jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-26 05:02:55 -05:00
Code Issues Projects Releases Wiki Activity
Files
b717dc01acfcc7dad52124a044ce68b3e10a8f75
docs/data/product-examples/code-security/code-examples.yml
Felicity Chapman 23b0b84111 Add Code security landing and guides pages (#19650)
2021-06-10 20:14:56 +00:00

81 lines
2.5 KiB
YAML
Raw Blame History

# Code scanning configurations
- title: CodeQL code scanning at Microsoft
description: Example code scanning workflow for the CodeQL action from the Microsoft Open Source repository.
href: /microsoft/opensource.microsoft.com/blob/main/.github/workflows/codeql-analysis.yml
languages:
- javascript
tags:
- CodeQL
- Code scanning
- GitHub Actions
- title: Adversarial Robustness Toolbox (ART) CodeQL code scanning
description: Example code scanning workflow for the CodeQL action from the Trusted AI repository.
href: /Trusted-AI/adversarial-robustness-toolbox/blob/main/.github/workflows/codeql-analysis.yml
languages:
- python
tags:
- CodeQL
- Code scanning
- GitHub Actions
# Security policies
- title: Microsoft security policy
description: Example security policy
href: /microsoft/microsoft.github.io/blob/master/SECURITY.MD
tags:
- Security policy
- title: Electron security policy
description: Example security policy
href: /electron/electron/blob/master/SECURITY.md
tags:
- Security policy
# Example of security advisory in a major product
- title: Security advisory for Rails
description: Security advisory published by Rails for CVE-2020-15169.
href: /rails/rails/security/advisories/GHSA-cfjv-5498-mph5
tags:
- Security advisory
# Sample scripts for enabling Dependabot alerts and security updates across a whole organization
- title: Enable Dependabot alerts and security updates automatically
description: Sample scripts for enabling Dependabot alerts and security updates across an entire organization.
href: /github/enable-security-alerts-sample
tags:
- Dependabot
- Alerts
- Security updates
- Organization
- Scripts
versions:
'free-pro-team': '*'
# Dependabot configuration only relevant to GitHub.com
# Convert "languages" to "package-ecosystems" for Dependabot configurations
- title: Super linter configuration
description: Example Dependabot version updates configuration from the Super linter repository.
href: /github/super-linter/blob/master/.github/dependabot.yml
languages:
- github-actions
- npm
- bundler
- docker
- pip
tags:
- Dependabot
- Version updates
- Configuration
versions:
'free-pro-team': '*'
- title: Dependabot version update PR
description: Example pull request generated by the Dependabot version updates configuration in the Super linter repository.
href: /github/super-linter/pull/1398
languages:
tags:
- Dependabot
- Version updates
- Pull requests
versions:
'free-pro-team': '*'
Reference in New Issue View Git Blame Copy Permalink