Overview
Learn how to build a secure open source project on GitHub in this 27-minute conference talk by Philip Holleran from GitHub. Discover essential security tools and capabilities provided free of charge for open source projects. Explore methods to protect your project from vulnerable dependencies, scan code for security vulnerabilities, establish a responsible disclosure policy, and collaborate privately with security researchers. Gain insights into creating friendly projects, setting up contributing guidelines, implementing issue and pull request templates, and leveraging GitHub features like Code Spaces and Actions to enhance your project's security and accessibility.
Syllabus
Introduction
Securing Dependencies
Code Scanning
Code Scanning Improvements
Security Policy
Friendly projects
How to contribute
ContributingMD document
Issue and pull request templates
Repository settings
Good first issues
Quick changes
GitHub Code Spaces
GitHub Actions
Taught by
Linux Foundation