Congratulations @sungpogi, you've completed this course! You can see your published memory game on GitHub Pages with the updated wolverine image.
When considering the security of your repository, consider the installed applications, like me. Every app installed on your repository has access to some of your data. Even if it is harmless (like me), it is a good idea to periodically check and prune the list of installed apps and integrations on your repositories. Look for things like active use, or permissions giving more access than necessary.
In summary
We learned how to:
Enable vulnerable dependency detection for private repositories
Detect and fix outdated dependencies with security vulnerabilities
Automate the detection of vulnerable dependencies with Dependabot
Add a security policy with the a SECURITY.md file
Remove a commit exposing sensitive data in a pull request
Keep sensitive files out of your repository by leveraging the use of a .gitignore file
Remove historical commits exposing sensitive data deep in your repository
Nice work
Congratulations @sungpogi, you've completed this course! You can see your published memory game on GitHub Pages with the updated wolverine image.
When considering the security of your repository, consider the installed applications, like me. Every app installed on your repository has access to some of your data. Even if it is harmless (like me), it is a good idea to periodically check and prune the list of installed apps and integrations on your repositories. Look for things like active use, or permissions giving more access than necessary.
In summary
We learned how to:
SECURITY.md
file.gitignore
fileWhat's next?
Want to learn more options to secure your repository? Check out the documentation for security alerts, as well as some GitHub apps for security that might help you keep your code safe.
Keep Learning
Want to keep learning? Feel free to check out our other courses.
I won't respond to this issue, go ahead and close it when finished.