Concepts for security and code quality
Learn core concepts for GitHub's security and code quality features.
- Concepts for secret security, 1 of 6
- Secret leakage risks, 1 of 15
- Secret scanning, 2 of 15
- Push protection, 3 of 15
- Secret security with GitHub, 4 of 15
- About secret scanning alerts, 5 of 15
- Custom patterns, 6 of 15
- Validity checks, 7 of 15
- Delegated bypass for push protection, 8 of 15
- Bypass requests for push protection, 9 of 15
- Secret scanning for partners, 10 of 15
- GitHub secret types, 11 of 15
- Secret scanning push protection metrics, 12 of 15
- Push protection from the command line, 13 of 15
- Working with push protection and the GitHub MCP server, 14 of 15
- Working with push protection from the REST API, 15 of 15
- Concepts for code scanning, 2 of 6
- Code scanning, 1 of 14
- Code scanning alerts, 2 of 14
- Code security risk assessment, 3 of 14
- About Copilot Autofix for code scanning, 4 of 14
- About setup types for code scanning, 5 of 14
- Integration with code scanning, 6 of 14
- About SARIF files for code scanning, 7 of 14
- Code scanning alert tracking using issues, 8 of 14
- Code scanning merge protection, 9 of 14
- Multi-repository variant analysis, 10 of 14
- Concepts for CodeQL, 11 of 14
- About the tool status page, 12 of 14
- CodeQL pull request alert metrics, 13 of 14
- Repository properties for code scanning, 14 of 14
- Supply chain security, 3 of 6
- Supply chain security, 1 of 20
- About open source license compliance, 2 of 20
- Best practices for maintaining dependencies, 3 of 20
- Dependency graph, 4 of 20
- How the dependency graph recognizes dependencies, 5 of 20
- Dependency review, 6 of 20
- Dependabot alerts, 7 of 20
- Dependabot malware alerts, 8 of 20
- Metrics for Dependabot alerts, 9 of 20
- Dependabot security updates, 10 of 20
- Dependabot version updates, 11 of 20
- Dependabot pull requests, 12 of 20
- Multi-ecosystem updates, 13 of 20
- About the dependabot.yml file, 14 of 20
- Automatic Dependabot access to GitHub-hosted registries, 15 of 20
- Dependabot auto-triage rules, 16 of 20
- Dependabot on GitHub Actions runners, 17 of 20
- Dependabot job logs, 18 of 20
- Immutable releases, 19 of 20
- About linked artifacts, 20 of 20
- About GitHub Code Quality, 4 of 6
- Concepts for vulnerability reporting and management, 5 of 6
- Concepts for security at scale, 6 of 6