Code security guides
了解 GitHub Enterprise Server 可以帮助您提高代码安全性的不同方式。
- 1概览
About code scanning
You can use 代码扫描 to find security vulnerabilities and errors in the code for your project on GitHub. - 2操作方法指南
Setting up code scanning for a repository
You can set up 代码扫描 by adding a workflow to your repository. - 3操作方法指南
Configuring code scanning
You can configure how GitHub scans the code in your project for vulnerabilities and errors. - 4操作方法指南
Configuring the CodeQL workflow for compiled languages
You can configure how GitHub uses the CodeQL 分析工作流程 to scan code written in compiled languages for vulnerabilities and errors. - 5操作方法指南
在容器中运行 CodeQL 代码扫描
通过确保所有进程都在同一容器中运行,您可以在容器中运行 代码扫描。 - 6操作方法指南
Troubleshooting the CodeQL workflow
If you're having problems with 代码扫描, you can troubleshoot by using these tips for resolving issues.
Code security learning paths
学习路径是一系列帮助您掌握特定主题的指南。
Get notifications for insecure dependencies
Set up Dependabot to alert you to new vulnerabilities in your dependencies.
All Code security guides
找到 50 个指南
添加安全政策到仓库
操作方法指南您可以为仓库添加安全政策,说明如何报告项目中的安全漏洞。
- Security policies
- Vulnerabilities
- Repositories
- Health
GitHub security features
概览An overview of GitHub security features.
- Repositories
- Dependencies
- Vulnerabilities
- Advanced Security
Securing your organization
操作方法指南You can use a number of GitHub features to help keep your organization secure.
- Organizations
- Dependencies
- Vulnerabilities
- Advanced Security
Securing your repository
操作方法指南You can use a number of GitHub features to help keep your repository secure.
- Repositories
- Dependencies
- Vulnerabilities
- Advanced Security
About secret scanning
概览GitHub Enterprise Server scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.
- Secret scanning
- Advanced Security
配置仓库的密码扫描
操作方法指南您可以配置 GitHub 如何扫描存储库以查找与高级安全模式匹配的机密。
- Secret scanning
- Advanced Security
- Repositories
定义密钥扫描的自定义模式
操作方法指南您可以扩展 > - 秘密扫描 以检测默认模式之外的机密。
- Advanced Security
- Secret scanning
管理来自密码扫描的警报
操作方法指南您可以查看并关闭已检入仓库的密码的警报。
- Secret scanning
- Advanced Security
- Alerts
- Repositories
Secret scanning patterns
参考Lists of supported secrets and the partners that GitHub works with to prevent fraudulent use of secrets that were committed accidentally.
- Secret scanning
- Advanced Security