community community Code Security · Discussions · GitHub

Top: All

Code Security Discussions

Conversations related to Code Security. Build security into your GitHub workflow with features to keep secrets and vulnerabilities out of your codebase, and to maintain your software supply chain.

Pinned to Code Security

You must be logged in to vote

Copilot (previously code scanning) Autofix: Preview Feedback and Resources
👂 Feedback Wanted GitHub is asking for your feedback Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post
turbo asked Mar 6, 2024 in Code Security · Unanswered

71
You must be logged in to vote

Secret scanning: on-demand revocation for GitHub personal access tokens - feedback
👂 Feedback Wanted GitHub is asking for your feedback 📣 ANNOUNCEMENT Announcements from the GitHub Community team Code Security Build security into your GitHub workflow with features to keep your codebase secure Question
erinhav asked Sep 27, 2024 in Code Security · Unanswered

0
You must be logged in to vote

Secret scanning: public leak locations and alert de-duplication across an organization or enterprise - feedback
👂 Feedback Wanted GitHub is asking for your feedback 📣 ANNOUNCEMENT Announcements from the GitHub Community team Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback
erinhav asked Oct 15, 2024 in Code Security · Unanswered

5
You must be logged in to vote

[Public Preview] Security Campaigns w/ Copilot Autofix 🧑‍💻
👂 Feedback Wanted GitHub is asking for your feedback 📣 ANNOUNCEMENT Announcements from the GitHub Community team Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Copilot Code accurately and faster with your AI powered pair-programmer. Changelog A discussion post associated with a Changelog post Universe 2024 githubuniverse.com Oct. 29-30
ghostinhershell asked Oct 23, 2024 in Code Security · Unanswered

3
You must be logged in to vote

Behind the Firewall: Checking into the Code Security Community 🤖🪐
Code Security Build security into your GitHub workflow with features to keep your codebase secure Show & Tell Community Check-In Updates & News from GitHub Community Managers
ghostinhershell asked Oct 24, 2024 in Code Security · Unanswered

1

Discussions

You must be logged in to vote

Dependency graph does not support pnpm v9
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
vluoto asked Aug 2, 2024 in Code Security · Unanswered

9
You must be logged in to vote

Erroneous GitHub warning messages about Multi-Factor Authentication
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
cosmic-linden asked Jun 20, 2024 in Code Security · Answered

41
You must be logged in to vote

Dependency graph does not find NuGet package versions when using Central Package Management
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
martincostello asked Mar 29, 2023 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot alerts should support conventional major version tags with GitHub Actions
Bug Something isn't working correctly Dependabot Code Security Build security into your GitHub workflow with features to keep your codebase secure
bigdaz asked May 5, 2023 in Code Security · Answered

1
You must be logged in to vote

Dependabot grouped security PR not working as configured
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
kaji-bikash asked Jun 24, 2024 in Code Security · Unanswered

0
You must be logged in to vote

Push protection false positive, push declined (and it's not even enabled)
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
m417z asked Mar 29, 2024 in Code Security · Answered

2
You must be logged in to vote

[dependency graph][poetry] Support for Poetry's +1.2 new grouped dependencies syntax.
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
magame95 asked Feb 15, 2023 in Code Security · Unanswered

0
You must be logged in to vote

Additional push in a Dependabot PR does not trigger actions
Bug Something isn't working correctly Dependabot Code Security Build security into your GitHub workflow with features to keep your codebase secure
nak3 asked Aug 1, 2023 in Code Security · Answered

2
You must be logged in to vote

About security issues when submitting code
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
cutelolly asked Sep 14, 2023 in Code Security · Unanswered

0
You must be logged in to vote

"Dependabot updates are paused" because "you haven't used Dependabot in a while"
Bug Something isn't working correctly Dependabot Code Security Build security into your GitHub workflow with features to keep your codebase secure
alexpdp7 asked Apr 1, 2023 in Code Security · Unanswered

7
You must be logged in to vote

Dependabot cannot run CodeQL with error: 1 configuration not found
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
ianhirschfeld asked May 1, 2024 in Code Security · Unanswered

5
You must be logged in to vote

In my private repo, i see commits by another USER!!
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
adamd1985 asked Oct 17, 2023 in Code Security · Answered

15
You must be logged in to vote

Github should not elide simple secret values like "1", "0" or "yes", "no" etc. (and maybe it shouldn't do it at all for short strings!)
Bug Something isn't working correctly Actions Build, test, and automate your deployment pipeline with world-class CI/CD Code Security Build security into your GitHub workflow with features to keep your codebase secure
demerphq asked Feb 22, 2023 in Code Security · Unanswered

0
You must be logged in to vote

dependabot on monorepo for organization
Bug Something isn't working correctly Dependabot Code Security Build security into your GitHub workflow with features to keep your codebase secure
dc185334 asked May 21, 2023 in Code Security · Unanswered

0
You must be logged in to vote

Can't enable dependabot for version updates
Bug Something isn't working correctly Dependabot Code Security Build security into your GitHub workflow with features to keep your codebase secure
max06 asked Jul 8, 2023 in Code Security · Answered

6
You must be logged in to vote

Dependency Graph and Security Alerts for npm lock file version 3
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
avivek asked Mar 11, 2023 in Code Security · Answered

1
You must be logged in to vote

Dependabot go.mod is not tidy
Bug Something isn't working correctly Dependabot Code Security Build security into your GitHub workflow with features to keep your codebase secure
kaovilai asked May 4, 2023 in Code Security · Answered

1
You must be logged in to vote

Students logging into personal github accounts from Azure Labs VMs getting "secondary rate limit exceeded" on login.
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
JeffryGonzalez asked Apr 22, 2024 in Code Security · Unanswered

7
You must be logged in to vote

The property '#/registries' of type string did not match the following type: object
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
dammitjim asked Mar 15, 2024 in Code Security · Answered

1
You must be logged in to vote

Dependabot alerts aren't updated when the Github Security Advisory changes
Bug Something isn't working correctly Dependabot Code Security Build security into your GitHub workflow with features to keep your codebase secure
Haegin asked Jan 24, 2023 in Code Security · Unanswered

0
You must be logged in to vote

Prevent direct pushes, but allow merging?
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
rebelchris asked Feb 20, 2023 in Code Security · Unanswered

1
You must be logged in to vote

Dependabot says it created some PRs but it doesn't
Bug Something isn't working correctly Dependabot Code Security Build security into your GitHub workflow with features to keep your codebase secure
llucax asked Sep 3, 2023 in Code Security · Unanswered

2
You must be logged in to vote

Securing accounts
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
tianhuil asked May 26, 2023 in Code Security · Unanswered

0
You must be logged in to vote

Security topic
Bug Something isn't working correctly Code Security Build security into your GitHub workflow with features to keep your codebase secure
unional asked Apr 22, 2023 in Code Security · Answered

1
You must be logged in to vote

Why new issues doesn't appear on Pull Request after SARIF upload
Bug Something isn't working correctly Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure
serhiykrupka asked Aug 8, 2023 in Code Security · Unanswered

1