Skip to content

Update README with current screenshots and instructions #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Sep 4, 2025
Merged

Update README with current screenshots and instructions #14

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f3d3fe4
Updates settings navigation instruction
tresat Aug 29, 2025
70eb790
Update image in README for dependency alerts
tresat Aug 29, 2025
2df97ec
Update image link for Dependabot alerts section
tresat Sep 2, 2025
4a73805
Tweak text - there are currently 6 reports (and may be more in the fu…
tresat Sep 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 4 additions & 5 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ You may find it useful to fork this repository, which will allow you to follow t
Note that GitHub Actions workflows are not automatically enabled for repository forks.
To start the process, you'll need to:
1. Fork the repository
2. Navigate to "Settings -> Code security and analysis" to enable Dependency graph and Dependabot alerts (see below)
2. Navigate to "Settings -> Advanced Security" and enable Dependency graph and Dependabot alerts (see below)
3. Navigate to the "Actions" tab to enable GitHub Actions workflows
4. Push a commit to the 'main' branch in order to trigger the initial `dependency-submission` workflow to run. A change to the README will be sufficient.

Expand All @@ -17,7 +17,7 @@ In order to receive alerts about any vulnerable dependencies for this repository

1. **Dependency graph and Dependabot alerts are enabled**

<img width="800" alt="image" src="https://github.com/gradle/github-dependency-submission-demo/assets/179734/7ecf6cc6-aec2-4985-8331-b9e9db78d312">
<img width="800" alt="image" src="https://github.com/user-attachments/assets/978e21bb-8082-4861-98a5-b42a41fa29a8" />

2. **A simple `dependency-submission` workflow is configured to run on any push to the `main` branch**

Expand All @@ -38,13 +38,12 @@ You can view all of these dependencies, and search for a particular dependency [

Note that all dependencies reported by the action will be tagged with <code>Detected by **GitHub Dependency Graph Gradle Plugin**</code>.


# Viewing vulnerabilities reported for this repository

After executing the `dependency-submission` workflow, the repository has 5 current Dependabot alerts for vulnerable dependencies.
After executing the `dependency-submission` workflow, the repository has several current Dependabot alerts for vulnerable dependencies.
These are not publicly visible in the repo, but here is the list:

<img width="800" alt="image" src="https://github.com/gradle/github-dependency-submission-demo/assets/179734/1e9905c6-d1cf-40ea-bdc1-d42b70eafefe">
<img width="800" alt="image" src="https://github.com/user-attachments/assets/99120685-bfd3-42c8-81cf-f750a041f7b8" />

# Fixing dependency vulnerabilities

Expand Down
Loading