You can use CodeQL to identify vulnerabilities and errors in your code. The results are shown as code scanning alerts in GitHub.| GitHub Docs
You can customize how your advanced setup scans the code in your project for vulnerabilities and errors.| GitHub Docs