GitHub ActionsでCode Scanningを実行脆弱性やエラーがリポジトリに無いようにデフォルトブランチとすべてのPull Requestをチェックしてください。開始パス
About code scanningYou can use code scanning to find security vulnerabilities and errors in the code for your project on GitHub.
Setting up code scanning for a repositoryYou can set up code scanning by adding a workflow to your repository.
Configuring code scanningYou can configure how GitHub scans the code in your project for vulnerabilities and errors.
Configuring the CodeQL workflow for compiled languagesYou can configure how GitHub uses the CodeQL分析ワークフロー to scan code written in compiled languages for vulnerabilities and errors.
Running CodeQL code scanning in a containerYou can run code scanning in a container by ensuring that all processes run in the same container.
Troubleshooting the CodeQL workflowIf you're having problems with code scanning, you can troubleshoot by using these tips for resolving issues.
GitHub security features
An overview of GitHub security features.
Securing your organization
You can use a number of GitHub features to help keep your organization secure.
Securing your repository
You can use a number of GitHub features to help keep your repository secure.
About secret scanning
GitHub Enterprise Server scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.
Configuring secret scanning for your repositories
You can configure how GitHub scans your repositories for secrets.
Managing alerts from secret scanning
You can view and close alerts for secrets checked in to your repository.
About code scanning
You can use code scanning to find security vulnerabilities and errors in the code for your project on GitHub.
Configuring code scanning
You can configure how GitHub scans the code in your project for vulnerabilities and errors.