A room filled with locks, shields, and security monitors
You enter a room bristling with security measures. Locks, shields, and security monitors surround you. A stern voice declares: “Secure your code to proceed!”
Your Mission
Enable Dependabot alerts for your repository.
Add a security policy to your repository.
Run a code scanning alert using GitHub Actions (if your repository is public).
Instructions
Go to your repository’s “Settings” tab.
Click on “Security & analysis” in the left sidebar.
Enable Dependabot alerts.
In your repository, create a new file at .github/SECURITY.md.
Add basic security guidelines to this file.
If your repository is public, enable code scanning in the “Security & analysis” settings.
Important: Always be cautious when dealing with security settings. Make sure you understand each feature before enabling it.
Example Security Policy
# Security Policy
## Reporting a Vulnerability
If you discover a security vulnerability within this project, please send an e-mail to security@example.com. All security vulnerabilities will be promptly addressed.
## Supported Versions
Use this section to tell people about which versions of your project are currently being supported with security updates.
| Version | Supported |
| ------- | ------------------ |
| 5.1.x | :white_check_mark: |
| 5.0.x | :x: |
| 4.0.x | :white_check_mark: |
| <4.0|:x:|
After setting up your security policy, what email address did you specify for reporting vulnerabilities? Enter it below:
[Input field for email address]
Well done, security expert! You’ve fortified your repository. On to the final challenge!
