Managing code scanning alerts

Learn how to triage, track, and resolve code scanning alerts.

Who can use this feature?

Code scanning is available for the following repository types:

  • Public repositories on GitHub.com
  • Organization-owned repositories on GitHub Team, GitHub Enterprise Cloud, or GitHub Enterprise Server, with GitHub Advanced Security enabled.

About code scanning alerts

Learn about the different types of code scanning alerts and the information that helps you understand the problem each alert highlights.

Assessing code scanning alerts for your repository

From the security view, you can explore and evaluate alerts for potential vulnerabilities or errors in your project's code.

Resolving code scanning alerts

From the security view, you can view, fix, or dismiss alerts for potential vulnerabilities or errors in your project's code.

Triaging code scanning alerts in pull requests

When code scanning identifies a problem in a pull request, you can review the highlighted code and resolve the alert.