GitHub code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production. Today we're excited to announce that code scanning is generally available on

  • Code scanning is free for public repositories. Learn more about how to enable code scanning today.
  • For private repositories, code scanning is available to GitHub Enterprise through Advanced Security. Contact Sales to learn more.
  • For those interested in helping to secure the open source ecosystem, we also invite you to contribute to the growing list of CodeQL queries and become part of our growing security community.
  • Read the full blog post.