| security_advisories: | |
| title: Fix and disclose a security vulnerability | |
| description: >- | |
| Using repository security advisories to privately fix a reported | |
| vulnerability and get a CVE. | |
| guides: | |
| - >- | |
| /code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/about-coordinated-disclosure-of-security-vulnerabilities | |
| - >- | |
| /code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database | |
| - >- | |
| /code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-global-security-advisories | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories | |
| - >- | |
| /code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories | |
| - >- | |
| /code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability | |
| - >- | |
| /code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/managing-privately-reported-security-vulnerabilities | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-an-organization | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/creating-a-repository-security-advisory | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/publishing-a-repository-security-advisory | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/editing-a-repository-security-advisory | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/deleting-a-repository-security-advisory | |
| - >- | |
| /code-security/security-advisories/working-with-repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory | |
| dependabot_alerts: | |
| title: Get notifications for insecure dependencies | |
| description: >- | |
| Set up Dependabot to alert you to new vulnerabilities or malware in your | |
| dependencies. | |
| guides: | |
| - /code-security/dependabot/dependabot-alerts/about-dependabot-alerts | |
| - >- | |
| /repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository | |
| - >- | |
| /code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts | |
| - >- | |
| /code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules | |
| - >- | |
| /code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts | |
| - >- | |
| /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates | |
| - >- | |
| /code-security/dependabot/troubleshooting-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies | |
| - >- | |
| /code-security/dependabot/troubleshooting-dependabot/troubleshooting-dependabot-errors | |
| dependabot_security_updates: | |
| title: Get pull requests to update your vulnerable dependencies | |
| description: >- | |
| Set up Dependabot to create pull requests when new vulnerabilities are | |
| reported. | |
| guides: | |
| - >- | |
| /code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates | |
| - >- | |
| /code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates | |
| - >- | |
| /code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts | |
| - >- | |
| /repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository | |
| - >- | |
| /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates | |
| - >- | |
| /code-security/dependabot/troubleshooting-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies | |
| dependency_version_updates: | |
| title: Keep your dependencies up-to-date | |
| description: >- | |
| Use Dependabot to check for new releases and create pull requests to update | |
| your dependencies. | |
| guides: | |
| - >- | |
| /code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates | |
| - >- | |
| /code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates | |
| - >- | |
| /code-security/dependabot/dependabot-version-updates/customizing-dependabot-prs | |
| - >- | |
| /code-security/dependabot/working-with-dependabot/dependabot-options-reference | |
| - >- | |
| /code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot | |
| - >- | |
| /code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions | |
| - >- | |
| /code-security/dependabot/troubleshooting-dependabot/listing-dependencies-configured-for-version-updates | |
| - >- | |
| /code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot | |
| - >- | |
| /code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot | |
| - >- | |
| /code-security/dependabot/maintain-dependencies/removing-dependabot-access-to-public-registries | |
| - >- | |
| /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates | |
| - >- | |
| /code-security/dependabot/troubleshooting-dependabot/troubleshooting-dependabot-errors | |
| secret_scanning: | |
| title: Scan for secrets | |
| description: >- | |
| Set up secret scanning to guard against accidental check-ins of tokens, | |
| passwords, and other secrets to your repository. | |
| guides: | |
| - /code-security/secret-scanning/introduction/about-secret-scanning | |
| - /code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository | |
| - /code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository | |
| - >- | |
| {% ifversion secret-scanning-validity-check-partner-patterns %} | |
| /code-security/secret-scanning/enabling-secret-scanning-features/enabling-validity-checks-for-your-repository{% endif %} | |
| - >- | |
| {% ifversion not fpt | |
| %}/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning{% | |
| endif %} | |
| - /code-security/secret-scanning/managing-alerts-from-secret-scanning | |
| - /code-security/secret-scanning/introduction/supported-secret-scanning-patterns | |
| - >- | |
| {% ifversion secret-scanning-push-protection | |
| %}/code-security/secret-scanning/introduction/about-push-protection{% | |
| endif %} | |
| - >- | |
| {% ifversion secret-scanning-push-protection-for-users | |
| %}/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/push-protection-for-users{% | |
| endif %} | |
| - >- | |
| {% ifversion secret-scanning-push-protection | |
| %}/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-command-line{% | |
| endif %} | |
| - >- | |
| {% ifversion secret-scanning-push-protection | |
| %}/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-in-the-github-ui{% | |
| endif %} | |
| - >- | |
| /code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning | |
| security_alerts: | |
| title: Explore and manage security alerts | |
| description: Learn where to find and resolve security alerts. | |
| guides: | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/security-overview/about-security-overview {% endif %} | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/security-overview/assessing-adoption-code-security {% | |
| endif %} | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/security-overview/assessing-code-security-risk {% endif | |
| %} | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/secret-scanning/managing-alerts-from-secret-scanning {% | |
| endif %} | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/code-scanning/managing-code-scanning-alerts/assessing-code-scanning-alerts-for-your-repository{% | |
| endif %} | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/code-scanning/managing-code-scanning-alerts/resolving-code-scanning-alerts{% | |
| endif %} | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests{% | |
| endif %} | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts{% | |
| endif %} | |
| - >- | |
| {% ifversion ghec or ghes | |
| %}/code-security/getting-started/auditing-security-alerts {% endif %} | |
| code_security_actions: | |
| title: Run code scanning with GitHub Actions | |
| description: >- | |
| Check your default branch and every pull request to keep vulnerabilities and | |
| errors out of your repository. | |
| guides: | |
| - >- | |
| /code-security/code-scanning/introduction-to-code-scanning/about-code-scanning | |
| - >- | |
| /code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning | |
| - >- | |
| /code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning | |
| - >- | |
| /code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages | |
| - >- | |
| /code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/running-codeql-code-scanning-in-a-container | |
| - /code-security/code-scanning/troubleshooting-code-scanning | |
| - >- | |
| /code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page | |
| code_security_integration: | |
| title: Integrate with code scanning | |
| description: Upload code analysis results from third-party systems to GitHub using SARIF. | |
| guides: | |
| - >- | |
| /code-security/code-scanning/integrating-with-code-scanning/about-integration-with-code-scanning | |
| - >- | |
| /code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github | |
| - >- | |
| /code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning | |
| - /rest/code-scanning | |
| end_to_end_supply_chain: | |
| title: End-to-end supply chain | |
| description: >- | |
| How to think about securing your user accounts, your code, and your build | |
| process. | |
| guides: | |
| - >- | |
| /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview | |
| - >- | |
| /code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts | |
| - /code-security/supply-chain-security/end-to-end-supply-chain/securing-code | |
| - >- | |
| /code-security/supply-chain-security/end-to-end-supply-chain/securing-builds | |