课程: Learning GitHub Advanced Security for Azure DevOps
今天就开通帐号,24,600 门业界名师课程任您挑!
Push protection
- [Lecturer] Let's have a look at push protection in action. First of all, push protection needs to be enabled before it becomes active. You can do so from the Repository Management screen. Let's do this for my example repository. As you can see, advanced security has already been enabled on our repository when we enabled dependency scanning, so the only other option is to enable push protection. From now on, whenever somebody makes changes to this repository, it will be blocked if those changes contain secrets. Let's have a look at how this works in practice. I'll show this in action with the web editor. Let's add an npm token straight into the readme. This is one of those secrets you do not want to leak out into a public repo or share with other engineers in your company as it could be used to impersonate you and mess with the packages you have created on the npm registry. I can add this anywhere in the file as long…
下载课程离线学习
下载课程到移动设备,轻松离线学习。在领英学习 iOS 或安卓版 APP 下载课程