You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -84,9 +84,10 @@ The below steps, once enacted, will ensure that any local `git commit` actions t
4. Grype-based vulnerability scanning should run every time a `git commit` is invoked. The commit will be blocked if CRITICAL level vulnerabilities are found and will ask the developer to fix them prior to committing.
### Step 3: Set Up Automated Repository Scanning
-**GitHub**:
- We recommend installing the official Grype GitHub action to set up automated dependency vulnerability scanning. Available [at this link](https://github.com/marketplace/actions/anchore-container-scan).
- We also recommend setting up GitHub's official Dependabot action to also look for vulnerabilities. See our [GitHub Security Guide](/docs/guides/software-lifecycle/security/github-security) on this.
For GitHub users, we recommend:
- Installing the official Grype GitHub action to set up automated dependency vulnerability scanning. The tool is available [at this link](https://github.com/marketplace/actions/anchore-container-scan).
- Setting up GitHub's official Dependabot action to also look for vulnerabilities. See our [GitHub Security Guide](/docs/guides/software-lifecycle/security/github-security) on this.
