GHAS FAQs

Question 1

How can I authenticate with GHAS?

Accepted Answer

GHAS supports authentication via either a GitHub Personal Access Token (PAT) or the authenticated GitHub CLI. Using the GitHub CLI is the more secure method and leverages your existing gh auth configuration.

Question 2

How do I install GHAS in VS Code?

Accepted Answer

You can install GHAS using the provided buttons on the tool's webpage, which redirect to vscode.dev or insiders.vscode.dev with installation instructions. The server uses the MCP framework.

Question 3

What scopes do I need for my PAT?

Accepted Answer

When using a Personal Access Token, make sure it has read-only access for Dependabot, secret scanning, and code scanning and that the token is configured for the correct organization.

Question 4

What is GHAS?

Accepted Answer

GHAS (GitHub Advanced Security) is a tool that provides access to Dependabot, secret scanning, and code scanning alerts for your GitHub repositories directly within VS Code and VS Code Insiders.

Question 5

Where can I find the GHAS configuration?

Accepted Answer

GHAS uses the MCP configuration. You can configure the server in the 'servers' section of your MCP configuration file.

GHAS

주요 기능

사용 사례

GHAS

주요 기능

사용 사례