Description
Every security journey starts with getting your environment right. In this challenge, you'll fork the repository, spin up a development environment, and enable GitHub Advanced Security (GHAS) on your fork.
This is the foundation for everything that follows. GHAS gives you code scanning, secret scanning, Dependabot alerts, and more — but none of it works until you flip the switches. By the end of this challenge, your repo will be wired up and ready for the real work ahead.
Objectives
- Fork the hackathon repository to your own GitHub account
- Open the project in a GitHub Codespace or local devcontainer
- Enable all GitHub Advanced Security features in your fork's settings (Settings > Code security and analysis)
- Confirm the dependency graph is active and populated
Success Criteria
- Repository forked to your account
- Development environment running (Codespace or devcontainer)
- GitHub Advanced Security is enabled on the repository
- Code scanning, secret scanning, and Dependabot alerts are all turned on
- Dependency graph shows detected dependencies
Learning Resources