製品で調べる
Code security
Automatically scanning your code for vulnerabilities and errors
You can find vulnerabilities and errors in your project's code on GitHub, as well as view, triage, understand, and resolve the related code scanning alerts.
Code scanningは、Organizationが所有するGitHub Advanced Securityが有効化されたすべてのパブリック及びプライベートリポジトリで利用できます。 詳しい情報については、「GitHub Advanced Security について」を参照してください。
About code scanning→
You can use code scanning to find security vulnerabilities and errors in the code for your project on GitHub.
Triaging code scanning alerts in pull requests→
When code scanning identifies a problem in a pull request, you can review the highlighted code and resolve the alert.
Setting up code scanning for a repository→
You can set up code scanning by adding a workflow to your repository.
Managing code scanning alerts for your repository→
From the security view, you can view, fix, dismiss, or delete alerts for potential vulnerabilities or errors in your project's code.
Configuring code scanning→
You can configure how GitHub scans the code in your project for vulnerabilities and errors.
About code scanning with CodeQL→
You can use CodeQL to identify vulnerabilities and errors in your code. The results are shown as code scanning alerts in GitHub.
Configuring the CodeQL workflow for compiled languages→
You can configure how GitHub uses the CodeQL分析ワークフロー to scan code written in compiled languages for vulnerabilities and errors.
Troubleshooting the CodeQL workflow→
If you're having problems with code scanning, you can troubleshoot by using these tips for resolving issues.
Running CodeQL code scanning in a container→
You can run code scanning in a container by ensuring that all processes run in the same container.
Viewing code scanning logs→
You can view the output generated during code scanning analysis in GitHub.
これらのドキュメントを素晴らしいものにするのを手伝ってください!
GitHubのすべてのドキュメントはオープンソースです。間違っていたり、はっきりしないところがありましたか?Pull Requestをお送りください。
コントリビューションを行う