Secure your supply chain, understand dependencies in your environment, know about vulnerabilities in those dependencies and patch them.
GitHub helps you secure your supply chain, from understanding the dependencies in your environment, to knowing about vulnerabilities in those dependencies and patching them.
- Who this is for: Developers, DevOps Engineers, Site Reliability Engineers, Security experts
- What you'll learn: How to view repository dependencies, view Dependabot alerts, and enable Dependabot security and version updates
- What you'll build: Repository dependencies, Dependabot alerts, pull requests to fix dependencies and version updates
- Prerequisites: None
- Timing: This course can be completed in under an hour
In this course, you will explore:
- Dependency graph
- Dependency alerts
- Dependency security updates
- Dependency versions updates
- Right-click Start course and open the link in a new tab.
- In the new tab, most of the prompts will automatically fill in for you.
- For owner, choose your personal account or an organization to host the repository.
- We recommend creating a public repository, as private repositories will use Actions minutes.
- Scroll down and click the Create repository button at the bottom of the form.
- After your new repository is created, wait about 20 seconds, then refresh the page. Follow the step-by-step instructions in the new repository's README.
Get help: Post in our discussion board • Review the GitHub status page
© 2024 GitHub • Code of Conduct • MIT License