+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

Last month GitHub launched its Dependency Graph feature that tracks a repository’s dependencies and sub-dependencies under the Insights tab. This week the company rolled out an expansion of the feature and will now identify known vulnerabilities and send notifications with suggested fixes from the GitHub community.

Dependency graphs and security alerts are automatically enabled for public repositories, provided the repository owner has defined the dependencies in one of the supported manifest file types, such as package.json or Gemfile. (Private repo owners have to opt in.) The vulnerability alerts are not public – they will only be shown to those who have been granted access to the vulnerability alerts.

GitHub uses data from the National Vulnerability Database to alert repository owners about publicly disclosed vulnerabilities that have CVE IDs. Vulnerability detection is currently limited to JavaScript and Ruby projects but Python support is next on the roadmap for 2018. PHP, which is a bet less widely used in projects on GitHub, is likely further down the list.



Source: WordPress

Related Post
WPTavern: Google Developers Demo AMP Stories Integration with Gutenberg at Chrome Dev Summit

WPTavern: Google Developers Demo AMP Stories Integration with Gutenberg at Chrome Dev Summit Alberto Medina and Weston Ruter gave a presentation on Progressive Content Management Systems yesterday at Chrome Dev Summit 2018 in San Francisco. Medina is a developer advocate at Google and Ruter recently transitioned into a new role as a Developer Programs Engineer […]

Read more
Dev Blog: WordPress 5.0 Beta 4

Dev Blog: WordPress 5.0 Beta 4 WordPress 5.0 Beta 4 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. There are two ways to test the WordPress 5.0 Beta: try the WordPress Beta Tester plugin […]

Read more
WPTavern: WordCamp Nordic Tickets Now on Sale, Sponsorship Packages Sold Out in Minutes

WPTavern: WordCamp Nordic Tickets Now on Sale, Sponsorship Packages Sold Out in Minutes Tickets for the first ever WordCamp Nordic went on sale today and 100 seats sold within 20 minutes. The event is scheduled to be held in Helsinki, Finland, March 7-8, 2019. There are currently 97 regular tickets and 59 micro-sponsor tickets remaining […]

Read more