You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Reset actions-workshop content to main, remove .dev/ and PLAN.md
- Revert content/github-actions/2-code-scanning.md to main (remove UI text changes)
- Remove orphaned content/shared-images/setup-secret-protection.png
- Remove .dev/ sandbox tooling (not needed for this PR)
- Remove root PLAN.md planning artifact
Path updates in actions content (server/ → app/server/, client/ → app/client/)
are unchanged as they were already correct.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copy file name to clipboardExpand all lines: content/github-actions/2-code-scanning.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -35,7 +35,7 @@ Most projects depend on open source and external libraries. While modern develop
35
35
Public repositories on GitHub automatically have Dependabot alerts enabled. Let's configure Dependabot to also create PRs that update insecure library versions automatically.
36
36
37
37
1. Navigate to your repository on GitHub.
38
-
2. Select **Settings** > **Advanced security** (under **Security** in the sidebar).
38
+
2. Select **Settings** > **Code security** (under **Security** in the sidebar).
39
39
3. Locate the **Dependabot** section.
40
40
41
41
@@ -54,11 +54,11 @@ You've now enabled Dependabot alerts and security updates! When an insecure libr
54
54
55
55
Many developers have accidentally checked in code containing tokens or credentials. Regardless of the reason, even seemingly innocuous tokens can create a security issue. [Secret scanning][about-secret-scanning] detects tokens in your source code and raises alerts. With push protection enabled, pushes containing supported secrets are blocked before they reach your repository.
56
56
57
-
1. On the same **Advanced security** settings page, locate the **Secret Protection** section.
58
-
2. Next to **GitHub will always send alerts to partners for detected secrets in public repositories**, select **Enable**.
57
+
1. On the same **Code security** settings page, locate the **Secret scanning** section.
58
+
2. Next to **Receive alerts on GitHub for detected secrets, keys or other tokens**, select **Enable**.
59
59
3. Next to **Push protection**, select **Enable** to block pushes containing a [supported secret][supported-secrets].
60
60
61
-
61
+
62
62
63
63
You've now enabled secret scanning and push protection — helping prevent credentials from reaching your repository.
64
64
@@ -68,7 +68,7 @@ There is a direct relationship between the amount of code an organization writes
68
68
69
69
Let's enable code scanning with the default CodeQL setup. This runs automatically whenever code is pushed to `main` or a pull request targets `main`, and on a regular schedule to catch newly discovered vulnerabilities.
70
70
71
-
1. On the same **Advanced security** settings page, locate the **Code scanning** section.
71
+
1. On the same **Code security** settings page, locate the **Code scanning** section.
72
72
2. Next to **CodeQL analysis**, select **Set up** > **Default**.
73
73
74
74
0 commit comments