Integrating with code scanning
You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files.
Code scanning is available for all public repositories. Code scanning is also available in private repositories owned by organizations that use GitHub Enterprise Cloud and have a license for GitHub Advanced Security. For more information, see "About GitHub Advanced Security."