GitHub code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production. Scan code as it's created with CodeQL—the most powerful code analysis engine—while building with the open source and external security tools you already trust.

Interested in free code scanning for public repositories? Get started.