GitHub Community

GitHub Copilot Hackathon Playbook for Enterprise Admins
Discover: GitHub Best Practices GitHub Community Admin
Accessibility Developer Guide: Getting Started with GitHub Copilot Custom Agents for Accessibility
Accessibility mlama007
Understanding Data Replication in High Availability Configurations for GitHub Enterprise Server
Discover: GitHub Best Practices regmontanhani
GitHub Community Discussions: Category Restructure Complete 🎉
Announcements samus-aran

Code Security Discussions

Conversations related to Code Security. Build security into your GitHub workflow with features to keep secrets and vulnerabilities out of your codebase, and to maintain your software supply chain.

Pinned to Code Security

You must be logged in to vote

New fine-grained permission for artifact metadata is now generally available 🚀
🚀 Shipped A feature has been released 📣 ANNOUNCEMENT Announcements from the GitHub Community team Code Security Build security into your GitHub workflow with features to keep your codebase secure
ghostinhershell asked Jan 13, 2026 in Code Security · Unanswered

2
You must be logged in to vote

🔐 Scan, Fix, Repeat: Last Month in Code Security
Code Security Build security into your GitHub workflow with features to keep your codebase secure Show & Tell Discussions where community members share their projects, experiments, or accomplishments
ghostinhershell asked Feb 10, 2026 in Code Security · Unanswered

1
You must be logged in to vote

[GHAS 101] Stop Secrets From Reaching Your Codebase: Secret Scanning & Push Protection
Secret Scanning Detect and prevent the exposure of sensitive information in your code Code Security Build security into your GitHub workflow with features to keep your codebase secure GHAS Discussions related to GitHub Advanced Security Best Practices Best practices, tips & tricks, and articles from GitHub and its users Show & Tell Discussions where community members share their projects, experiments, or accomplishments Secret Management Secret mgmt: store/use/rotate secrets safely (scope, OIDC, vaults).
ghostinhershell asked Mar 3, 2026 in Code Security · Unanswered

0

Discussions

You must be logged in to vote

Adding custom secret pattern to public repos in Free plan
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
thomasm-ttd asked May 22, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Someone has used my website code and left my about page text about me as well as stats counter
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
charliebunt asked May 28, 2023 in Code Security · Closed · Unanswered

3
You must be logged in to vote

Dependabot issues, overriding sub sub dependency versions
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
krondorl asked Jun 3, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

SSH Key add
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ARTHURGOLDWAY25 asked Jul 3, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Missing Code Folder
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
amitrattu asked Apr 3, 2024 in Code Security · Closed · Unanswered

4
You must be logged in to vote

Automation to check and block the build if there are high and critical issues
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
karthikboncheruuvu asked Jun 20, 2023 in Code Security · Closed · Unanswered

6
You must be logged in to vote

Securing and filtering OpenID connect to AWS (and perhaps other cloud providers)
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
snemir2 asked Jul 18, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

How to deal with code-signing in completely on-cloud machines set up
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
Mahesh-Binayak asked Jul 20, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Git Advanced Security - Path Analysis?
Code Security Build security into your GitHub workflow with features to keep your codebase secure GHAS Discussions related to GitHub Advanced Security Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
infosechris asked Jul 20, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

What is the maximum time in Dependabot update and how to extend it?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
otter13 asked Jun 27, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Manually trigger a dependabot scan on my repo
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
pantelis-karamolegkos asked Jul 27, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Main reposities
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
maailmanihanin asked Jul 29, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

cant connect to github due to invalid rsa information returned
Actions Build, test, and automate your deployment pipeline with world-class CI/CD Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
mehaknasir asked Aug 2, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Can the dependencies graph be self-hosted or open source?
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
williamfzc asked Aug 6, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Someone made a repository to scrape my site then a repository to distribute the data.
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
AngryNinjaGuy asked Aug 6, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

jenkins+sonarqube vs github actions(secure)
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ppalepu asked Jul 25, 2023 in Code Security · Closed · Unanswered

3
You must be logged in to vote

Modifying invisible API method codes
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
bilolkobilov asked Jul 24, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

different access permissions for two repositories
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
adiku asked Aug 21, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

How to show secret-scanning alerts in a PR
Secret Scanning Detect and prevent the exposure of sensitive information in your code Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
jcook-uptycs asked Aug 23, 2023 in Code Security · Closed · Unanswered

3
You must be logged in to vote

how can i report on all the repos and their third party vulnerabilities?
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ngamboa asked Aug 14, 2023 in Code Security · Closed · Unanswered

5
You must be logged in to vote

Issue getting access via ssh
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ChilbiCode asked Aug 29, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Pecause that problema with the password
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
Juan32barradas asked Sep 5, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

semver is vulnerable to Regular Expression Denial Of Service (ReDoS) CVE-2022-25883 | CWE-1333
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
SanthoshReddyTR asked Sep 7, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

cyber sicurity breaching my system data file, precious metals company, overflowing with wealth; being embezzeld, rico, rackeetering influenced corruted organization
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ALFA1OMEGA asked Sep 10, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

wrong author on squash PR merge
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
tcaduser asked Sep 10, 2023 in Code Security · Closed · Unanswered

1