Movatterモバイル変換

ホーム

AI & ML
- AI & ML
  Learn about artificial intelligence and machine learning across the GitHub ecosystem and the wider industry.
  - Generative AI
    Learn how to build with generative AI.
  - GitHub Copilot
    Change how you work with GitHub Copilot.
  - LLMs
    Everything developers need to know about LLMs.
  - Machine learning
    Machine learning tips, tricks, and best practices.
- How AI code generation works
  Explore the capabilities and benefits of AI code generation and how it can improve your developer experience.
  Learn more
Developer skills
- Developer skills
  Resources for developers to grow in their skills and careers.
  - Application development
    Insights and best practices for building apps.
  - Career growth
    Tips & tricks to grow as a professional developer.
  - GitHub
    Improve how you use GitHub at work.
  - GitHub Education
    Learn how to move into your first professional role.
  - Programming languages & frameworks
    Stay current on what’s new (or new again).
- Get started with GitHub documentation
  Learn how to start building, shipping, and maintaining software with GitHub.
  Learn more
Engineering
- Engineering
  Get an inside look at how we’re building the home for all developers.
  - Architecture & optimization
    Discover how we deliver a performant and highly available experience across the GitHub platform.
  - Engineering principles
    Explore best practices for building software at scale with a majority remote team.
  - Infrastructure
    Get a glimpse at the technology underlying the world’s leading AI-powered developer platform.
  - Platform security
    Learn how we build security into everything we do across the developer lifecycle.
  - User experience
    Find out what goes into making GitHub the home for all developers.
- How we use GitHub to be more productive, collaborative, and secure
  Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.
  Learn more
Enterprise software
- Enterprise software
  Explore how to write, build, and deploy enterprise software at scale.
  - Automation
    Automating your way to faster and more secure ships.
  - CI/CD
    Guides on continuous integration and delivery.
  - Collaboration
    Tips, tools, and tricks to improve developer collaboration.
  - DevOps
    DevOps resources for enterprise engineering teams.
  - DevSecOps
    How to integrate security into the SDLC.
  - Governance & compliance
    Ensuring your builds stay clean.
- How enterprise engineering teams can successfully adopt AI
  Learn how to bring AI to your engineering teams and maximize the value that you get from it.
  Learn more
News & insights
- News & insights
  Keep up with what’s new and notable from inside GitHub.
  - Company news
    An inside look at news and product updates from GitHub.
  - Product
    The latest on GitHub’s platform, products, and tools.
  - Octoverse
    Insights into the state of open source on GitHub.
  - Policy
    The latest policy and regulatory changes in software.
  - Research
    Data-driven insights around the developer ecosystem.
  - The library
    Older news and updates from GitHub.
- Unlocking the power of unstructured data with RAG
  Learn how to use retrieval-augmented generation (RAG) to capture more insights.
  Learn more
Open Source
- Open Source
  Everything open source on GitHub.
  - Git
    The latest Git updates.
  - Maintainers
    Spotlighting open source maintainers.
  - Social impact
    How open source is driving positive change.
  - Gaming
    Explore open source games on GitHub.
- An introduction to innersource
  Organizations worldwide are incorporating open source methodologies into the way they build and ship their own software.
  Learn more
Security
- Security
  Stay up to date on everything security.
  - Application security
    Application security, explained.
  - Supply chain security
    Demystifying supply chain security.
  - Vulnerability research
    Updates from the GitHub Security Lab.
  - Web application security
    Helpful tips on securing web applications.
- The enterprise guide to AI-powered DevSecOps
  Learn about core challenges in DevSecOps, and how you can start addressing them with AI and automation.
  Learn more

The next step for LGTM.com: GitHub code scanning!

Today, GitHub code scanning has all of LGTM.com’s key features—and more! The time has therefore come to announce the plan for the gradual deprecation of LGTM.com.

Bas van Schaik·@sj

August 15, 2022

|3 minutes

Three years ago,the team that built LGTM.com joined GitHub. From that moment on, we have worked tirelessly to natively integrate its underlying CodeQL analysis technology into GitHub. In 2020, GitHub code scanning waslaunched in public beta, and later that year it becamegenerally available for everyone. GitHub code scanning is powered by the very same analysis engine: CodeQL.

We’ve since continued to invest in CodeQL and GitHub code scanning. Today, GitHub code scanning has all of LGTM.com’s key features—andmore! The time has therefore come to announce the plan for the gradual deprecation of LGTM.com.

End of August 2022: no more user sign-ups and new repositories

Starting at the end of August, LGTM.com will no longer accept new user sign-ups. It will also no longer be possible to add new repositories for analysis to LGTM.com. Existing users will continue to be able to log in and use LGTM.com, and the analysis of existing repositories will continue to work. However,historical analysis will no longer be performed–only new commits will be analyzed.

October: help migrate repositories to GitHub code scanning

We will do our best to help migrate repositories that actively use LGTM.com to flag potential security issues in their pull requests. For those repositories, we will create pull requests that add aGitHub Actions workflow that runs code scanning. Once that configuration file is merged, the repository’s source code (and future pull requests) will be scanned by GitHub code scanning. GitHub code scanning will flag any potential security issuesin pull requests and on the repository’ssecurity tab. Once that’s all working as it should, you can disable the LGTM.com integration.

Some repositories make use of advanced LGTM.com build and analysis configurations. In such cases, we might not be able to automatically propose a GitHub Actions workflow to set up code scanning. We will notify such repositories directly.

End of November: new commits and pull requests are no longer analyzed

At the end of November, LGTM.com will stop fetching new commits for the repositories that it analyzes. It will also stop analyzing pull requests on GitHub.com. Repositories that still use LGTM.com’s pull request analysis in the week(s) leading up to this deprecation phase will be reminded through a message in the pull request comments that are posted by LGTM.com.

16th of December: LGTM.com will be shut down

From the 16th of December, LGTM.com will no longer be available. This includes but is not limited to:

LGTM.com code quality badges
The LGTM query console (including historical results)
The LGTM documentation
All LGTM.com APIs

So long and thanks for all the fish!

On behalf of the entire LGTM.com team, we’d like to thank you all for joining us on this wonderful journey. From launching LGTM.com back in 2017, all the way throughGitHub’s acquisition of Semmle in 2019, the subsequentlaunch of GitHub code scanning, and all theimprovements we’ve since shipped: it’s been an absolutely amazing journey. Thank you!

FAQ

How do I get started with GitHub code scanning?

GitHub is committed to helping build safer and more secure software without compromising on the developer experience. To learn more or enable GitHub’s security features in repositories, like code scanning or Dependabot, check out thegetting started guide.

I love the LGTM.com query console—can I continue to use it?

If you are an active user of the LGTM.com query console and are not yet part of our beta program to test this functionality on GitHub, please leave us a notehere.