Skip to main content
GitHub Docs
Version:
Free, Pro, & Team
Search GitHub Docs
Code security
/
Getting started
All products
Code security
Getting started
GitHub security features
Secure your repository
Secure your organization
Add a security policy
Audit security alerts
Secret scanning
About secret scanning
Partner program
Configure secret scans
Manage secret alerts
Secret scanning patterns
Troubleshoot secret scanning
Code scanning
Scan code automatically
About code scanning
About code scanning alerts
Triage alerts in pull requests
Configure code scanning
Manage alerts
Track alerts in issues
Customize code scanning
Code scanning with CodeQL
Hardware resources for CodeQL
Configure compiled languages
Troubleshoot default setup
Troubleshoot advanced setup
Code scanning in a container
View code scanning logs
Integrate with code scanning
About integration
Upload a SARIF file
SARIF support
Use CodeQL in CI system
Code scanning in your CI
Install CodeQL CLI
Configure CodeQL CLI
Migrating from the CodeQL runner
CodeQL CLI
Using the CodeQL CLI
About the CodeQL CLI
Getting started
Creating CodeQL databases
Extractor options
Analyzing databases
Using custom queries with the CodeQL CLI
Creating CodeQL query suites
Testing custom queries
Testing query help files
Creating and working with CodeQL packs
Publishing and using CodeQL packs
Specifying command options in a CodeQL configuration file
CodeQL CLI reference
About CodeQL packs
About CodeQL workspaces
Query reference files
CodeQL CLI SARIF output
Exit codes
Security advisories
Global security advisories
About the GitHub Advisory database
About global security advisories
Browse Advisory Database
Edit Advisory Database
Repository security advisories
About repository security advisories
Permission levels
Configure for a repository
Configure for an organization
Create repository advisories
Edit repository advisories
Temporary private forks
Publish repository advisories
Add collaborators
Remove collaborators
Withdraw repository advisories
Guidance on reporting and writing
Coordinated disclosure
Best practices
Privately reporting
Manage vulnerability reports
Supply chain security
Understand your supply chain
Supply chain security
Dependency graph
Configure dependency graph
Dependency submission API
Dependency review
Configure dependency review
Explore dependencies
Troubleshoot dependency graph
End-to-end supply chain
Overview
Securing accounts
Securing code
Securing builds
Dependabot
Dependabot alerts
Dependabot alerts
Configure Dependabot alerts
View Dependabot alerts
Configure notifications
Dependabot security updates
Dependabot security updates
Configure security updates
Dependabot version updates
Dependabot version updates
Configure version updates
List configured dependencies
Customize updates
Configure dependabot.yml
Work with Dependabot
Manage Dependabot PRs
Use Dependabot with Actions
Auto-update actions
Configure access to private registries
Remove access to public registries
Troubleshoot vulnerability detection
Troubleshoot errors
Security overview
About the security overview
Guides for code security
Code security
/
Getting started
Getting started with code security
Introduction to code security with GitHub.
GitHub security features
Securing your repository
Securing your organization
Adding a security policy to your repository
Auditing security alerts