Learn security best practices and keep your project’s contributions—and contributors—safe.
Start free course Join 2969 others!
This course will show you how to build, host, and maintain a secure repository on GitHub. By following simple security best practices, you can rest easy knowing your project is secure for contributors and contributions today and in the future.
Collaboration is key to building great software. As you welcome more contributions, keeping your project secure becomes more important than ever.
This course will answer common questions like:
.gitignore
and how do I use it?In this course, you’ll learn how to:
SECURITY.md
file.gitignore
fileThis course is a great introduction. If you're unfamiliar with working in Pull Requests, consider taking the following course.
This course makes use of the following open source projects. Consider exploring these repos and maybe even making contributions!
Developers, new GitHub users, teams, security professionals, open source maintainers
Enable settings in your repository for the next activities.
Find the vulnerable dependency, and comment with the suggested update version.
Edit the file in the pull request to update the dependency.
Merge the pull request you've opened to update the vulnerability dependency.
Install Dependabot on your repository.
Add a SECURITY.md file to your repository.
Merge the pull request.
Remove sensitive data pushed to a pull request
Approve the contributors pull request
The .gitignore
file is ready to be edited in an open pull request. Add the .env
file to the .gitignore
file.
Merge the second pull request with updates to the .gitignore
file.
Find historical reference to a previously committed .env file
Remove historical reference to a previously committed .env file
55 minutes
All public courses on Learning Lab are free.
This course will teach you skills for finding relevant conversations, commits, and projects in a...
Add your own GitHub feature, automate workflows, and more with GitHub Apps.
If you are looking for a quick and fun introduction to GitHub, you've found it. This class will get...
Learn new skills by completing fun, realistic projects in your very own GitHub repository.