Nota: Escaneo de código se encuentra acutalmente en beta y está sujeto a cambios. If your organization has an Advanced Security license, you can join the beta program.
Note: Your site administrator must enable escaneo de código for tu instancia de servidor de GitHub Enterprise before you can use this feature. For more information, see "Configuring escaneo de código for your appliance."
As an alternative to running escaneo de código within GitHub, you can perform analysis elsewhere and then upload the results. Alerts for escaneo de código that you run externally are displayed in the same way as those for escaneo de código that you run within GitHub. For more information, see "Managing escaneo de código alerts for your repository."
If you use a third-party static analysis tool that can produce results as Static Analysis Results Interchange Format (SARIF) 2.1.0 data, you can upload this to GitHub. For more information, see "Uploading a SARIF file to GitHub."
You can use escaneo de código webhooks to build or set up integrations, such as GitHub Apps or OAuth Apps, that subscribe to escaneo de código events in your repository. For example, you could build an integration that creates an issue on GitHub Enterprise or sends you a Slack notification when a new escaneo de código alert is added in your repository. For more information, see "Creating webhooks" and "Webhook events and payloads."