按产品浏览
Code security
Automatically scanning your code for vulnerabilities and errors
代码扫描 适用于所有公共仓库以及启用了 GitHub Advanced Security 的组织拥有的私有仓库。 更多信息请参阅“关于 GitHub Advanced Security”。
About code scanning→
You can use 代码扫描 to find security vulnerabilities and errors in the code for your project on GitHub.
Triaging code scanning alerts in pull requests→
When 代码扫描 identifies a problem in a pull request, you can review the highlighted code and resolve the alert.
Setting up code scanning for a repository→
You can set up 代码扫描 by adding a workflow to your repository.
Managing code scanning alerts for your repository→
From the security view, you can view, fix, dismiss, or delete alerts for potential vulnerabilities or errors in your project's code.
Configuring code scanning→
You can configure how GitHub scans the code in your project for vulnerabilities and errors.
About code scanning with CodeQL→
You can use CodeQL to identify vulnerabilities and errors in your code. The results are shown as 代码扫描 alerts in GitHub.
Configuring the CodeQL workflow for compiled languages→
You can configure how GitHub uses the CodeQL 分析工作流程 to scan code written in compiled languages for vulnerabilities and errors.
Troubleshooting the CodeQL workflow→
If you're having problems with 代码扫描, you can troubleshoot by using these tips for resolving issues.
Running CodeQL code scanning in a container→
You can run 代码扫描 in a container by ensuring that all processes run in the same container.
Viewing code scanning logs→
You can view the output generated during 代码扫描 analysis in GitHub.