Securing your software supply chain
GitHub security features
Dependabot quickstart
Secure repository quickstart
Add a security policy
Audit security alerts
Prevent data leaks
About organization security
Choose security configuration
Apply recommended configuration
Configure global settings
Create custom configuration
Apply custom configuration
Interpret security data
Filter repositories
Edit custom configuration
Manage GHAS licenses
Detach security configuration
Delete custom configuration
Active advanced setup
Not enough GHAS licenses
Secret scanning
Push protection
Secret scanning for partners
Supported patterns
Enable secret scanning
Enable push protection
About alerts
View alerts
Evaluate alerts
Resolve alerts
Monitor alerts
Push protection for users
Push protection on the command line
Push protection from the REST API
Push protection in the GitHub UI
Exclude folders and files
Generic secret detection
Generate regular expressions with AI
Troubleshoot secret scanning
Partner program
About code scanning
About CodeQL code scanning
Configure code scanning
Evaluate code scanning
Code scanning at scale
Configure advanced setup
Customize advanced setup
CodeQL for compiled languages
CodeQL advanced setup at scale
Hardware resources for CodeQL
Code scanning in a container
About code scanning alerts
Copilot Autofix for code scanning
Disable Copilot Autofix
Assess alerts
Resolve alerts
Triage alerts in pull requests
Track alerts in issues
Code scanning tool status
Edit default setup
Set merge protection
CodeQL query suites
Configure larger runners
View code scanning logs
C and C++ CodeQL queries
C# CodeQL queries
Go CodeQL queries
Java and Kotlin CodeQL queries
JavaScript and TypeScript queries
Python CodeQL queries
Ruby CodeQL queries
Swift CodeQL queries
About integration
Using code scanning with your existing CI system
Upload a SARIF file
SARIF support
Advanced Security must be enabled
Alerts in generated code
Analysis takes too long
Automatic build failed
C# compiler failing
Cannot enable CodeQL in a private repository
Enabling default setup takes too long
Extraction errors in the database
Fewer lines scanned than expected
Logs not detailed enough
No source code seen during build
Not recognized
Out of disk or memory
Resource not accessible
Results different than expected
Server error
Some languages not analyzed
Two CodeQL workflows
Unclear what triggered a workflow
Unnecessary step found
Kotlin detected in no build
GitHub Advanced Security disabled
Default setup is enabled
GitHub token missing
SARIF file invalid
Results file too large
Results exceed limits
About the CodeQL CLI
Setting up the CodeQL CLI
Preparing code for analysis
Analyzing code
Uploading results to GitHub
Customizing analysis
Advanced setup of the CodeQL CLI
About CodeQL workspaces
Using custom queries with the CodeQL CLI
Creating CodeQL query suites
Testing custom queries
Testing query help files
Creating and working with CodeQL packs
Publishing and using CodeQL packs
Specifying command options in a CodeQL configuration file
Query reference files
CodeQL CLI SARIF output
CodeQL CLI CSV output
Extractor options
Exit codes
bqrs decode
bqrs diff
bqrs hash
bqrs info
bqrs interpret
database add-diagnostic
database analyze
database bundle
database cleanup
database create
database export-diagnostics
database finalize
database import
database index-files
database init
database interpret-results
database print-baseline
database run-queries
database trace-command
database unbundle
database upgrade
dataset check
dataset cleanup
dataset import
dataset measure
dataset upgrade
diagnostic add
diagnostic export
execute cli-server
execute language-server
execute queries
execute query-server
execute query-server2
execute upgrades
generate extensible-predicate-metadata
generate log-summary
generate query-help
github merge-results
github upload-results
pack add
pack bundle
pack ci
pack create
pack download
pack init
pack install
pack ls
pack packlist
pack publish
pack resolve-dependencies
pack upgrade
query compile
query decompile
query format
query run
resolve database
resolve extensions
resolve extensions-by-pack
resolve extractor
resolve files
resolve languages
resolve library-path
resolve metadata
resolve ml-models
resolve packs
resolve qlpacks
resolve qlref
resolve queries
resolve ram
resolve tests
resolve upgrades
test accept
test extract
test run
version
About the extension
Extension installation
Manage CodeQL databases
Run CodeQL queries
Explore data flow
Queries at scale
CodeQL model editor
Custom query creation
Manage CodeQL packs
Explore code structure
Test CodeQL queries
Customize settings
CodeQL workspace setup
CodeQL CLI access
Telemetry
Access logs
Problem with controller repository
About the GitHub Advisory database
About global security advisories
Browse Advisory Database
Edit Advisory Database
About repository security advisories
Permission levels
Configure for a repository
Configure for an organization
Create repository advisories
Edit repository advisories
Evaluate repository security
Temporary private forks
Publish repository advisories
Add collaborators
Remove collaborators
Delete repository advisories
Coordinated disclosure
Best practices
Privately reporting
Manage vulnerability reports
Supply chain security
Dependency graph
Dependency graph ecosystem support
Configure dependency graph
Automatic dependency submission
Export dependencies as SBOM
Dependency submission API
Dependency review
Configure dependency review
Customize dependency review
Enforce dependency review
Explore dependencies
Troubleshoot dependency graph
Overview
Securing accounts
Securing code
Securing builds
Dependabot ecosystem support
Dependabot alerts
Configure Dependabot alerts
View Dependabot alerts
Configure notifications
About auto-triage rules
GitHub preset rules
Custom auto-triage rules
Manage auto-dismissed alerts
Dependabot security updates
Configure security updates
Dependabot version updates
Configure version updates
List configured dependencies
Customize updates
Configure dependabot.yml
Manage Dependabot PRs
About Dependabot on Actions
Manage Dependabot on self-hosted runners
Use Dependabot with Actions
Auto-update actions
Configure access to private registries
Guidance for configuring private registries
Remove access to public registries
Viewing Dependabot logs
Troubleshoot vulnerability detection
Troubleshoot errors
Troubleshoot Dependabot on Actions
About security overview
Visualize, maintain, and secure the dependencies in your software supply chain.