Security policies and standards for the Department of Veterans Affairs GitHub organization, including code scanning requirements and secrets management.
Code Scanning
The VA requires code scanning for all repositories with supported languages. Learn more about:
- Current Code Scanning Policy and Requirements
- Understanding GitHub Advanced Security CodeQL
- Configuring CodeQL for Your Repository
- Managing Repository Default Branches
- Requesting Code Scanning Exemptions
- Exempting Service Accounts and GitHub Apps
Secrets Management
Learn how to properly handle sensitive information:
Return to Policies and Standards