Finding security vulnerabilities and errors in your code with code scanning
Keep your code secure by using code scanning to identify and fix potential security vulnerabilities and other errors in your code.
Code scanning is available for all public repositories, and for private repositories owned by organizations where GitHub Advanced Security is enabled. For more information, see "About GitHub Advanced Security."
- Automatically scanning your code for vulnerabilities and errors
- About code scanning
- Triaging code scanning alerts in pull requests
- Setting up code scanning for a repository
- Managing code scanning alerts for your repository
- Tracking code scanning alerts in issues using task lists
- Configuring code scanning
- About code scanning with CodeQL
- Configuring the CodeQL workflow for compiled languages
- Troubleshooting the CodeQL workflow
- Running CodeQL code scanning in a container
- Viewing code scanning logs
- Using CodeQL code scanning with your existing CI system