Integrating with code scanning
You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files.
Code scanning is available for all public repositories, and for private repositories owned by organizations where GitHub Advanced Security is enabled. For more information, see "About GitHub Advanced Security."