Integrating with code scanning
You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files.
Who can use this feature?
Code scanning is available for all public repositories on GitHub.com. To use code scanning in a private repository owned by an organization, you must have a license for GitHub Advanced Security. For more information, see "About GitHub Advanced Security."