Skip to main content

Scan Scheduling

Set up automated, recurring scans for your repositories to keep your security analysis up-to-date.

Overview

Scan scheduling allows you to automatically re-scan your repositories on a regular schedule. This ensures that you catch new vulnerabilities and code quality issues as your codebase evolves without having to manually submit a scan each time.

note

Scan scheduling is available for Git repositories and webstore URLs submitted by URL only. Manually uploaded browser extensions do not support scheduled scans.

Supported Frequency Options

RepoRisk supports the following scan frequency options:

FrequencyIntervalUse Case
WeeklyEvery 7 daysActive development, frequent code changes
MonthlyEvery 30 daysRegular maintenance, moderate development pace
QuarterlyEvery 91 days (approximately 3 months)Lower-risk projects, quarterly reviews
Every 6 MonthsEvery 182 daysStable projects with infrequent updates
AnnuallyEvery 365 daysMaintenance mode, legacy projects

Setting Up Scheduled Scans

You can enable scan scheduling during repository submission or later from the Scan Schedule page.

Method 1: Enable Scheduling During Repository Submission

  1. Navigate to Submit Repository
  2. Enter your Git repository URL (or webstore URL) and select a branch
  3. Look for the Schedule recurring re-scans option
  4. Toggle it on to enable scheduling
  5. Configure your scan schedule:
    • Frequency — Select from: Weekly, Monthly (default), Quarterly, Every 6 Months, or Annually
    • Recipient Emails — Enter email addresses to receive alerts when the repository's grade changes
  6. Click "Start Analysis" — Your repository will be submitted with the schedule enabled

Method 2: Configure Scheduling After Submission

  1. Navigate to a repository's Scan Schedule page
  2. Configure your schedule:
    • Frequency (Weekly, Monthly, Quarterly, Every 6 Months, Annually)
    • Recipient email addresses for grade change alerts
  3. Click "Save Schedule" to apply your changes

Managing Your Scheduled Scans

Viewing Scheduled Scans

To view or modify a repository's schedule:

  1. Navigate to the repository's Scan Schedule page
  2. You'll see the current schedule configuration and status

Modifying a Schedule

To change the frequency or notification settings:

  1. Go to the Scan Schedule page
  2. Update the settings you want to change:
    • Scan Frequency — Select a new interval
    • Recipient Emails — Add, remove, or update email addresses for alerts
  3. Click "Save Schedule" to apply the changes

Disabling a Schedule

To stop automatic scans for a repository:

  1. Go to the Scan Schedule page
  2. Click the "Deactivate" button
  3. Confirm the action if prompted

You can re-enable the schedule at any time from the same page.

How Scheduled Scans Work

Scan Execution

  • Scheduled scans automatically run at the configured frequency
  • Scans use the same branch you selected when setting up the schedule
  • If the branch has been deleted or renamed, the next scan will fail
  • Scan results appear in your Scan History like manual scans

Email Notifications (Optional)

When you enable alerts on a schedule, you can receive emails when the repository's risk grade changes. Email notifications are optional. You can specify multiple recipient email addresses.

To disable notifications:

  • Leave the Recipient Email Addresses field empty or do not provide any email addresses

Schedule Status

The scan schedule page shows:

  • Status — Whether the schedule is Active or Inactive
  • Frequency — The current scan interval
  • Next Scan — When the next scheduled scan is expected to run
  • Last Triggered — When the schedule last triggered a scan

Plan Limits and Considerations

Assessment Limits by Plan

Each plan includes a certain number of repository assessments per month:

Tier 1 (All-Inclusive): $99/month

  • 10 assessments/month
  • Up to 200k LOC per repository
  • Additional assessments: $10 each

Tier 1 (BYOK): $50/month

  • 10 assessments/month
  • Up to 500k-750k LOC per repository
  • Additional assessments: $5 each

Tier 2 (All-Inclusive): $299/month

  • 30 assessments/month
  • Up to 500k-750k LOC per repository
  • Includes scheduled scans
  • Additional assessments: $10 each

Tier 2 (BYOK): $150/month

  • 30 assessments/month
  • Up to 2M LOC per repository
  • Additional assessments: $5 each

Tier 3 (All-Inclusive): $799/month

  • 100 assessments/month
  • 2M LOC practical limit per repository
  • Multi-client support
  • Additional assessments: $8 each

Tier 3 (BYOK): $400/month

  • 100 assessments/month
  • "Fair use" limit per repository
  • API access
  • Additional assessments: $2 each

Lines of Code (LOC) Surcharges

If a repository exceeds your plan's base LOC limit, additional surcharges apply:

All-Inclusive LOC Surcharges (above plan's base cap):

  • 200k–500k LOC: $15 per repo
  • 500k–1M LOC: $35 per repo
  • 1M–2M LOC: $75 per repo

  • 2M LOC: Contact us for custom pricing

BYOK LOC Surcharges (above plan's base cap):

  • 500k–1M LOC: $10 per repo
  • 1M–2M LOC: $25 per repo
  • 2M–4M LOC: $60 per repo

  • 4M LOC: Contact us for custom pricing

Repository Type Support

  • Git repositories (public): Fully supported with scheduled scans
  • Webstore URLs (Chrome, Edge, Firefox): Supported with scheduled scans
  • Manually uploaded extensions: Not compatible with scheduled scans

Troubleshooting

Scheduled Scan Not Running

If a scheduled scan didn't run at the expected time:

  1. Go to the Scan Schedule page for the repository
  2. Verify the schedule is Active
  3. Check the Next Scan date
  4. Verify the repository branch still exists and is accessible
  5. Check your Scan History for any recent failed scans

If the issue persists, contact Support.

Scheduled Scan Failed

If a scheduled scan fails:

  1. Go to Scan History for the repository
  2. Click on the failed scan to view details
  3. Common causes and solutions:
    • Branch not found — The selected branch was deleted or renamed
    • Repository access error — The repository is no longer accessible
    • Network timeout — Temporary connectivity issue; scans will retry automatically

Contact Support if scans continue to fail.

Notification Emails Not Being Received

If you're not receiving schedule notification emails:

  1. Verify your Recipient Email Addresses are correct on the Scan Schedule page
  2. Check your spam or junk folder for emails from RepoRisk
  3. Check that your notification email addresses are valid and haven't bounced

Contact Support if emails still aren't arriving.

Cannot Schedule Scans on This Repository

If scheduling isn't available:

  1. Scheduling is only available for Git repositories and webstore URLs submitted by URL
  2. Manually uploaded browser extensions cannot be scheduled
  3. To enable scheduled rescans, submit via a webstore URL instead
  4. See Submit a Repository for instructions

Next Steps