Get started with ease using security workflows!
GitHub Actions workflows in the Security category will now appear among the workflow recommendations based on a repository’s content.
A couple months ago, we announced improvements to the GitHub Actions “new workflow” experience, where we now recommend continuous integrations and deployment-related workflows based on an analysis of repository content.
Today, we are adding a Security category alongside the three existing categories – Automation, Continuous Integration, and Deployment. In-line with the other categories, workflows in the Security category will be recommended based on a repository’s content. To start with, we are adding code scanning workflows to the Security category to help prevent vulnerabilities from reaching production. These workflows can be scheduled to scan on specific days and times, or can be triggered when a certain event occurs in the repository, such as a push, to identify any vulnerabilities in your code.
Also, this allows customers to discover and configure code scanning workflows from the central GitHub Actions “new workflow” experience, as opposed to earlier when they had to navigate to the Security tab to set these up.
Additionally, we go one step further under the Security category and guide you to enable GitHub Advanced Security wherever applicable to configure these workflows.
How to get started
- These capabilities are available for all GitHub.com and GitHub Enterprise Cloud organizations today.
- Under the “Actions” tab in your repository, select “New Workflow.” Use the Security category, search, and filtering capabilities to find relevant templates.
New to using GitHub Actions workflows?
You can learn more about GitHub Actions workflows in our documentation. For any questions or suggestions, join the discussion here.
Tags:
Written by
Related posts
Celebrating the GitHub Awards 2024 recipients 🎉
The GitHub Awards celebrates the outstanding contributions and achievements in the developer community by honoring individuals, projects, and organizations for creating an outsized positive impact on the community.
New from Universe 2024: Get the latest previews and releases
Find out how we’re evolving GitHub and GitHub Copilot—and get access to the latest previews and GA releases.
Bringing developer choice to Copilot with Anthropic’s Claude 3.5 Sonnet, Google’s Gemini 1.5 Pro, and OpenAI’s o1-preview
At GitHub Universe, we announced Anthropic’s Claude 3.5 Sonnet, Google’s Gemini 1.5 Pro, and OpenAI’s o1-preview and o1-mini are coming to GitHub Copilot—bringing a new level of choice to every developer.