Concepts for code scanning

You can use code scanning to find security vulnerabilities and errors in the code for your project on GitHub.

Learn about the different types of code scanning alerts and the information that helps you understand the problem each alert highlights.

Learn how to assess how code scanning is working for you, and how you can customize your setup to best meet your needs.

You can perform code scanning externally and then display the results in GitHub, or configure webhooks that listen to code scanning activity in your repository.

Understand the core concepts behind CodeQL and how it helps you find vulnerabilities and errors in your code.