Default Policy¶
The simplest way to use GHASCompliance is to use the Default Policy.
1name: Default Policy
2
3# Code Scanning policy
4codescanning:
5 level: error
6
7# Dependency Security Alerts (dependabot) policy
8dependabot:
9 level: high
10
11# Dependency Licensing Alerts (dependency graph) policy
12licensing:
13 conditions:
14 ids:
15 - GPL-*
16 - LGPL-*
17 - AGPL-*
18
19 warnings:
20 # Warning is the dependency isn't known
21 ids:
22 - Other
23 - NA
24
25# Dependency usage Alerts (dependency graph) policy
26# dependencies:
27
28# Secret Scanning Alerts policyS
29secretscanning:
30 level: all
