Skip to main content
GitHub Docs
All products
Code security
Getting started
GitHub security features
Secure your repository
Secure your organization
Add a security policy
Secret scanning
About secret scanning
Secret scanning partners
Code scanning
Scan code automatically
About code scanning
Triage alerts in pull requests
Set up code scanning
Manage alerts
Track alerts in issues
Configure code scanning
Code scanning with CodeQL
Hardware resources for CodeQL
Configure compiled languages
Troubleshoot CodeQL workflow
Code scanning in a container
View code scanning logs
Integrate with code scanning
About integration
Upload a SARIF file
SARIF support
Use CodeQL in CI system
Code scanning in your CI
Install CodeQL CLI
Configure CodeQL CLI
Run CodeQL runner
Configure CodeQL runner
Troubleshoot CodeQL runner
Migrating from the CodeQL runner
Security advisories
Coordinated disclosure
Security advisories
Permission levels
Create advisories
Add collaborator to advisory
Remove collaborators
Temporary private forks
Publish advisories
Edit advisories
Withdraw advisories
Supply chain security
Understand your supply chain
Dependency graph
Explore dependencies
Dependency review
Auto-update dependencies
Dependabot version updates
Dependabot.com upgrades
Enable and disable updates
List configured dependencies
Manage Dependabot PRs
Use Dependabot with Actions
Manage encrypted secrets
Customize updates
Configuration options
Auto-update actions
Fix vulnerable dependencies
Vulnerable dependencies
Browse Advisory Database
Dependabot alerts
Configuring notifications
Dependabot security updates
Configure security updates
View vulnerable dependencies
Troubleshoot detection
Troubleshoot errors
Security overview
About security overview
View the security overview
Filtering alerts
Guides for code security
Code security
/
Security advisories
Free, Pro, & Team
Free, Pro, & Team
Enterprise Cloud
English
English
简体ä¸æ–‡
(
Simplified Chinese
)
日本語
(
Japanese
)
Español
(
Spanish
)
Português do Brasil
(
Portuguese
)
Search topics, products...
Â
GitHub Docs
Code security
/
Security advisories
Code security
Get started
Account and profile
Authentication
Repositories
GitHub
Enterprise administrators
Billing and payments
Organizations
Code security
Pull requests
GitHub Issues
GitHub Actions
GitHub Codespaces
GitHub Packages
Search on GitHub
Developers
REST API
GraphQL API
GitHub CLI
GitHub Discussions
GitHub Sponsors
Building communities
GitHub Pages
Education
GitHub Desktop
GitHub Support
Atom
Electron
CodeQL
npm
Free, Pro, & Team
Free, Pro, & Team
Enterprise Cloud
English
English
简体ä¸æ–‡
(
Simplified Chinese
)
日本語
(
Japanese
)
Español
(
Spanish
)
Português do Brasil
(
Portuguese
)
Search topics, products...
Â
Managing security advisories for vulnerabilities in your project
Discuss, fix, and disclose security vulnerabilities in your repositories using security advisories.
About coordinated disclosure of security vulnerabilities
About GitHub Security Advisories
Permission levels for security advisories
Creating a security advisory
Adding a collaborator to a security advisory
Removing a collaborator from a security advisory
Collaborating in a temporary private fork to resolve a security vulnerability
Publishing a security advisory
Editing a security advisory
Withdrawing a security advisory