This course will show you how to build, host, and maintain a secure repository on GitHub. By following simple security best practices, you can rest easy knowing your project is secure for contributors and contributions today and in the future.
Collaboration is key to building great software. As you welcome more contributions, keeping your project secure becomes more important than ever.
In this course, you’ll learn how to:
This course has a dedicated message board on the GitHub Community Forum. Create a post to start a conversation, discuss this course with GitHub Trainers and participants, or troubleshoot any issues you encounter.
Enable settings in your repository for the next activities.
Find the vulnerable dependency, and comment with the suggested update version.
Edit the file in the pull request to update the dependency.
Merge the pull request you've opened to update the vulnerability dependency.
Install Dependabot on your repository.
Add a SECURITY.md file to your repository.
Merge the pull request.
Remove sensitive data pushed to a pull request
Approve the contributors pull request
The `.gitignore` file is ready to be edited in an open pull request. Add the `.env` file to the `.gitignore` file.
Merge the second pull request with updates to the `.gitignore` file.
Find historical reference to a previously committed .env file
Remove historical reference to a previously committed .env file
All public courses on Learning Lab are free.