About CodeQL code scanning in your CI system

You can analyze your code with CodeQL in a third-party continuous integration system and upload the results to your enterprise. The resulting code scanning alerts are shown alongside any alerts generated within GitHub AE.

Code scanning is available as part of GitHub Advanced Security, which is free during the beta release. For more information, see "About GitHub Advanced Security."

Note: Code scanning is currently in beta and subject to change.

About CodeQL code scanning in your CI system

Code scanning is a feature that you use to analyze the code in a GitHub repository to find security vulnerabilities and coding errors. Any problems identified by the analysis are shown in GitHub AE. For information, see "About code scanning with CodeQL."

You can run CodeQL code scanning within GitHub AE using GitHub Actions. Alternatively, if you use a third-party continuous integration or continuous delivery/deployment (CI/CD) system, you can run CodeQL analysis in your existing system and upload the results to your enterprise.

Did this doc help you?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.