# Code scanning configurations
- title: CodeQL code scanning at Microsoft
  description: Example code scanning workflow for the CodeQL action from the Microsoft Open Source repository.
  href: /microsoft/opensource.microsoft.com/blob/main/.github/workflows/codeql-analysis.yml
  languages:
    - javascript
  tags:
    - CodeQL
    - Code scanning
    - GitHub Actions
- title: Adversarial Robustness Toolbox (ART) CodeQL code scanning
  description: Example code scanning workflow for the CodeQL action from the Trusted AI repository.
  href: /Trusted-AI/adversarial-robustness-toolbox/blob/main/.github/workflows/codeql-analysis.yml
  languages:
    - python
  tags:
    - CodeQL
    - Code scanning
    - GitHub Actions

# Security policies
- title: Microsoft security policy
  description: Example security policy
  href: /microsoft/microsoft.github.io/blob/master/SECURITY.MD
  tags:
    - Security policy
- title: Electron security policy
  description: Example security policy
  href: /electron/electron/blob/master/SECURITY.md
  tags:
    - Security policy

# Example of security advisory in a major product
- title: Security advisory for Rails
  description: Security advisory published by Rails for CVE-2020-15169.
  href: /rails/rails/security/advisories/GHSA-cfjv-5498-mph5
  tags:
    - Security advisory

# Sample scripts for enabling Dependabot alerts and security updates across a whole organization
- title: Enable Dependabot alerts and security updates automatically
  description: Sample scripts for enabling Dependabot alerts and security updates across an entire organization.
  href: /github/enable-security-alerts-sample
  tags:
    - Dependabot
    - Alerts
    - Security updates
    - Organization
    - Scripts
  versions:
    fpt: '*'
    ghec: '*'

# Dependabot configuration only relevant to GitHub.com
# Convert "languages" to "package-ecosystems" for Dependabot configurations
- title: Super linter configuration
  description: Example Dependabot version updates configuration from the Super linter repository.
  href: /github/super-linter/blob/master/.github/dependabot.yml
  languages:
    - github-actions
    - npm
    - bundler
    - docker
    - pip
  tags:
    - Dependabot
    - Version updates
    - Configuration
  versions:
    fpt: '*'
    ghec: '*'

- title: Dependabot version update PR
  description: Example pull request generated by the Dependabot version updates configuration in the Super linter repository.
  href: /github/super-linter/pull/1398
  languages:
  tags:
    - Dependabot
    - Version updates
    - Pull requests
  versions:
    fpt: '*'
    ghec: '*'