November 27, 2020

GitHub Security

Moving Existing code into GitHub

Migrating an existing project to GitHub from the command line on Mac or Linux. The optional steps are used if the directory contains

  1. cd into the directory for the project
  2. (optional) rm -rf .git
  3. (optional) rm .gitattributes
  4. (optional) rm .gitignore
  5. git init
  6. git add .
  7. git commit -m "Initial Commit from mbp2019"
  8. git remote add origin https://github.com/<youraccountname>/<application>.git
  9. git remote -v
  10. git push --set-upstream origin master
  11. git status

GitHub Security Features

Once the repo is in GitHub, turn on the security features.

Security Overview
Security Policy
Dependabot Alerts page before being populated with findings
Security & Analysis

Dependabot Alerts

After the Dependabot scan finishes, the alerts will populate the Dependabot alerts page.

Dependabot Generated Pull Request

After the alerts are generated, Dependabot automatically creates Pull Requests for each vulnerable version.