jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-23 03:44:00 -05:00
Code Issues Projects Releases Wiki Activity
Files
fc67e65f30a33d34a9878d2d11cebf2baef6170b
docs/content/code-security/index.md
mc 6d491ef9f7 Rework the improve manage encrypted secrets dependabot article (#34096) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
2023-02-07 20:47:22 +00:00

64 lines
4.0 KiB
Markdown
Raw Blame History

---
title: Code security
shortTitle: Code security
intro: 'Build security into your {% data variables.product.prodname_dotcom %} workflow with features to keep secrets and vulnerabilities out of your codebase{% ifversion not ghae %}, and to maintain your software supply chain{% endif %}.'
introLinks:
overview: /code-security/getting-started/github-security-features
featuredLinks:
startHere:
- /code-security/getting-started/securing-your-repository
- /code-security/getting-started/securing-your-organization
- '{% ifversion fpt or ghec %}/code-security/security-advisories/repository-security-advisories/creating-a-repository-security-advisory{% endif %}'
- '{% ifversion ghes or ghae %}/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository{% endif%}'
guideCards:
- '{% ifversion fpt or ghec or ghes %}/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates{% endif %}'
- '{% ifversion fpt or ghec or ghes %}/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates{% endif %}'
- '{% ifversion fpt or ghec or ghes %}/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository{% endif %}'
- '{% ifversion ghes < 3.3 %}/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository{% endif %}'
- '{% ifversion ghes < 3.3 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies{% endif %}'
- '{% ifversion ghes < 3.3 or ghae %}/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories{% endif %}'
- '{% ifversion ghae %}/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github{% endif %}'
- '{% ifversion ghae %}/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system{% endif %}'
- /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview
popular:
- '{% ifversion ghes %}/admin/release-notes{% endif %}'
- /code-security/dependabot/dependabot-alerts/about-dependabot-alerts
- /code-security/security-advisories/guidance-on-reporting-and-writing/about-coordinated-disclosure-of-security-vulnerabilities
- /code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
- /code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
- /code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot
- '{% ifversion ghae %}/code-security/secret-scanning/about-secret-scanning{% endif %}'
- /code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies
- '{% ifversion ghes < 3.3 or ghae %}/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages{% endif %}'
- '{% ifversion ghes < 3.3 or ghae %}/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow{% endif %}'
- '{% ifversion ghes < 3.3 or ghae %}/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container{% endif %}'
changelog:
label: security-and-compliance
versions:
fpt: '*'
ghec: '*'
examples_source: data/product-examples/code-security/code-examples.yml
layout: product-landing
versions:
fpt: '*'
ghes: '*'
ghae: '*'
ghec: '*'
topics:
- Repositories
- Dependencies
- Vulnerabilities
children:
- /getting-started
- /adopting-github-advanced-security-at-scale
- /secret-scanning
- /code-scanning
- /codeql-cli
- /security-advisories
- /supply-chain-security
- /dependabot
- /security-overview
- /guides
---
Reference in New Issue View Git Blame Copy Permalink