This version of GitHub Enterprise Server will be discontinued on 2025-08-27. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.
Security in GitHub Actions
Learn about security as a concept in GitHub Actions.
Secrets
Learn about secrets as they are used in GitHub Actions workflows.
GITHUB_TOKEN
Learn what GITHUB_TOKEN is, how it works, and why it matters for secure automation in GitHub Actions workflows.
OpenID Connect
OpenID Connect allows your workflows to exchange short-lived tokens directly from your cloud provider.
Script injections
Understand the security risks associated with script injections and GitHub Actions workflows.
Compromised runners
Understand the security risks associated with compromised GitHub Actions runners.