This version of GitHub Enterprise was discontinued on 2023-01-18. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.
Code security
Build security into your GitHub workflow with features to keep secrets and vulnerabilities out of your codebase, and to maintain your software supply chain.
Guides
View allCode examples
CodeQL code scanning at Microsoft
Example code scanning workflow for the CodeQL action from the Microsoft Open Source repository.
CodeQLCode scanningGitHub ActionsAdversarial Robustness Toolbox (ART) CodeQL code scanning
Example code scanning workflow for the CodeQL action from the Trusted AI repository.
CodeQLCode scanningGitHub ActionsMicrosoft security policy template
Example security policy
Security policyElectron security policy
Example security policy
Security policySecurity advisory for Rails
Security advisory published by Rails for CVE-2020-15169.
Security advisoryEnable Dependabot alerts and security updates automatically
Sample scripts for enabling Dependabot alerts and security updates across an entire organization.
DependabotAlertsSecurity updatesOrganizationScripts
Guides
Configuring Dependabot security updates
You can use Dependabot security updates or manual pull requests to easily update vulnerable dependencies.
Configuring Dependabot version updates
You can configure your repository so that Dependabot automatically updates the packages you use.
Configuring code scanning for a repository
You can configure code scanning for a repository to find security vulnerabilities in your code.
Securing your end-to-end supply chain
Introducing best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes.