This course will show you how to build, host, and maintain a secure repository on GitHub. By following simple security best practices, you can rest easy knowing your project is secure for contributors and contributions today and in the future.
Collaboration is key to building great software. As you welcome more contributions, keeping your project secure becomes more important than ever.
This course will answer common questions like:
.gitignoreand how do I use it?
In this course, you’ll learn how to:
This course is a great introduction. If you're unfamiliar with working in Pull Requests, consider taking the following course.
This course makes use of the following open source projects. Consider exploring these repos and maybe even making contributions!
Developers, new GitHub users, teams, security professionals, open source maintainers
Enable settings in your repository for the next activities.
Find the vulnerable dependency, and comment with the suggested update version.
Edit the file in the pull request to update the dependency.
Merge the pull request you've opened to update the vulnerability dependency.
Install Dependabot on your repository.
Add a SECURITY.md file to your repository.
Merge the pull request.
Remove sensitive data pushed to a pull request
Approve the contributors pull request
.gitignore file is ready to be edited in an open pull request. Add the
.env file to the
Merge the second pull request with updates to the
Find historical reference to a previously committed .env file
Remove historical reference to a previously committed .env file
All public courses on Learning Lab are free.