To display results from a third-party static analysis tool in your repository on GitHub, you'll need your results stored in a SARIF file that supports a specific subset of the SARIF 2.1.0 JSON schema for code scanning. If you use the default CodeQL static analysis engine, then your results will display in your repository on GitHub automatically.| GitHub Docs
Use the REST API to retrieve and update code scanning alerts from a repository.| GitHub Docs
Learn how GitHub uses AI to suggest potential fixes for code scanning alerts and find out how best to mitigate limitations in the AI suggestions.| GitHub Docs
From the security view, you can view, fix, or dismiss alerts for potential vulnerabilities or errors in your project's code.| GitHub Docs
When analyzing your code with code scanning, you may need to troubleshoot unexpected issues.| GitHub Docs
From the security view, you can explore and evaluate alerts for potential vulnerabilities or errors in your project's code.| GitHub Docs
You can customize how your advanced setup scans the code in your project for vulnerabilities and errors.| GitHub Docs
You can protect important branches by setting branch protection rules, which define whether collaborators can delete or force push to the branch and set requirements for any pushes to the branch, such as passing status checks or a linear commit history.| GitHub Docs
