If you’re like many open source project maintainers, your project might span tens or hundreds of GitHub repos, and your repo configuration may be wildly variable. How do you make sure that your repos always have a standard configuration in place, like a code of conduct, a security.md file, a license file, secret scanning, and Dependabot? It’s a lot for maintainers to remember and continuously monitor. Fortunately, you don’t have to—there are tools available to help.In this talk, Stacklok engineer and Knative maintainer Evan Anderson will go over the breadth of (free or CNCF-sponsored) tools available to OSS project maintainers to help you keep your GitHub repos—and Actions—consistently configured and secure for your end users.