jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity

Add networking requirement to Dependabot on self-hosted runners article (#52924)

Browse Source 
Co-authored-by: Art Leo <gitulisca@github.com>
This commit is contained in:
mc
2024-11-01 09:12:36 +00:00
committed by GitHub
parent 8935c41908
commit e576141957
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
data/reusables/dependabot/dependabot-runners-network-requirements.md
View File

@@ -1 +1,6 @@
{% data variables.product.prodname_dependabot %} runners require access to the public internet, {% data variables.product.prodname_dotcom_the_website %}, and any internal registries that will be used in {% data variables.product.prodname_dependabot_updates %}. To minimize the risk to your internal network, you should limit access from the Virtual Machine (VM) to your internal network. This reduces the potential for damage to internal systems if a runner were to download a hijacked dependency. {% data variables.product.prodname_dependabot %} runners require access to the public internet, {% data variables.product.prodname_dotcom_the_website %}, and any internal registries that will be used in {% data variables.product.prodname_dependabot_updates %}. To minimize the risk to your internal network, you should limit access from the Virtual Machine (VM) to your internal network. This reduces the potential for damage to internal systems if a runner were to download a hijacked dependency.
{% ifversion fpt or ghec %}
You must also allow outbound traffic to `dependabot-actions.githubapp.com` to prevent the jobs for {% data variables.product.prodname_dependabot_security_updates %} from failing. For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github)."
{% endif %}