https://github.com/devwithkrishna/configuring-dependabot-security-updates-for-github-repository

configuring-dependabot-security-updates for a github repository
https://github.com/devwithkrishna/configuring-dependabot-security-updates-for-github-repository

bash-script dependabot github github-workflows

Last synced: 5 months ago
JSON representation

configuring-dependabot-security-updates for a github repository

• Host: GitHub
• URL: https://github.com/devwithkrishna/configuring-dependabot-security-updates-for-github-repository
• Owner: devwithkrishna
• License: mit
• Created: 2023-12-27T10:30:35.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2024-05-08T20:29:00.000Z (over 1 year ago)
• Last Synced: 2025-03-05T11:53:04.152Z (10 months ago)
• Topics: bash-script, dependabot, github, github-workflows
• Language: Shell
• Homepage: https://github.com/devwithkrishna/configuring-dependabot-security-updates-for-github-repository
• Size: 4.88 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# configuring-dependabot-security-updates-for-github-repository

```

Enables automated security fixes for a repository. The authenticated user must have admin access to the repository. For more information, see "Configuring automated security fixes".

```

[Configuring automated security fixes](https://docs.github.com/articles/configuring-automated-security-fixes)

reference: [configuring-dependabot-security-updates-for-github-repository](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#enable-automated-security-fixes)

## How code works

* requires owner name / organization name

* requires repository name

```

These parameters are received from the github workflow UI. These are then passed to restAPI in bash script

``` 

* The credential used is ``` FINE GRAINED PERSONAL ACCESS TOKEN ```

* Vulnerability alerts must be enabled to configure automated security fixes

    [able-vulnerability-alerts](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#enable-vulnerability-alerts)

* Enables private vulnerability reporting for a repository. The authenticated user must have admin access to the repository. 

    [enable-private-vulnerability-reporting-for-a-repository](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#enable-private-vulnerability-reporting-for-a-repository)

* Enables dependabot for a repository 

    [enable-automated-security-fixes](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#enable-automated-security-fixes)