Concepts for security and code quality
Learn core concepts for GitHub's security and code quality features.
- Concepts for secret security, 1 of 6
- Secret leakage risks, 1 of 16
- Secret scanning, 2 of 16
- Public monitoring for secret scanning, 3 of 16
- Push protection, 4 of 16
- Secret security with GitHub, 5 of 16
- About secret scanning alerts, 6 of 16
- Custom patterns, 7 of 16
- Validity checks, 8 of 16
- Delegated bypass for push protection, 9 of 16
- Bypass requests for push protection, 10 of 16
- Secret scanning for partners, 11 of 16
- GitHub secret types, 12 of 16
- Secret scanning push protection metrics, 13 of 16
- Push protection from the command line, 14 of 16
- Working with push protection and the GitHub MCP server, 15 of 16
- Working with push protection from the REST API, 16 of 16
- Concepts for code scanning, 2 of 6
- Code scanning, 1 of 15
- Code scanning alerts, 2 of 15
- Code security risk assessment, 3 of 15
- About autofix for code scanning, 4 of 15
- AI-powered security detections in pull requests, 5 of 15
- About setup types for code scanning, 6 of 15
- Integration with code scanning, 7 of 15
- About SARIF files for code scanning, 8 of 15
- Code scanning alert tracking using issues, 9 of 15
- Code scanning merge protection, 10 of 15
- Multi-repository variant analysis, 11 of 15
- Concepts for CodeQL, 12 of 15
- About the tool status page, 13 of 15
- CodeQL pull request alert metrics, 14 of 15
- Repository properties for code scanning, 15 of 15
- Supply chain security, 3 of 6
- Supply chain security, 1 of 20
- About open source license compliance, 2 of 20
- Best practices for maintaining dependencies, 3 of 20
- Dependency graph, 4 of 20
- How the dependency graph recognizes dependencies, 5 of 20
- Dependency review, 6 of 20
- Dependabot alerts, 7 of 20
- Dependabot malware alerts, 8 of 20
- Metrics for Dependabot alerts, 9 of 20
- Dependabot security updates, 10 of 20
- Dependabot version updates, 11 of 20
- Dependabot pull requests, 12 of 20
- Multi-ecosystem updates, 13 of 20
- About the dependabot.yml file, 14 of 20
- Automatic Dependabot access to GitHub-hosted registries, 15 of 20
- Dependabot auto-triage rules, 16 of 20
- Dependabot on GitHub Actions runners, 17 of 20
- Dependabot job logs, 18 of 20
- Immutable releases, 19 of 20
- About linked artifacts, 20 of 20
- About GitHub Code Quality, 4 of 6
- Concepts for vulnerability reporting and management, 5 of 6
- Concepts for security at scale, 6 of 6