Get started with ease using security workflows!
GitHub Actions workflows in the Security category will now appear among the workflow recommendations based on a repository’s content.
A couple months ago, we announced improvements to the GitHub Actions “new workflow” experience, where we now recommend continuous integrations and deployment-related workflows based on an analysis of repository content.
Today, we are adding a Security category alongside the three existing categories – Automation, Continuous Integration, and Deployment. In-line with the other categories, workflows in the Security category will be recommended based on a repository’s content. To start with, we are adding code scanning workflows to the Security category to help prevent vulnerabilities from reaching production. These workflows can be scheduled to scan on specific days and times, or can be triggered when a certain event occurs in the repository, such as a push, to identify any vulnerabilities in your code.
Also, this allows customers to discover and configure code scanning workflows from the central GitHub Actions “new workflow” experience, as opposed to earlier when they had to navigate to the Security tab to set these up.
Additionally, we go one step further under the Security category and guide you to enable GitHub Advanced Security wherever applicable to configure these workflows.
How to get started
- These capabilities are available for all GitHub.com and GitHub Enterprise Cloud organizations today.
- Under the “Actions” tab in your repository, select “New Workflow.” Use the Security category, search, and filtering capabilities to find relevant templates.
New to using GitHub Actions workflows?
You can learn more about GitHub Actions workflows in our documentation. For any questions or suggestions, join the discussion here.
Tags:
Written by
Related posts
Code referencing now generally available in GitHub Copilot and with Microsoft Azure AI
Announcing the general availability of code referencing in GitHub Copilot and Microsoft Azure AI, allowing developers to permit code suggestions containing public code matches while receiving detailed information about the match.
The nuances and challenges of moderating a code collaboration platform
Sharing the latest data update to our Transparency Center alongside a new research article on what makes moderating a code collaboration platform unique.
GitHub Copilot now available in github.com for Copilot Individual and Copilot Business plans
With this public preview, we’re unlocking the context of your code and collaborators—and taking the next step in infusing AI into every developer’s workflow.