Pattern: Disabled GitHub vulnerability alerts
Issue: -
Insecure vulnerabilities might be used in the codebase. Set vulnerability_alerts
attribute to true
to enable this setting.
Resolution: enable vulnerability alerts for all repositories.
Example of incorrect code:
resource "github_repository" "bad_example" {
name = "example"
description = "My awesome codebase"
vulnerability_alerts = false
}
Example of correct code:
resource "github_repository" "good_example" {
name = "example"
description = "My awesome codebase"
vulnerability_alerts = true
}