About code scanning→
You can use code scanning to find security vulnerabilities and errors in the code for your project on GitHub.
Triaging code scanning alerts in pull requests→
When code scanning identifies a problem in a pull request, you can review the highlighted code and resolve the alert.
Setting up code scanning for a repository→
You can set up code scanning by adding a workflow to your repository.
Managing code scanning alerts for your repository→
From the security view, you can view, fix, dismiss, or delete alerts for potential vulnerabilities or errors in your project's code.
Configuring code scanning→
You can configure how GitHub scans the code in your project for vulnerabilities and errors.
Configuring the CodeQL workflow for compiled languages→
You can configure how GitHub uses the CodeQL analysis workflow to scan code written in compiled languages for vulnerabilities and errors.
Troubleshooting the CodeQL workflow→
If you're having problems with code scanning, you can troubleshoot by using these tips for resolving issues.
Running CodeQL code scanning in a container→
You can run code scanning in a container by ensuring that all processes run in the same container.



