Securing your workflows

This course will show you how to build, host, and maintain a secure repository on GitHub. By following simple security best practices, you can rest easy knowing your project is secure for contributors and contributions today and in the future.

Collaboration is key to building great software. As you welcome more contributions, keeping your project secure becomes more important than ever.

What you'll learn

In this course, you’ll learn how to:

• Enable security features for repositories hosted in GitHub
• Detect vulnerable dependencies in repositories when notified by GitHub's security alerts
• Utilize best practices to keep sensitive data out of repositories

You'll be able to answer questions like:

• How do I protect my open-source project?
• What should I keep out of my GitHub repository?
• How do I keep sensitive data out of my repository?
• How do I keep track of package vulnerabilities?

What you'll build

Our Octocat memory game is a fun simple project for you to work with as you learn security strategies.

What you need to know

We assume you know GitHub concepts before you start this course. If you need a review, try out Introduction to GitHub. We assume you understand what a package and package manager or dependency manager is.

What we'll use

This project can use GitHub pages to host the memory game. The game uses some minimal JavaScript and CSS. You don't need to work with either in this course. You won't need to do anything outside of the GitHub interface for this course.

Who this is for

This is a great course for anyone who has a GitHub repository, public or private. These practices will help keep your project safe. This is also a great course for anyone who wants to start a new project on GitHub.