Note
GitHub Code Quality is currently in public preview and subject to change. During public preview, Code Quality will not be billed, although Code Quality scans will consume GitHub Actions minutes.
Prerequisites
- GitHub Actions must be enabled because Code Quality uses actions to run each CodeQL analysis.
- To get the full benefit of the feature, your repository should include one of the languages supported for quality analysis by CodeQL. See Supported languages.
Enabling Code Quality for a repository
-
On GitHub, navigate to the main page of the repository.
-
Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.
-
In the sidebar, under "Security", click Code quality to display the "Code quality" page.
-
Click Enable code quality.
Note
If Enable code quality is missing from this view, your enterprise owner has disabled the use of Code Security and Code Quality for your organization. See Allowing use of GitHub Code Quality in your enterprise.
-
Review the information on the Code quality page:
- Languages: If you want to disable CodeQL analysis for any of the languages, clear the associated check box.
- Runner type: If you want to use a different runner, choose Labeled runner and define the Runner label. See Using GitHub-hosted runners and Using labels with self-hosted runners.
-
Click Save changes to save your configuration for Code Quality.
Tip
If your organization has configured caching of private registries, these will be available for code quality analysis to use to resolve dependencies. See Giving security features access to private registries.
Next steps
- Learn about the code quality backlog for your repository. See Interpreting the code quality results for your repository.
- Find and fix code quality issues before they reach your default branch. See Fixing code quality findings before merging your pull request.