GitHub Advanced Security Pull Request Security Team required review GitHub App

A GitHub Action that sends email notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency

GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations

Utility to generate tokens to interact with the GitHub API via GitHub App integration

Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations

Use code search to populate an MRVA repo list in VSCode

GitHub Action for filtering Code Scanning alerts by path and id

Examples of Custom Secret Scanning Patterns

GH CLI CodeQL Scan Extension

Play with GHAS API to provide posture data over time

A script which will return the total number of unique de-deuped active committers across multiple GHES instances

This repository contains pipeline files for various CI/CD systems, illustrating how to integrate the CodeQL Runner for Automated Code Scanning

Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extension

A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow

Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts