8f1ec27a38
Co-authored-by: Sarah Schneider <sarahs@github.com> Co-authored-by: Felicity Chapman <felicitymay@github.com>
3.4 KiB
title, shortTitle, intro, product, redirect_from, versions, type, topics
| title | shortTitle | intro | product | redirect_from | versions | type | topics | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| About integration with code scanning | About integration | You can perform {% data variables.product.prodname_code_scanning %} externally and then display the results in {% data variables.product.prodname_dotcom %}, or configure webhooks that listen to {% data variables.product.prodname_code_scanning %} activity in your repository. | {% data reusables.gated-features.code-scanning %} |
|
|
overview |
|
{% data reusables.code-scanning.beta %} {% data reusables.code-scanning.enterprise-enable-code-scanning %}
As an alternative to running {% data variables.product.prodname_code_scanning %} within {% data variables.product.prodname_dotcom %}, you can perform analysis elsewhere and then upload the results. Alerts for {% data variables.product.prodname_code_scanning %} that you run externally are displayed in the same way as those for {% data variables.product.prodname_code_scanning %} that you run within {% data variables.product.prodname_dotcom %}. For more information, see "Managing {% data variables.product.prodname_code_scanning %} alerts for your repository."
If you use a third-party static analysis tool that can produce results as Static Analysis Results Interchange Format (SARIF) 2.1.0 data, you can upload this to {% data variables.product.prodname_dotcom %}. For more information, see "Uploading a SARIF file to GitHub."
{% ifversion fpt or ghes > 3.4 or ghae > 3.4 or ghec %} {% data reusables.code-scanning.about-analysis-origins-link %} {% endif %}
Integrations with webhooks
You can use {% data variables.product.prodname_code_scanning %} webhooks to build or configure integrations, such as {% data variables.product.prodname_github_apps %} or {% data variables.product.prodname_oauth_apps %}, that subscribe to {% data variables.product.prodname_code_scanning %} events in your repository. For example, you could build an integration that creates an issue on {% data variables.product.product_name %} or sends you a Slack notification when a new {% data variables.product.prodname_code_scanning %} alert is added in your repository. For more information, see "Creating webhooks" and "Webhook events and payloads."