This version of GitHub Enterprise Server was discontinued on 2024-01-04. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.
Code security documentation
Build security into your GitHub workflow with features to keep secrets and vulnerabilities out of your codebase, and to maintain your software supply chain.
Start here
Popular
Configuring Dependabot security updates
You can use Dependabot security updates or manual pull requests to easily update vulnerable dependencies.
Configuring Dependabot version updates
You can configure your repository so that Dependabot automatically updates the packages you use.
Configuring code scanning
You can configure code scanning for a repository to find security vulnerabilities in your code.
Securing your end-to-end supply chain
Introducing best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes.