GitHub Community

Accessibility Developer Guide: Getting Started with GitHub Copilot Custom Agents for Accessibility
Accessibility mlama007
Understanding Data Replication in High Availability Configurations for GitHub Enterprise Server
Discover: GitHub Best Practices regmontanhani
GitHub Community Discussions: Category Restructure Complete 🎉
Announcements samus-aran
[GHAS CodeQL Series] - Part 2: Implementing Alert-Mode Repository Rulesets
Discover: GitHub Best Practices vishaljsoni

Code Security Discussions

Conversations related to Code Security. Build security into your GitHub workflow with features to keep secrets and vulnerabilities out of your codebase, and to maintain your software supply chain.

Pinned to Code Security

You must be logged in to vote

New fine-grained permission for artifact metadata is now generally available 🚀
🚀 Shipped A feature has been released 📣 ANNOUNCEMENT Announcements from the GitHub Community team Code Security Build security into your GitHub workflow with features to keep your codebase secure
ghostinhershell asked Jan 13, 2026 in Code Security · Unanswered

2
You must be logged in to vote

🔐 Scan, Fix, Repeat: Last Month in Code Security
Code Security Build security into your GitHub workflow with features to keep your codebase secure Show & Tell Discussions where community members share their projects, experiments, or accomplishments
ghostinhershell asked Feb 10, 2026 in Code Security · Unanswered

1
You must be logged in to vote

[GHAS 101] Stop Secrets From Reaching Your Codebase: Secret Scanning & Push Protection
Secret Scanning Detect and prevent the exposure of sensitive information in your code Code Security Build security into your GitHub workflow with features to keep your codebase secure GHAS Discussions related to GitHub Advanced Security Best Practices Best practices, tips & tricks, and articles from GitHub and its users Show & Tell Discussions where community members share their projects, experiments, or accomplishments Secret Management Secret mgmt: store/use/rotate secrets safely (scope, OIDC, vaults).
ghostinhershell asked Mar 3, 2026 in Code Security · Unanswered

0

Discussions

You must be logged in to vote

Fixing of Velnarability under SAST
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
Rmnthshya asked May 2, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Dependabot raises new alerts without any changes
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
henriquevcosta asked May 9, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Dependabot Gem Updates
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
nroose asked May 15, 2023 in Code Security · Closed · Unanswered

3
You must be logged in to vote

Difference between pull_request and pull_request_target GHA triggers
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
pantelis-karamolegkos asked Apr 5, 2024 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Add custom rules to dependabot
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
biohazd asked Apr 5, 2024 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Can I limit dependabot to only open PRs when items in requirements txt have related CVE?
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
YesThatAllen asked Jun 4, 2024 in Code Security · Answered

1
You must be logged in to vote

SOC 2 or ISO 27001 certificate
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ynemets asked Nov 25, 2022 in Code Security · Closed · Unanswered

4
You must be logged in to vote

Adding custom secret pattern to public repos in Free plan
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
thomasm-ttd asked May 22, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Someone has used my website code and left my about page text about me as well as stats counter
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
charliebunt asked May 28, 2023 in Code Security · Closed · Unanswered

3
You must be logged in to vote

Dependabot issues, overriding sub sub dependency versions
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
krondorl asked Jun 3, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

SSH Key add
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ARTHURGOLDWAY25 asked Jul 3, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Missing Code Folder
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
amitrattu asked Apr 3, 2024 in Code Security · Closed · Unanswered

4
You must be logged in to vote

Automation to check and block the build if there are high and critical issues
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
karthikboncheruuvu asked Jun 20, 2023 in Code Security · Closed · Unanswered

6
You must be logged in to vote

Securing and filtering OpenID connect to AWS (and perhaps other cloud providers)
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
snemir2 asked Jul 18, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

How to deal with code-signing in completely on-cloud machines set up
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
Mahesh-Binayak asked Jul 20, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Git Advanced Security - Path Analysis?
Code Security Build security into your GitHub workflow with features to keep your codebase secure GHAS Discussions related to GitHub Advanced Security Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
infosechris asked Jul 20, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

What is the maximum time in Dependabot update and how to extend it?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
otter13 asked Jun 27, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Manually trigger a dependabot scan on my repo
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
pantelis-karamolegkos asked Jul 27, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Main reposities
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
maailmanihanin asked Jul 29, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

cant connect to github due to invalid rsa information returned
Actions Build, test, and automate your deployment pipeline with world-class CI/CD Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
mehaknasir asked Aug 2, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Can the dependencies graph be self-hosted or open source?
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
williamfzc asked Aug 6, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Someone made a repository to scrape my site then a repository to distribute the data.
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
AngryNinjaGuy asked Aug 6, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

jenkins+sonarqube vs github actions(secure)
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ppalepu asked Jul 25, 2023 in Code Security · Closed · Unanswered

3
You must be logged in to vote

Modifying invisible API method codes
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
bilolkobilov asked Jul 24, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

different access permissions for two repositories
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
adiku asked Aug 21, 2023 in Code Security · Closed · Unanswered

2