Skip to main content
GitHub Docs
Version:
Enterprise Cloud
Search or ask Copilot
Search or ask
Copilot
Select language: current language is English
Search or ask Copilot
Search or ask
Copilot
Open menu
Open Sidebar
Security and code quality
/
CodeQL CLI
/
CodeQL CLI manual
/
generate log-summary
Home
Security and code quality
Getting started
GitHub security features
Dependabot quickstart
Secure repository quickstart
Add a security policy
Audit security alerts
Prevent data leaks
GitHub secret types
Trial GitHub Advanced Security
Plan GHAS trial
Trial Advanced Security
Enable security features in trial
Trial Secret Protection
Trial Code Security
GitHub Code Quality
Get started
Quickstart
Concepts
About Code Quality
How-to guides
Enable Code Quality
Interpret results
Set PR thresholds
Unblock your PR
Allow in enterprise
Reference
Metrics and ratings
CodeQL detection
Tutorials
Fix findings in PRs
Improve your codebase
Improve recent merges
Responsible use
Code quality
Adopt GHAS at scale
Introduction
1. Align on strategy
2. Preparation
3. Pilot programs
4. Create internal documentation
5. Rollout code scanning
6. Rollout secret scanning
Secure your organization
Introduction
About organization security
Choose security configuration
Enable security features
Apply recommended configuration
Create custom configuration
Apply custom configuration
Configure global settings
Give access to private registries
Manage organization security
Interpret security data
Filter repositories
Edit custom configuration
Manage paid GHAS use
Detach security configuration
Find attachment failures
Delete custom configuration
Exposure to leaked secrets
Secret risk assessment
Assess your secret risk
View risk report
Export risk report CSV
Risk report CSV contents
Interpret results
Secret protection
Push protection cost savings
Secret protection pricing
Exposure to vulnerabilities
Vulnerability exposure
Prioritize Dependabot alerts using metrics
Alerts in production code
Fix alerts at scale
About security campaigns
Best practices
Create security campaigns
Track security campaigns
Troubleshoot configurations
Active advanced setup
Unexpected default setup
Not enough GHAS licenses
Secret scanning
Introduction
Secret scanning
Push protection
Secret scanning for partners
Supported patterns
Enable features
Enable secret scanning
Enable push protection
Enable validity checks
Enable metadata checks
Manage alerts
About alerts
View alerts
Evaluate alerts
Resolve alerts
Monitor alerts
Work with secret scanning
Remediate a leaked secret
Push protection for users
Push protection on the command line
Push protection from the REST API
Push protection in the GitHub UI
Push protection and the GitHub MCP server
Advanced features
Exclude folders and files
Non-provider patterns
Enable for non-provider patterns
Custom patterns
Define custom patterns
Manage custom patterns
Custom pattern metrics
Delegated bypass
About delegated bypass
Enable delegated bypass
Manage bypass requests
Delegated alert dismissal
Copilot secret scanning
Generic secret detection
Enable generic secret detection
Generate regular expressions with AI
Regular expression generator
Troubleshoot