File tree Expand file tree Collapse file tree 1 file changed +16
-0
lines changed
Expand file tree Collapse file tree 1 file changed +16
-0
lines changed Original file line number Diff line number Diff line change @@ -149,3 +149,19 @@ For software that is not developed by Nethesis but is part of an upstream projec
1491494 . Once a fix is available from the upstream project, the team will integrate it into the affected products and release an update
150150
151151In both cases, the priority is to address vulnerabilities promptly and ensure the security of users.
152+
153+ ## Repository configuration
154+
155+ The repository configuration should follow some best practices to ensure the same level of security across all products.
156+ Use Renovate for dependency management, while Dependabot only for alerts without automatic pull requests.
157+
158+ Access `` Settings `` -> `` Advanced Security `` then select the following options:
159+ - `` Dependency graph `` : enabled
160+ - `` Automatic dependency submission `` : disabled
161+ - `` Dependabot alerts `` : enabled
162+ - `` Dependabot security updates `` : disabled
163+ - `` Grouped security updates `` : disabled
164+ - `` Dependabot version updates `` : disabled
165+ - `` Dependabot on Actions runners `` : enabled
166+ - `` Code scanning `` : disabled, feel free to enable it if you want to use it
167+ - `` Secret protection `` : disabled, feel free to enable it if you want to use it
You can’t perform that action at this time.
0 commit comments