Secure your GitHub repositories with Amplify.
The Amplify GitHub App integrates the Amplify Security Platform with GitHub to secure your GitHub repositories and provide actionable security code fixes directly to developers in Pull Requests.
The Amplify Security GitHub integration is currently in beta. Documentation and functionality may change frequently.
View the Amplify Security GitHub App on the GitHub Marketplace.
View the Amplify Security GitHub Action on GitHub.
The Amplify GitHub App installs in your GitHub organization and allows Amplify to make Requests to the GitHub API on behalf of your organization. Amplify uses these privileges to receive notifications about Pull Requests and GitHub Actions Workflows, and to commit security code fixes directly to your repositories when approved by a user. Amplify also has the ability to open Pull Requests and comment on Pull Requests to provide security feedback through the GitHub App.
The Amplify GitHub Action is an action that runs configured security tools on your GitHub repository and sends security findings to the Amplify Platform. The Amplify GitHub Action is installed into the GitHub repositories added to the Github App when you approve the installation Pull Requests created by the Amplify Platform.
The Amplify GitHub Actions Workflow is the workflow installed in any GitHub repositories added
to the Amplify Platform. This Workflow runs the Amplify GitHub Action on every Pull Request and
on every push to the repository’s main
or master
branch.
The Amplify Platform currently relies on the name of the Workflow to track and display GitHub Workflows correctly. Do not change the name of the Workflow. This restriction will be lifted soon.
main
or master
By default, the Amplify workflow runs on all Pull Requests and on every push to the repository’s
main
or master
branch. To run on any additional branches, add them to the list of branches
in .github/workflows/amplify.yml
. For example, we will modify the section below to also execute
on the develop
branch. Note that the change in syntax from the above YAML is simply for readability.
Secure your GitHub repositories with Amplify.
The Amplify GitHub App integrates the Amplify Security Platform with GitHub to secure your GitHub repositories and provide actionable security code fixes directly to developers in Pull Requests.
The Amplify Security GitHub integration is currently in beta. Documentation and functionality may change frequently.
View the Amplify Security GitHub App on the GitHub Marketplace.
View the Amplify Security GitHub Action on GitHub.
The Amplify GitHub App installs in your GitHub organization and allows Amplify to make Requests to the GitHub API on behalf of your organization. Amplify uses these privileges to receive notifications about Pull Requests and GitHub Actions Workflows, and to commit security code fixes directly to your repositories when approved by a user. Amplify also has the ability to open Pull Requests and comment on Pull Requests to provide security feedback through the GitHub App.
The Amplify GitHub Action is an action that runs configured security tools on your GitHub repository and sends security findings to the Amplify Platform. The Amplify GitHub Action is installed into the GitHub repositories added to the Github App when you approve the installation Pull Requests created by the Amplify Platform.
The Amplify GitHub Actions Workflow is the workflow installed in any GitHub repositories added
to the Amplify Platform. This Workflow runs the Amplify GitHub Action on every Pull Request and
on every push to the repository’s main
or master
branch.
The Amplify Platform currently relies on the name of the Workflow to track and display GitHub Workflows correctly. Do not change the name of the Workflow. This restriction will be lifted soon.
main
or master
By default, the Amplify workflow runs on all Pull Requests and on every push to the repository’s
main
or master
branch. To run on any additional branches, add them to the list of branches
in .github/workflows/amplify.yml
. For example, we will modify the section below to also execute
on the develop
branch. Note that the change in syntax from the above YAML is simply for readability.