GitHub Community

GitHub Community Discussions Billing & Subscription Guide 💳
General shinybrightstar
GHAS Code Security Series - Part 1: Setting Up Organization-Wide Code Scanning
Discover vishaljsoni
🌌 GitHub Universe 2025 Community Release Recap
Announcements ebndev
🚢 Upcoming Webinar: Recapping Universe 2025 releases
Announcements queenofcorgis

Discussions

You must be logged in to vote

Auto-triage rules for Dependabot
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale. Changelog A discussion post associated with a Changelog post
erinhav asked May 2, 2023 in Code Security · Closed · Unanswered

55
You must be logged in to vote

Secret scanning: on-demand revocation for GitHub personal access tokens - feedback
📣 ANNOUNCEMENT Announcements from the GitHub Community team Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage 👂 Feedback Wanted GitHub wants to hear your feedback
erinhav asked Sep 27, 2024 in Code Security · Closed · Unanswered

7
You must be logged in to vote

🆕 Dependency Review Action (Beta) Feedback - [Update: Released]
📣 ANNOUNCEMENT Announcements from the GitHub Community team Beta A feature that is in preview per: https://github.com/orgs/community/discussions/141918 Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
courtneycl asked Apr 6, 2022 in Code Security · Closed · Answered

19
You must be logged in to vote

Feedback requested: New security configurations feature! 🎉
🚀 Shipped A feature has been released Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements Changelog A discussion post associated with a Changelog post
KateCatlin asked Mar 27, 2024 in Code Security · Closed · Unanswered

80
You must be logged in to vote

The alert you requested has been withdrawn and is no longer available.
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
gsirris asked Feb 22, 2024 in Code Security · Closed · Unanswered

4
You must be logged in to vote

Security Alerts Getting Withdrawn Without Trace – Feature Request / Bug Report
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
SAIKARTHIKGOTURI asked Feb 19, 2025 in API and Webhooks · Closed · Unanswered

2
You must be logged in to vote

[Dependabot] Sudden change in access required for dependabot commands. Is this documented?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
melink14 asked Feb 20, 2023 in Code Security · Closed · Unanswered

17
You must be logged in to vote

Malicious github deployments
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
dppf asked Aug 19, 2024 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Locking up 2024 [Code Security Mini Check-in]
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
grandmas-favorite asked Jan 19, 2024 in Code Security · Closed · Unanswered

1
You must be logged in to vote

GitHub Action needed: GitHub Personal Access Token found in gist, any app using this secret may be affected
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
Jemt asked Aug 5, 2024 in Code Security · Closed · Unanswered

3
You must be logged in to vote

wrong author on squash PR merge
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
tcaduser asked Sep 10, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

CodeQL Failed - Exit code was 32 and error was: CodeQL detected code written in Java/Kotlin but could not process any of it.
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
hanwenzhang123 asked Sep 23, 2023 in Code Security · Closed · Unanswered

4
You must be logged in to vote

Dependabot support for pnpm v9
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
tuler asked Apr 17, 2024 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Does credited people on a draft advisory gets access to view it?
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
surli asked Nov 21, 2022 in Code Security · Closed · Unanswered

3
You must be logged in to vote

How do I find out who has access to a repository?
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
simon-friedberger asked Sep 4, 2024 in Code Security · Closed · Unanswered

10
You must be logged in to vote

Feedback on How GitHub Securely Uses GitHub
Code Security Build security into your GitHub workflow with features to keep your codebase secure Universe 2023 All things related to our global developer conference, Universe 2023 Speaker Authored by GitHub Universe speakers: Ask questions or provide feedback on the session/workshop
mrecachinas asked Nov 7, 2023 in Code Security · Closed · Unanswered

0
You must be logged in to vote

.NET transitive dependencies not showing on dependency chart
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
vmcbaptista asked Nov 19, 2024 in Code Security · Closed · Unanswered

7
You must be logged in to vote

SOC 2 or ISO 27001 certificate
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
ynemets asked Nov 25, 2022 in Code Security · Closed · Unanswered

4
You must be logged in to vote

What is external code execution in the insecure-external-code-execution option on Dependabot?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
yykamei asked Jun 21, 2023 in Code Security · Closed · Answered

8
You must be logged in to vote

2FA options
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
minefox199 asked Sep 14, 2023 in Code Security · Closed · Unanswered

15
You must be logged in to vote

No notifications for dependabot failures
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
pvanderlinden asked Mar 15, 2024 in Code Security · Closed · Unanswered

1
You must be logged in to vote

disable Copilot Chat for our organization
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
aneeseisouh asked Mar 20, 2025 in Code Security · Closed · Unanswered

3
You must be logged in to vote

Secret Scanning Issue: Same Secret in Multiple Files/Commits Is Grouped as a Single Finding
Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
gozuata asked Jun 10, 2025 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Dependabot daily job fail - "Update check cancelled' error
Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Enterprise Discussions related to GitHub Enterprise Cloud, Enterprise Server and Organizations
DanyC97 asked Jun 23, 2023 in Enterprise · Closed · Answered

9
You must be logged in to vote

Dependabot with AWS CodeArtifact as npm-registry
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
andreadeluisi-ryte asked Dec 1, 2022 in Code Security · Closed · Unanswered

4