From the course: Foundational JavaScript Security
Join today to access over 25,300 courses taught by industry experts.
Introduction to GitHub Dependabot - JavaScript Tutorial
From the course: Foundational JavaScript Security
Introduction to GitHub Dependabot
- [Manny] GitHub has recently added a nice tool to evaluate your dependencies for free and provide some alerts when there are some issues with a specific package in the application. So let's take a look at it. So what I'm going to do is select any of my repos and go, for example, to react example and the way you actually enable Dependabots is by going to security and once you get to security; in this area you have a few things. So first you have security policies, which you can set. What are the advisories inside of that particular repo? And then you see Dependabots alert and this basically will take a look at your dependencies and let you know when there are vulnerabilities inside of one of your dependency. Pretty much what we got with Snick, but directly on the repos with this one here. So as you can see right now it's enabled for me, but if it wasn't, you would see a button here that said enable. Once you click on it…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Reconnaissance introduction4m 59s
-
(Locked)
Introduction and setup for Snyk4m 34s
-
(Locked)
Introduction to GitHub Dependabot3m 22s
-
(Locked)
Introduction to AppSensor1m 17s
-
(Locked)
Reconnaissance applied to project45s
-
(Locked)
Challenge: What is the purpose of reconnaissance?25s
-
(Locked)
Solution: What is the purpose of reconnaissance?35s
-
(Locked)
-
-
-