Code security
Build security into your GitHub workflow with features to keep secrets and vulnerabilities out of your codebase, and to maintain your software supply chain.
ã¬ã€ã
å šãŠã衚瀺人æ°
ã³ãŒãäŸ
Microsoftã«ãããCodeQLã®Code Scanning
Microsoftã®ãªãŒãã³ãœãŒã¹ãªããžããªããã®CodeQLã¢ã¯ã·ã§ã³ã®ããã®Code Scanningã¯ãŒã¯ãããŒã®äŸã
CodeQLCode scanningGitHub ActionsAdversarial Robustness Toolbox (ART) CodeQL Code Scanning
Trusted AIãªããžããªããã®CodeQLã¢ã¯ã·ã§ã³ã®ããã®Code Scanningã¯ãŒã¯ãããŒã®äŸã
CodeQLCode scanningGitHub ActionsMicrosoft security policy template
ã»ãã¥ãªãã£ããªã·ãŒã®äŸ
ã»ãã¥ãªãã£ããªã·ãŒElectronã®ã»ãã¥ãªãã£ããªã·ãŒ
ã»ãã¥ãªãã£ããªã·ãŒã®äŸ
ã»ãã¥ãªãã£ããªã·ãŒRailsã®ããã®ã»ãã¥ãªãã£ã¢ããã€ã¶ãª
Railsã«ãã£ãŠå ¬éãããCVE-2020-15169ã®ããã®ã»ãã¥ãªãã£ã¢ããã€ã¶ãª
ã»ãã¥ãªãã£ã¢ããã€ã¶ãªDependabotã¢ã©ãŒãåã³ã»ãã¥ãªãã£ã¢ããããŒããèªåçã«æå¹å
Organizationå šäœã«ããã£ãŠDependabotã¢ã©ãŒãåã³ã»ãã¥ãªãã£ã¢ããããŒããæå¹åããããã®ãµã³ãã«ã¹ã¯ãªããã
Dependabotã¢ã©ãŒãã»ãã¥ãªãã£ã¢ããããŒãOrganizationã¹ã¯ãªãã
ã¬ã€ã
Configuring Dependabot security updates
You can use Dependabotã»ãã¥ãªãã£ã¢ããããŒã or manual pull requests to easily update vulnerable dependencies.
Configuring Dependabot version updates
Dependabot ã䜿çšããããã±ãŒãžãèªåçã«æŽæ°ããããã«ãªããžããªãèšå®ã§ããŸãã
Setting up code scanning for a repository
You can set up code scanning by adding a workflow to your repository.
Securing your end-to-end supply chain
Introducing best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes.