此版本的 GitHub Enterprise 将停止服务 2023-01-18. 即使针对重大安全问题，也不会发布补丁。为了获得更好的性能、更高的安全性和新功能，请升级到最新版本的 GitHub Enterprise。如需升级帮助，请联系 GitHub Enterprise 支持。

Code security guides

了解 GitHub Enterprise Server 可以帮助您提高代码安全性的不同方式。

Run code scanning with GitHub Actions
Check your default branch and every pull request to keep vulnerabilities and errors out of your repository.
启动学习路径
1
概述
关于代码扫描
您可以使用 code scanning 在 GitHub 上查找项目中的安全漏洞和代码错误。
2
操作指南
Setting up code scanning for a repository
You can set up code scanning by adding a workflow to your repository.
3
操作指南
Configuring code scanning
You can configure how GitHub scans the code in your project for vulnerabilities and errors.
4
操作指南
Configuring the CodeQL workflow for compiled languages
You can configure how GitHub uses the CodeQL analysis workflow to scan code written in compiled languages for vulnerabilities and errors.
5
操作指南
在容器中运行 CodeQL 代码扫描
通过确保所有进程都在同一容器中运行，您可以在容器中运行 code scanning。
6
操作指南
Troubleshooting the CodeQL workflow
If you're having problems with code scanning, you can troubleshoot by using these tips for resolving issues.

Code security learning paths

学习路径是一系列帮助你掌握特定主题的指南。

Fix and disclose a security vulnerability

Using repository security advisories to privately fix a reported vulnerability and get a CVE.

启动学习路径

Get notifications for insecure dependencies

Set up Dependabot to alert you to new vulnerabilities in your dependencies.

启动学习路径

Get pull requests to update your vulnerable dependencies

Set up Dependabot to create pull requests when new vulnerabilities are reported.

启动学习路径

Keep your dependencies up-to-date

Use Dependabot to check for new releases and create pull requests to update your dependencies.

启动学习路径

Explore and manage security alerts

Learn where to find and resolve security alerts.

启动学习路径

Scan for secrets

Set up secret scanning to guard against accidental check-ins of tokens, passwords, and other secrets to your repository.

启动学习路径

Run CodeQL code scanning in your CI

Set up CodeQL within your existing CI and upload results to GitHub code scanning.

启动学习路径

Integrate with code scanning

Upload code analysis results from third-party systems to GitHub using SARIF.

启动学习路径

End-to-end supply chain

How to think about securing your user accounts, your code, and your build process.

启动学习路径

All Code security guides

使用这些控件筛选指南列表

找到了 54 个指南

Run code scanning with GitHub Actions

关于代码扫描

Setting up code scanning for a repository

Configuring code scanning

Configuring the CodeQL workflow for compiled languages

在容器中运行 CodeQL 代码扫描

Troubleshooting the CodeQL workflow

About the GitHub Advisory database

关于全局安全公告

关于 Dependabot 警报

Managing security and analysis settings for your repository

Viewing and updating Dependabot alerts

Configuring notifications for Dependabot alerts

About Dependabot security updates

Configuring Dependabot security updates

Configuring notifications for Dependabot alerts

Managing security and analysis settings for your repository

About Dependabot version updates

Configuring Dependabot version updates

Customizing dependency updates

Configuration options for the dependabot.yml file

About the security overview

Viewing the security overview

Managing alerts from secret scanning

Managing code scanning alerts for your repository

About secret scanning

Configuring secret scanning for your repositories

Defining custom patterns for secret scanning

Managing alerts from secret scanning

About CodeQL code scanning in your CI system

Installing CodeQL CLI in your CI system

Configuring CodeQL CLI in your CI system

从 CodeQL 运行器迁移到 CodeQL CLI

About integration with code scanning

将 SARIF 文件上传到 GitHub

对代码扫描的 SARIF 支持

代码扫描

保护端到端供应链

Best practices for securing accounts

Best practices for securing code in your supply chain

保护生成系统的最佳做法

Adding a security policy to your repository

GitHub security features

Securing your organization

Securing your repository

About secret scanning

Configuring secret scanning for your repositories

Defining custom patterns for secret scanning

Managing alerts from secret scanning

机密扫描模式