What triggers Code Scanning runs?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

What triggers Code Scanning runs?

Explanation:
Code Scanning is designed to analyze code as changes are introduced, so it is naturally triggered by code changes themselves. When you push commits to a branch or open or update a pull request, the Code Scanning workflow runs to check the new or merged code for issues. The results are produced in SARIF format, which GitHub uses to present findings in the Code Scanning UI. It isn’t limited to manual starts, nor is it restricted to after a merge or to a nightly schedule—the common and expected triggers are pushes and pull requests, with other triggers possible only if you explicitly configure them.

Code Scanning is designed to analyze code as changes are introduced, so it is naturally triggered by code changes themselves. When you push commits to a branch or open or update a pull request, the Code Scanning workflow runs to check the new or merged code for issues. The results are produced in SARIF format, which GitHub uses to present findings in the Code Scanning UI. It isn’t limited to manual starts, nor is it restricted to after a merge or to a nightly schedule—the common and expected triggers are pushes and pull requests, with other triggers possible only if you explicitly configure them.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy