This version of GitHub Enterprise Server was discontinued on 2024-01-04. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.
Code security documentation
Build security into your GitHub workflow with features to keep secrets and vulnerabilities out of your codebase, and to maintain your software supply chain.
Start here
Popular
- Configuring Dependabot security updates- You can use Dependabot security updates or manual pull requests to easily update vulnerable dependencies. 
- Configuring Dependabot version updates- You can configure your repository so that Dependabot automatically updates the packages you use. 
- Configuring code scanning- You can configure code scanning for a repository to find security vulnerabilities in your code. 
- Securing your end-to-end supply chain- Introducing best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes.