Skip to content

Instantly share code, notes, and snippets.

@chtzvt
chtzvt / ghazdo-starter.yml
Last active March 7, 2024 17:57
Starter Pipeline for GitHub Advanced Security for Azure DevOps
# Welcome to the Starter Pipeline for GitHub Advanced Security for Azure DevOps (GHAzDo)
#
# This pipeline enables two core features of GHAzDo for your repository:
#
# - Dependency Scanning, which will examine your application's package manifests
# to find and alert on any vulnerable dependencies you may be using, and
#
# - Code Scanning, which performs static analysis (SAST) of your application's source
# code to identify certain types of security vulnerabilities, along with additional,
# optional quality checks.