The company announced several new products at its Satellite virtual conference, including ones aimed at helping customers write and consume more secure code.
These new security features, code scanning and secret scanning, are currently in beta. GitHub says code scanning helps developers identify potential vulnerabilities in every “git push,” with results being displayed directly in their pull requests.
The code scanning feature leverages the CodeQL code analysis engine. CodeQL has been offered for free to open source projects as part of an initiative announced by GitHub last year, and the company says the new code scanning feature will be free as well for open source software.
