze your GitHub repositories and provide detailed reports with actionable recommendations.

ScanFix uses a 3-pass analysis pipeline: (1) Static Scan - pattern-based detection for common issues, (2) AI Analysis - DeepSeek AI analyzes your code across 15 categories, and (3) Validation - filters false positives using deterministic rules and AI validation.

Yes. Your repository is cloned temporarily to our secure analysis environment, analyzed, and then permanently deleted. We only retain the analysis findings and metrics—never your source code. All data is encrypted in transit and at rest.

Scan time varies based on repository size. Small repos (< 10K lines) typically complete in 5-15 minutes. Medium repos (10K-50K lines) take 15-45 minutes. Large repos (50K+ lines) can take 1-4 hours. You'll receive an email notification when your scan completes.

ScanFix offers comprehensive analysis across multiple levels: **Basic Scan (Static Analysis):** - Fast pattern-based detection - Identifies common security issues (SQL injection, XSS, hardcoded secrets) - Detects code quality issues and anti-patterns - Perfect for quick checks **In-Depth Scan (AI-Powered):** - Full analysis across 15 specialized categories - Security, Performance, Architecture, Logic Bugs, Scalability, and more - Context-aware analysis using DeepSeek AI - Understands your tech stack and frameworks - Provides detailed fix recommendations and cost estimates The in-depth scan includes validation passes to eliminate false positives, ensuring you only see real issues that matter.

ScanFix analyzes your code across: (1) Security - SQL injection, XSS, auth bypasses, (2) Performance - N+1 queries, memory leaks, (3) Code Quality - smells, complexity, (4) Architecture - coupling, SOLID violations, (5) Logic Bugs - edge cases, race conditions, (6) Scalability - database bottlenecks, (7) Infrastructure - config issues, (8) DevOps/CI/CD - pipeline security, (9) Observability - logging, error handling, (10) Cost Optimization - resource waste, (11) AI-Specific - prompt injection, (12) Dependency Health - outdated packages, (13) Data Layer - schema design, indexes, (14) API Design - REST violations, (15) Maintainability - tech debt.

All scans include both basic (static) and in-depth (AI-powered) analysis by default. This ensures comprehensive coverage while controlling costs. The static scan runs first to catch obvious issues quickly, then AI analysis provides deeper insights.

The free tier includes: 1 repository scan per month, full access to all 15 analysis categories, detailed findings with severity ratings, fix recommendations, and access to your analysis dashboard. Perfect for trying ScanFix or analyzing small projects.

Paid plans offer: unlimited repository scans, priority analysis queue (faster scans), advanced filtering and search, PDF report exports, team collaboration features, API access, and priority email support. Choose monthly or annual billing.

Yes! You can cancel your subscription at any time from your billing settings. Your plan remains active until the end of your current billing period, and you'll retain access to all your existing analysis reports.

ScanFix can analyze any GitHub repository you have access to—public or private. Simply connect your GitHub account and select the repositories you want to analyze. We support repos of all sizes, from small side projects to large enterprise codebases.

ScanFix supports all major programming languages including JavaScript/TypeScript, Python, Java, Go, Ruby, PHP, C#, and more. We automatically detect your tech stack (frameworks, databases, cloud services) and provide context-aware analysis tailored to your specific tools.

Go to Settings → GitHub Integration and click "Connect GitHub Account". You'll be redirected to GitHub to authorize ScanFix. We only request read access to your repositories—we never write or modify your code. You can disconnect anytime.

Yes! After connecting your GitHub account and granting repository access, you can scan any private repositories you choose. Your code remains private and is never shared or stored permanently.

Your report includes: (1) Overall confidence score (0-100), (2) Findings grouped by category and severity, (3) Each finding shows the issue, affected file/line, severity level, detailed description, and fix recommendation. Reports are organized by category tabs for easy navigation.

**CRITICAL** - Immediate security vulnerabilities or system-breaking bugs that must be fixed before launch. **HIGH** - Serious issues that will likely cause problems in production. **MEDIUM** - Important issues that should be addressed but won't immediately break the app. **LOW** - Code quality improvements and technical debt that can be addressed over time.

Yes! Paid plan users can export analysis reports as PDF documents. The PDF includes your confidence score, all findings with details, severity breakdown, and recommended fixes. Perfect for sharing with team members, investors, or stakeholders.

Email us at support@scanfix.ai for help with technical issues, account questions, or general inquiries. We typically respond within 24 hours on business days. Paid plan users receive priority support with faster response times.

ScanFix provides detailed fix recommendations and safe fix guidelines for every finding. For hands-on help with implementing fixes, we offer a Fix Request service where our developers can submit pull requests with tested fixes for your critical issues.

We love feedback! Email us at support@scanfix.ai with bug reports, feature requests, or suggestions. You can also check our roadmap and join discussions in our community (links in footer).