You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: _labs/lab2.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -56,23 +56,23 @@ Now that we have all of the security feature enabled, let's review the security
56
56
57
57
</details>
58
58
59
-
9. If you put your cursor in the search box (should have `is:open` by default), there are additional filter options. Some of the common filter options are **scope** (runtime or development) and **has** (for example, `has:patch`).
60
-
10. Update the search query to `is:open has:patch`. This will filter out all of the alerts that don't have a patch available and only show alerts where there is a non-vulnerable version to upgrade to.
59
+
13. If you put your cursor in the search box (should have `is:open` by default), there are additional filter options. Some of the common filter options are **scope** (runtime or development) and **has** (for example, `has:patch`).
60
+
14. Update the search query to `is:open has:patch`. This will filter out all of the alerts that don't have a patch available and only show alerts where there is a non-vulnerable version to upgrade to.
61
61
62
62
<details>
63
63
64
64
</details>
65
65
66
66
67
-
11. Auto-triage your alerts allows you control over how Dependabot opens pull requests, ignores false positives and snoozes alerts. Navigate to the **Settings** tab (the icon of the gear) in the repo, back to **Code Scanning**, then find **Dependabot rules** underneath **Dependabot**.
67
+
15. Auto-triage your alerts allows you control over how Dependabot opens pull requests, ignores false positives and snoozes alerts. Navigate to the **Settings** tab (the icon of the gear) in the repo, back to **Code Scanning**, then find **Dependabot rules** underneath **Dependabot**.
68
68
69
-
12. Add a rule to snooze any alerts that do not have a fix available. Choose the "gear" icon and select the **New rule** button. Name the rule `Snooze when no patch available`, add a target metadata for all npm packages: `ecosystem:npm` and ensure the **Dismiss Alerts - Until patch is available** is selected. Next, select **Create rule**.
69
+
16. Add a rule to snooze any alerts that do not have a fix available. Choose the "gear" icon and select the **New rule** button. Name the rule `Snooze when no patch available`, add a target metadata for all npm packages: `ecosystem:npm` and ensure the **Dismiss Alerts - Until patch is available** is selected. Next, select **Create rule**.
70
70
71
71
<details>
72
72
73
73
</details>
74
74
75
-
13. Navigating back to the **Security** tab / **Dependabot** under the **Vulnerability alerts** heading. You will see **1 Closed** heading. Select this to find your alert **Command Injection in marsdb** without any fix has now been **Dismissed** as **auto-dismissed**. The audit log will note **Repository rule created and Snooze when no patch available was applied**
75
+
17. Navigating back to the **Security** tab / **Dependabot** under the **Vulnerability alerts** heading. You will see **1 Closed** heading. Select this to find your alert **Command Injection in marsdb** without any fix has now been **Dismissed** as **auto-dismissed**. The audit log will note **Repository rule created and Snooze when no patch available was applied**
0 commit comments