Finding security vulnerabilities and errors in your code with code scanning

Keep your code secure by using code scanning to identify and fix potential security vulnerabilities and other errors in your code.

Code scanning is available for all public repositories on GitHub.com. Code scanning is also available for private repositories owned by organizations that use GitHub Enterprise Cloud and have a license for GitHub Advanced Security. For more information, see "About GitHub Advanced Security."

Introduction to code scanning
- About code scanning
- About code scanning with CodeQL
Enabling code scanning
- Configuring default setup for code scanning
- Configuring default setup for code scanning at scale
Creating an advanced setup for for code scanning
Managing code scanning alerts
Managing your code scanning configuration
Integrating with code scanning
Using CodeQL code scanning with your existing CI system
Troubleshooting code scanning
Troubleshooting SARIF uploads