When creating a GitHub repository you need to follow a few organizational standardization rules :
- When naming your repository use lowercase. This makes it easier for command line use.
- Use a dash ( - ) and not an underscore ( _ ) to separate words in the repository name.
- Make the repository public.
- Add a description.
- Create a LICENSE.md file.
- Protect your branches.
- Enable secret scanning and push protection.
-
Create a new file and name it
LICENSE.md: -
Click on "Choose a license template."
-
Choose "MIT License," and all the needed information will be filled in for you.
-
Click on "Review and submit" to create your file.
Protecting branches in GitHub is essential for maintaining code integrity, ensuring a consistent commit history, and safeguarding against disruptive changes. By mandating code reviews, preventing force pushes, and requiring scrutiny of contributions, branch protection provides a foundational layer of security and quality control in collaborative projects.
-
Go to your repository's main page.
-
Click on the "Settings" option on the top right.
-
Click on the "Branches" tab on the right menu.
-
Make sure to check "Require a pull request before merging," and also ensure that "Require approvals" is checked. You can leave the default option for the number of required approvals.
Enabling secret scanning and push protection in GitHub repositories helps prevent sensitive information, such as API keys, passwords, and tokens, from being inadvertently exposed in your codebase. Secret scanning detects exposed secrets, while push protection actively blocks commits containing known secrets. If a secret is leaked, repository administrators receive an alert.
To enable these functionalities:
-
From the main page of your repository, click Settings.
-
In the sidebar, scroll down to the Security section and click Code security.
-
Scroll down to the Secret scanning section and click Enable.
-
After enabling Secret scanning, the option to enable Push protection will appear. Click Enable.
