Exercise - Secure your repository's supply chain

Completed

In this exercise, we secure your repository's supply chain through Dependency graph, Dependency alerts, Dependency security updates, and Dependency version updates.

This GitHub exercise is graded automatically once you attempt a solution to the challenge. The results of your actions and your helpful feedback are provided in real time within the grade-learner workflow logs.

Here are some helpful tips before you begin the exercise:

  • Read the Welcome section of the README file in the exercise's repository to understand more about the exercise.
  • Follow the steps provided in the How to start this course section to successfully complete the exercise.
  • To see the results of your exercise, navigate to your cloned repository's Actions tab and select the most recent run on the Grading workflow.
  • Stuck on what to do? Revisit the content in the last unit or check out the README file in the exercise's repository.

Note

A grading script exists under .github/workflows/grading.yml. You don't need to modify this workflow to complete this exercise. Altering the contents in this workflow can break the exercise's ability to validate your actions, provide feedback, or grade the results.

This exercise is a challenge based on content covered in this module, and there could be more than one way to successfully complete the exercise. If you get stuck, revisit previous content in this module or navigate to some of the other resources provided.

When you finish the exercise in GitHub, return here for your next unit.