/secure-repository-supply-chain

Secure your supply chain, understand dependencies in your environment, know about vulnerabilities in those dependencies and patch them

Primary LanguageC#MIT LicenseMIT

Secure your repository's supply chain

Secure your supply chain, understand dependencies in your environment, know about vulnerabilities in those dependencies and patch them.

Welcome

GitHub helps you secure your supply chain, from understanding the dependencies in your environment, to knowing about vulnerabilities in those dependencies and patching them.

  • Who this is for: Developers, DevOps Engineers, Site Reliability Engineers, Security experts
  • What you'll learn: How to view repository dependencies, view Dependabot alerts, and enable Dependabot security and version updates
  • What you'll build: Repository dependencies, Dependabot alerts, pull requests to fix dependencies and version updates
  • Prerequisites: None
  • Timing: This course can be completed in under an hour

In this course, you will explore:

  1. Dependency graph
  2. Dependency alerts
  3. Dependency security updates
  4. Dependency versions updates

How to start this course

start-course

  1. Right-click Start course and open the link in a new tab.
  2. In the new tab, most of the prompts will automatically fill in for you.
    • For owner, choose your personal account or an organization to host the repository.
    • We recommend creating a public repository, as private repositories will use Actions minutes.
    • Scroll down and click the Create repository button at the bottom of the form.
  3. After your new repository is created, wait about 20 seconds, then refresh the page. Follow the step-by-step instructions in the new repository's README.

Get help: Post in our discussion boardReview the GitHub status page

© 2024 GitHub • Code of ConductMIT License