CodeQL code scanning at Microsoft
Example code scanning workflow for the CodeQL action from the Microsoft Open Source repository.
Adversarial Robustness Toolbox (ART) CodeQL code scanning
Example code scanning workflow for the CodeQL action from the Trusted AI repository.
Exploring the dependencies of a repository
You can use the dependency graph to see the packages your project depends on. In addition, you can see any vulnerabilities detected in its dependencies.
Configuring notifications for vulnerable dependencies
Optimize how you receive notifications about Dependabot alerts.