GitHub Handbook
Policies and standards around security for the Department of Veterans Affairs GitHub organization.
Code Scanning
- What is the Current Code Scanning Policy
- What is GitHub Advanced Security CodeQL
- What are Required Pull Requests
- What are Required Workflows
- How to Configure CodeQL
- How to Update Repository Default Branch
- How to Enable Code Scanning Pull Request Failure Criteria
- How to Configure Jenkins Required Status Checks
- How to Request Temporary Bypass Permissions
- How to Remediate CodeQL Findings
- How to Request a Code Scanning Exemption
Secrets Management
Return to Policies and Standards