Maintain a secure repository by using GitHub best practices

Beginner
DevOps Engineer
Administrator
Developer
Solution Architect
GitHub
Azure

Learn best practices for building, hosting, and maintaining a secure repository on GitHub.

Learning objectives

In this module, you will:

  • Enable vulnerable dependency detection for private repositories
  • Detect and fix outdated dependencies with security vulnerabilities
  • Automate the detection of vulnerable dependencies with Dependabot
  • Add a security policy with a SECURITY.md file
  • Remove a commit exposing sensitive data in a pull request
  • Keep sensitive files out of your repository by leveraging the use of a .gitignore file
  • Remove historical commits exposing sensitive data deep in your repository

Prerequisites

  • A GitHub account
  • The ability to navigate and edit files in GitHub