Skip to main content

GitHub

Source code stored in GitHub can be scanned for risks. To configure this, please follow the steps below.

  1. Click the Integrations button

Vulnerabilities Compliance dashboard showing integrations button

  1. Click on GitHub and click Configure GitHub App.

Vulnerabilities Compliance dashboard showing un-configured GitHib integration

  1. You’ll be taken to the integration providers site for sign in. This example shows GitHub. Enter your username and password (and if promoted your 2FA code) and click Login.

Github integration login page showing username and password

  1. Pick the repositories you’d like us to analise and click Continue. Note: if you don’t enable all repositories, moving forward you’ll have to come back to the integrations area to include any new repositories you’d like to cover. By enabling All Repositories, new repositories will automatically be included in the platform.

Github integration permissions settings showing all repositories selected

  1. You’ll then be re-directed back to the platform where you’ll see a list of linked repositories, along with their scan status which will update as Vulnerabilities.io discovers the repository projects and dependencies. You can come back and re-configure which repositories are covered at any time coming back to the integrations page.

Vulnerabilities compliance repositories showing scanned repositories