From the course: Windsurf for Privacy-Conscious Development
Join today to access over 25,500 courses taught by industry experts.
Dependabot - Windsurf Tutorial
From the course: Windsurf for Privacy-Conscious Development
Dependabot
- [Presenter] Dependabot automates the critical, but time-consuming task of keeping dependencies secure and up to date. Unlike manual dependency management, Dependabot continuously monitors for vulnerabilities and can automatically create pull requests with fixes. Here, we're going to configure dependabot with customized schedules and establish workflows for safely reviewing and merging updates. Here, we have just a simple empty repository with one file for simplicity. And what we're going to want to do first off, is enable dependabot alerts, which will automatically scan our dependency files for known vulnerabilities. So, we're going to want to go to settings, advanced security, and enable our dependabot alerts. It's going to need the dependency graph to be enabled, so we're going to want to enable that as well. And this feature will work immediately on existing repositories, scanning any dependency manifests. And…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.