Skip to main content

Enabling GitHub Code Quality

Enable Code Quality across your organization's repositories to automatically identify and remediate code quality issues at scale, helping you maintain consistency and reduce operational risk.

Who can use this feature?

Repository owners, organization owners, and users with the admin role

GitHub Team or GitHub Enterprise Cloud

Note

GitHub Code Quality is currently in public preview and will become generally available on July 20, 2026. During public preview, Code Quality will not be billed, although Code Quality scans will consume GitHub Actions minutes. From July 20, 2026, usage will incur charges. See GitHub Code Quality billing.

Prerequisites

  • An enterprise owner must have allowed Code Quality in your enterprise. See Allowing use of GitHub Code Quality in your enterprise.
  • GitHub Actions must be enabled because Code Quality uses actions to run each CodeQL analysis.
  • To get the full benefit of the feature, your repository should include one of the languages supported for quality analysis by CodeQL. See Supported languages.

Enabling Code Quality for your repository

  1. On GitHub, navigate to the main page of the repository.

  2. Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of a repository header showing the tabs. The "Settings" tab is highlighted by a dark orange outline.

  3. In the sidebar, under "Security", click Code quality to display the "Code quality" page.

  4. Click Enable code quality.

  5. Review the information on the Code quality page:

  6. Click Save changes to save your configuration for Code Quality.

Tip

If your organization has configured caching of private registries, these will be available for code quality analysis to use to resolve dependencies. See Giving security features access to private registries.

Enabling Code Quality for your organization

Note

Organization-level repository targeting for GitHub Code Quality is in public preview and subject to change.

At the organization level, you control Code Quality with a single Repository access setting. This gives you granular options, from enabling every repository to targeting a specific list or a dynamic filter, so you can pilot Code Quality intentionally and roll it out at your own pace. Repositories within your selection are enabled, and repositories outside your selection are disabled.

For the available access options, and how filtering and enforcement work, see About GitHub Code Quality.

  1. On GitHub, navigate to the main page of the organization.

  2. Under your organization name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of the tabs in an organization's profile. The "Settings" tab is outlined in dark orange.

  3. In the sidebar, under "Security", click Code quality.

  4. Under "Repository access", select an option from the dropdown menu.

    • If you selected Selected repositories..., choose the repositories you want to enable.
    • If you selected Matching a filter..., define your filter.
  5. Optionally, to prevent repository administrators from changing these settings, enable Enforce access.

  6. If your change enables or disables Code Quality on any repositories, a "Review enablement and billing changes" dialog appears, showing the total number of enabled and disabled repositories and the associated costs. Review the details, then click Confirm.

Your changes are saved automatically and begin to propagate immediately. In large organizations, it can take several minutes for the changes to apply across all repositories.

Next steps