您可以在 GitHub 上查找项目代码中的漏洞和错误。
代码扫描 is available in public repositories, and in public and private repositories owned by organizations with a license for Advanced Security. For more information, see "GitHub's products."
About code scanning→
You can use 代码扫描 to find security vulnerabilities and errors in the code for your project on GitHub.
Triaging code scanning alerts in pull requests→
When 代码扫描 identifies a problem in a pull request, you can review the highlighted code and resolve the alert.
Enabling code scanning for a repository→
You can enable 代码扫描 for your project's repository.
Managing code scanning alerts for your repository→
Configuring code scanning→
You can configure how GitHub scans the code in your project for vulnerabilities and errors.
为编译语言配置 CodeQL 工作流程→
您可以配置 GitHub 如何使用 CodeQL 分析工作流程 扫描用编译语言编写的代码以查找漏洞和错误。
Troubleshooting the CodeQL workflow→
If you're having problems with 代码扫描, you can troubleshoot by using these tips for resolving issues.
Running CodeQL code scanning in a container→
You can run 代码扫描 in a container by ensuring that all processes run in the same container.