此版本的 GitHub Enterprise 已停止服务 2022-06-03. 即使针对重大安全问题,也不会发布补丁。 要获得更好的性能、改进的安全性和新功能,请升级到 GitHub Enterprise 的最新版本。 如需升级方面的帮助,请联系 GitHub Enterprise 支持。
Code security guides
了解 GitHub Enterprise Server 可以帮助您提高代� �安全性的不同方式。
- 1概览
About code scanning
You can use 代� �扫描 to find security vulnerabilities and errors in the code for your project on GitHub. - 2操作方法指南
Setting up code scanning for a repository
You can set up 代� �扫描 by adding a workflow to your repository. - 3操作方法指南
Configuring code scanning
You can configure how GitHub scans the code in your project for vulnerabilities and errors. - 4操作方法指南
Configuring the CodeQL workflow for compiled languages
You can configure how GitHub uses the CodeQL 分析工作流程 to scan code written in compiled languages for vulnerabilities and errors. - 5操作方法指南
在容器中运行 CodeQL 代� �扫描
通过确保所有进程都在同一容器中运行,您可以在容器中运行 代� �扫描。 - 6操作方法指南
Troubleshooting the CodeQL workflow
If you're having problems with 代� �扫描, you can troubleshoot by using these tips for resolving issues.
Code security learning paths
Get notifications for insecure dependencies
Set up Dependabot to alert you to new vulnerabilities in your dependencies.
All Code security guides
添� 安全政策到仓库
操作方法指南您可以为仓库添� 安全政策,说明如何报告项目中的安全漏洞。
- Security policies
- Vulnerabilities
- Repositories
- Health
GitHub security features
概览An overview of GitHub security features.
- Repositories
- Dependencies
- Vulnerabilities
- Advanced Security
Securing your organization
操作方法指南You can use a number of GitHub features to help keep your organization secure.
- Organizations
- Dependencies
- Vulnerabilities
- Advanced Security
Securing your repository
操作方法指南You can use a number of GitHub features to help keep your repository secure.
- Repositories
- Dependencies
- Vulnerabilities
- Advanced Security
About secret scanning
概览GitHub Enterprise Server scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.
- Secret scanning
- Advanced Security
配置仓库的密� �扫描
操作方法指南您可以配置 GitHub 如何扫描存储库以查找与高级安全模式匹配的机密。
- Secret scanning
- Advanced Security
- Repositories
管理来自密� �扫描的警报
操作方法指南您可以查看并关闭已检入仓库的密� �的警报。
- Secret scanning
- Advanced Security
- Alerts
- Repositories
Secret scanning patterns
参考Lists of supported secrets and the partners that GitHub works with to prevent fraudulent use of secrets that were committed accidentally.
- Secret scanning
- Advanced Security
About code scanning
概览You can use 代� �扫描 to find security vulnerabilities and errors in the code for your project on GitHub.
- Advanced Security
- Code scanning