Skip to main content
GitHub Docs
All products
代码安全
入门
GitHub 安全功能
Secure your repository
Secure your organization
Add a security policy
Adopting GHAS at scale
简介
1. Align on strategy
2. 准备工作
3. Pilot programs
4. Create internal documentation
5. Rollout code scanning
6. Rollout secret scanning
机密扫描
关于机密扫描
Configure secret scans
Define custom patterns
Manage secret alerts
机密扫描模式
Enable push protection
Push a blocked branch
代码扫描
Scan code automatically
关于代码扫描
关于代码扫描警报
Triage alerts in pull requests
配置代码扫描
管理警报
Customize code scanning
Code scanning with CodeQL
Hardware resources for CodeQL
Configure compiled languages
Troubleshoot CodeQL workflow
容器中的 Code scanning
View code scanning logs
与代码扫描集成
About integration
Upload a SARIF file
SARIF support
使用 CodeQL CLI
About the CodeQL CLI
Getting started
Creating CodeQL databases
Extractor options
Analyzing databases
Using custom queries with the CodeQL CLI
Creating CodeQL query suites
Testing query help files
Specifying command options in a CodeQL configuration file
CodeQL CLI 参考
Query reference files
CodeQL CLI SARIF output
Exit codes
Use CodeQL in CI system
Code scanning in your CI
Install CodeQL CLI
Configure CodeQL CLI
Run CodeQL runner
Migrating from the CodeQL runner
安全通知
Global security advisories
关于 GitHub 公告数据库
关于全局安全公告
Browse Advisory Database
Edit Advisory Database
Supply chain security
Understand your supply chain
Supply chain security
Dependency graph
Configure dependency graph
依赖项检查
Configure dependency review
Explore dependencies
Troubleshoot dependency graph
端到端供应链
概述
Securing accounts
Securing code
Securing builds
Dependabot
Dependabot 警报
Dependabot 警报
Configure Dependabot alerts
View Dependabot alerts
配置通知
Dependabot 安全更新
Dependabot 安全更新
Configure security updates
Dependabot version updates
Dependabot version updates
Configure version updates
List configured dependencies
Customize updates
Configure dependabot.yml
Work with Dependabot
Manage Dependabot PRs
Use Dependabot with Actions
Auto-update actions
管理加密的机密
Troubleshoot vulnerability detection
排查错误
安全概述
关于安全性概述
View the security overview
Filtering the security overview
代码安全指南
We publish frequent updates to our documentation, and translation of this page may still be in progress. For the most current information, please visit the
English documentation
.
代码安全
/
Supply chain security
Enterprise Server 3.5
简体中文
Search GitHub Docs
GitHub Docs
代码安全
/
Supply chain security
Code security
Get started
Account and profile
Authentication
Repositories
Enterprise administrators
Billing and payments
Site policy
Organizations
Code security
Pull requests
GitHub Issues
GitHub Actions
GitHub Copilot
GitHub Codespaces
GitHub Packages
Search on GitHub
Developers
REST API
GraphQL API
GitHub CLI
GitHub Discussions
GitHub Sponsors
Building communities
GitHub Pages
Education
GitHub Desktop
GitHub Support
Electron
CodeQL
npm
Enterprise Server 3.5
Free, Pro, & Team
Enterprise Cloud
Enterprise Server 3.7
Enterprise Server 3.6
Enterprise Server 3.5
Enterprise Server 3.4
Enterprise Server 3.3
GitHub AE
All Enterprise Server releases
About versions
简体中文
English
简体中文
Español
Português do Brasil
Русский
日本語
Français
Deutsch
한국어
Search GitHub Docs
保护软件供应链
可视化、维护和保护软件供应链中的依赖项。
了解您的软件供应链
关于供应链安全性
关于依赖关系图
配置依赖项关系图
关于依赖项评审
配置依赖项审查
探索仓库的依赖项
依赖关系图疑难排解
端到端供应链
保护端到端供应链
确保帐户安全的最佳做法
保护供应链中的代码的最佳做法
保护生成系统的最佳做法