Skip to content

Code Scanning

Jump to bottom
Christoph Held edited this page Jun 22, 2024 · 1 revision

GitHub Code Scanning is a security feature designed to identify and report security vulnerabilities in the codebase. The process runs on every commit and pull request. GitHub Code Scanning is enabled by default for all repositories within the Allianz GitHub organization.

GitHub Code Scanning utilizes the code analysis engine CodeQL. The supported languages are:

  • C/C++
  • C#
  • Go
  • Java/Kotlin
  • JavaScript/TypeScript
  • Python
  • Ruby
  • Swift

Compiled languages must be built during the analysis process. In many cases, no configuration is required. However, in some cases, a custom configuration might be necessary. In such cases, GitHub will display an error message and provide guidance through the necessary steps.

1. Contributing Guidelines

2. Repository Lifecycle

3. Team Management

4. Security

Clone this wiki locally