+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: GitHub Launches New Dependency Graph Feature with Security Alerts Coming Soon

WPTavern: GitHub Launches New Dependency Graph Feature with Security Alerts Coming Soon

GitHub announced a new Dependency Graph feature at the Github Universe conference yesterday. It lists all the dependencies for a repository and will soon identify known vulnerabilities. The graph can be accessed under the Insights tab and currently supports Ruby and JavaScript dependencies with Python coming soon.

Public repositories display the graph by default and private repository owners also have the option to enable it. Below is a screenshot of Gutenberg’s dependency graph:

GitHub plans to extend dependency graphs to show security alerts when one of the dependencies is using a version that is publicly known to be vulnerable to a security issue. The alerts may also in some cases be able to suggest a security fix. Security alerts for dependencies is the first among a collection of security tools that GitHub has planned to release.

The dependency graph isn’t yet as useful as it could be for many PHP-based WordPress projects, but GitHub’s decision to start with support for JavaScript and Ruby dependencies is in line with the data the company collected from repositories. JavaScript and Ruby are among the top four most popular languages on GitHub, as measured by the number of pull requests. JavaScript is by far the most popular and PHP isn’t too far behind Ruby, according to stats from the State of the Octoverse 2017.

GitHub is also launching new efforts to connect its massive community. The company reported 24 million developers working across 67 million repositories in 2017. The new community features are aimed at helping developers make meaningful connections in the vast sea of repositories on the platform. Users will notice a new “Discover Repositories” feed in their dashboards that makes recommendations based on their starred repositories and the people they follow.

GitHub has also launched a new curated Explore section to help users browse open source projects, topics, events, and resources.



Source: WordPress

Related Post
WPTavern: WordPress 4.9 Will Support Shortcodes and Embedded Media in the Text Widget

WPTavern: WordPress 4.9 Will Support Shortcodes and Embedded Media in the Text Widget WordPress 4.8 brought TinyMCE to the core Text widget, along with brand new Image, Video, and Audio media widgets. The upcoming 4.9 release builds on this progress and will introduce some long-awaited improvements to Text widget. Users will finally be able to […]

Read more
WPTavern: WPWeekly Episode 292 – Recap of WooConf and CaboPress

WPTavern: WPWeekly Episode 292 – Recap of WooConf and CaboPress In this episode, John James Jacoby and I are joined by Cody Landefeld, co-founder of Mode Effect. Landefeld described his experience attending WooConf as we reviewed highlights from the State of the Woo. We also discussed WooCommerce retiring its Canvas theme in favor of Storefront. Jacoby […]

Read more
WPTavern: Goodnight Firebug

WPTavern: Goodnight Firebug Twitter is lighting up with sentimental Firebug remembrances today after Mozilla announced it will reach end-of-life in the Firefox browser next month. Firebug was the first browser-based tool that allowed developers to easily inspect HTML and debug JS. It was discontinued as a separate add-on and merged into Firefox DevTools in 2016 […]

Read more