1,881 Search results for "About code scanning alerts"
Code security / Code scanning / Create advanced setup /
Configuring advanced setup for code scanning with CodeQL at scale
You can use a script to configure advanced setup for code scanning for a specific group of repositories in your organization.
About enabling advanced setup
Code security / Code scanning /
Introduction to code scanning
Introduction to code scanning
Learn what code scanning is, how it helps you secure your code, and what code scanning tools are available.
About code scanning
Code security / Code scanning / Integrate with code scanning /
Uploading a SARIF file to GitHub
You can upload SARIF files generated outside GitHub and see code scanning alerts from third-party tools in your repository.
About SARIF file uploads for
Code security / Secret scanning /
Secret scanning patterns
Lists of supported secrets and the partners that GitHub works with to prevent fraudulent use of secrets that were committed accidentally.
About secret
Code security / Code scanning / Create advanced setup /
CodeQL code scanning for compiled languages
Understand how CodeQL analyzes compiled languages, the build options available, and learn how you can customize the database generation process if you
Code security / Getting started /
Auditing security alerts
GitHub provides a variety of tools you can use to audit and monitor actions taken in response to security alerts.
About security tools for auditors
GitHub
Code security / Dependabot / Dependabot alerts /
About Dependabot alerts
GitHub sends Dependabot alerts when we detect that your repository uses a vulnerable dependency.
Dependabot alerts tell you when your code depends on a
GitHub Issues / Issues /
Creating an issue
Issues can be created in a variety of ways, so you can choose the most convenient method for your workflow.
Issues can be used to keep track of bugs, enhancements
Code security / Secret scanning /
Secret scanning partner program
As a service provider, you can partner with GitHub to have your secret token formats secured through secret scanning, which searches for accidental commits
Code security / Dependabot / Dependabot alerts /
Configuring Dependabot alerts
Enable Dependabot alerts to be generated when a new vulnerable dependency is found in one of your repositories.
About Dependabot alerts for vulnerable