This version of GitHub Enterprise Server was discontinued on 2024-03-26. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.
Creating a workflow for code scanning
Create and customize a GitHub Actions workflow to control the analysis of your codebase.
Who can use this feature?
Code scanning is available for organization-owned repositories in GitHub Enterprise Server. This feature requires a license for GitHub Advanced Security. For more information, see "About GitHub Advanced Security."
Configuring code scanning
You can configure code scanning for a repository to find security vulnerabilities in your code.
Customizing code scanning
You can customize how GitHub scans the code in your project for vulnerabilities and errors.
CodeQL code scanning for compiled languages
Understand how CodeQL analyzes compiled languages, the build options available, and learn how you can customize the database generation process if you need to.
Configuring code scanning with CodeQL at scale
You can use a script to configure code scanning for a specific group of repositories in your organization.
Recommended hardware resources for running CodeQL
Recommended specifications (RAM, CPU cores, and disk) for running CodeQL analysis on self-hosted machines, based on the size of your codebase.
Running CodeQL code scanning in a container
You can run code scanning in a container by ensuring that all processes run in the same container.