Get started with ease using security workflows!
GitHub Actions workflows in the Security category will now appear among the workflow recommendations based on a repository’s content.
A couple months ago, we announced improvements to the GitHub Actions “new workflow” experience, where we now recommend continuous integrations and deployment-related workflows based on an analysis of repository content.
Today, we are adding a Security category alongside the three existing categories – Automation, Continuous Integration, and Deployment. In-line with the other categories, workflows in the Security category will be recommended based on a repository’s content. To start with, we are adding code scanning workflows to the Security category to help prevent vulnerabilities from reaching production. These workflows can be scheduled to scan on specific days and times, or can be triggered when a certain event occurs in the repository, such as a push, to identify any vulnerabilities in your code.
Also, this allows customers to discover and configure code scanning workflows from the central GitHub Actions “new workflow” experience, as opposed to earlier when they had to navigate to the Security tab to set these up.
Additionally, we go one step further under the Security category and guide you to enable GitHub Advanced Security wherever applicable to configure these workflows.
How to get started
- These capabilities are available for all GitHub.com and GitHub Enterprise Cloud organizations today.
- Under the “Actions” tab in your repository, select “New Workflow.” Use the Security category, search, and filtering capabilities to find relevant templates.
New to using GitHub Actions workflows?
You can learn more about GitHub Actions workflows in our documentation. For any questions or suggestions, join the discussion here.
Tags:
Written by
Related posts
Students: Start building your skills with the GitHub Foundations certification
The GitHub Foundations Certification exam fee is now waived for all students verified through GitHub Education.
Announcing GitHub Secure Open Source Fund: Help secure the open source ecosystem for everyone
Applications for the new GitHub Secure Open Source Fund are now open! Applications will be reviewed on a rolling basis until they close on January 7 at 11:59 pm PT. Programming and funding will begin in early 2025.
Software is a team sport: Building the future of software development together
Microsoft and GitHub are committed to empowering developers around the world to innovate, collaborate, and create solutions that’ll shape the next generation of technology.