Code security guides
了解 GitHub 可以帮助您提高代码安全性的不同方式。
- 1概览
About coordinated disclosure of security vulnerabilities
Vulnerability disclosure is a coordinated effort between security reporters and repository maintainers. - 2操作方法指南
Creating a repository security advisory
You can create a draft security advisory to privately discuss and fix a security vulnerability in your open source project. - 3操作方法指南
Adding a collaborator to a repository security advisory
You can add other users or teams to collaborate on a security advisory with you. - 4操作方法指南
Collaborating in a temporary private fork to resolve a repository security vulnerability
You can create a temporary private fork to privately collaborate on fixing a security vulnerability in your repository. - 5操作方法指南
Publishing a repository security advisory
You can publish a security advisory to alert your community about a security vulnerability in your project. - 6操作方法指南
Editing a repository security advisory
You can edit the metadata and description for a repository security advisory if you need to update details or correct errors. - 7操作方法指南
Withdrawing a repository security advisory
You can withdraw a repository security advisory that you've published. - 8操作方法指南
Removing a collaborator from a repository security advisory
When you remove a collaborator from a repository security advisory, they lose read and write access to the security advisory's discussion and metadata.
Code security learning paths
All Code security guides
找到 61 个指南
添加安全政策到仓库
操作方法指南您可以为仓库添加安全政策,说明如何报告项目中的安全漏洞。
- Security policies
- Vulnerabilities
- Repositories
- Health
GitHub 安全功能
概览GitHub 安全功能概述。
- Repositories
- Dependencies
- Vulnerabilities
- Advanced Security
Securing your organization
操作方法指南You can use a number of GitHub features to help keep your organization secure.
- Organizations
- Dependencies
- Vulnerabilities
- Advanced Security
Securing your repository
操作方法指南You can use a number of GitHub features to help keep your repository secure.
- Repositories
- Dependencies
- Vulnerabilities
- Advanced Security
About secret scanning
概览GitHub scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.
- Secret scanning
- Advanced Security
Configuring secret scanning for your repositories
操作方法指南You can configure how GitHub scans your repositories for secrets.
- Secret scanning
- Advanced Security
- Repositories
Defining custom patterns for secret scanning
操作方法指南You can define custom patterns for 秘密扫描 in organizations and private repositories.
- Advanced Security
- Secret scanning
管理来自密码扫描的警报
操作方法指南您可以查看并关闭已检入仓库的密码的警报。
- Secret scanning
- Advanced Security
- Alerts
- Repositories
Secret scanning partners
参考Lists of supported secrets and the partners that GitHub works with to prevent fraudulent use of secrets that were committed accidentally.
- Secret scanning
- Advanced Security