+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

Last month GitHub launched its Dependency Graph feature that tracks a repository’s dependencies and sub-dependencies under the Insights tab. This week the company rolled out an expansion of the feature and will now identify known vulnerabilities and send notifications with suggested fixes from the GitHub community.

Dependency graphs and security alerts are automatically enabled for public repositories, provided the repository owner has defined the dependencies in one of the supported manifest file types, such as package.json or Gemfile. (Private repo owners have to opt in.) The vulnerability alerts are not public – they will only be shown to those who have been granted access to the vulnerability alerts.

GitHub uses data from the National Vulnerability Database to alert repository owners about publicly disclosed vulnerabilities that have CVE IDs. Vulnerability detection is currently limited to JavaScript and Ruby projects but Python support is next on the roadmap for 2018. PHP, which is a bet less widely used in projects on GitHub, is likely further down the list.



Source: WordPress

Related Post
WPTavern: WPTracSearch: An Elasticsearch-Powered Search Interface for WordPress Trac Tickets

WPTavern: WPTracSearch: An Elasticsearch-Powered Search Interface for WordPress Trac Tickets WordPress Trac is one of the more utilitarian and uninspiring interfaces that many contributors have to contend with in the process of giving back to the project. After growing tired of Trac’s mediocre search functionality, William Earnhardt set out to improve it with a new […]

Read more
WPTavern: Tips for Replying to A Call for Papers or A Call for Speakers

WPTavern: Tips for Replying to A Call for Papers or A Call for Speakers The following is a guest post written by Jennifer Bourn. With 21 years experience as a graphic designer, 15 years experience as a web designer, 14 years as a creative agency owner, and 11 years as a blogger, Jennifer Bourn has […]

Read more
WPTavern: Storefront 2.5.0 Introduces a Custom, Block-Based Homepage

WPTavern: Storefront 2.5.0 Introduces a Custom, Block-Based Homepage Storefront, WooCommerce’s free flagship theme, has just released version 2.5.0 with updates that make it easier to setup and customize the homepage. In 2017, WooCommerce 2.2 introduced starter content to help users set up the homepage template, menus, widgets, and add some demo products. This content has […]

Read more