Security and code quality documentation

Build security and code quality into your GitHub workflow to secure your software supply chain, prevent data leaks, and automatically find and fix vulnerabilities and code health issues in your codebase.

Find out how to run a free secret risk assessment

Start here

GitHub security features
An overview of GitHub's security features.
Quickstart for securing your repository
Manage access to your code. Find and fix vulnerable code and dependencies automatically.
Dependabot quickstart guide
Find and fix vulnerable dependencies you rely on with Dependabot.
Configuring default setup for code scanning
Quickly set up code scanning to find and fix vulnerable code automatically.

What's new

View all

Transitive dependencies are now available for MavenMarch 26

Security and code quality documentation

Start here

GitHub security features

Quickstart for securing your repository

Dependabot quickstart guide

Configuring default setup for code scanning

Popular

About secret security with GitHub

About coordinated disclosure of security vulnerabilities

Best practices for preventing data leaks in your organization

Best practices for fixing security alerts at scale

What's new

Guides

Planning a trial of GitHub Advanced Security

How-tos for detecting secret leaks

Configuring default setup for code scanning

Configuring Dependabot security updates

All Security and code quality docs

Getting started with secure coding

Concepts for security and code quality

How-tos for security and code quality

Reference for security and code quality

Tutorials for security and code quality

Responsible use of GitHub's security and code quality features