+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

Last month GitHub launched its Dependency Graph feature that tracks a repository’s dependencies and sub-dependencies under the Insights tab. This week the company rolled out an expansion of the feature and will now identify known vulnerabilities and send notifications with suggested fixes from the GitHub community.

Dependency graphs and security alerts are automatically enabled for public repositories, provided the repository owner has defined the dependencies in one of the supported manifest file types, such as package.json or Gemfile. (Private repo owners have to opt in.) The vulnerability alerts are not public – they will only be shown to those who have been granted access to the vulnerability alerts.

GitHub uses data from the National Vulnerability Database to alert repository owners about publicly disclosed vulnerabilities that have CVE IDs. Vulnerability detection is currently limited to JavaScript and Ruby projects but Python support is next on the roadmap for 2018. PHP, which is a bet less widely used in projects on GitHub, is likely further down the list.



Source: WordPress

Related Post
WPTavern: My Gutenberg Experience: Part Three

WPTavern: My Gutenberg Experience: Part Three It’s been about four months since the last time I shared my experience with Gutenberg. In that time, there have been sixteen releases. The more I use Gutenberg, the more nuances I encounter. Disruptive Writing Flow When writing a post, I press the enter key at the end of […]

Read more
WPTavern: Gutenberg 3.6 Adds New Icons for All Core Blocks

WPTavern: Gutenberg 3.6 Adds New Icons for All Core Blocks Gutenberg 3.6 was released today, featuring a design overhaul for the core icons in the block inserter. The blocks now use Material icons, which offer more options than the Dashicons. This update also improves the icons for the core embeds, which now display the corresponding […]

Read more
Donncha: WP Super Cache 1.6.3

Donncha: WP Super Cache 1.6.3 WP Super Cache is a full page caching plugin for WordPress. When a page is cached almost all of WordPress is skipped and the page is sent to the browser with the minimum amount of code executed. This makes the page load much faster. 1.6.3 is the latest release and […]

Read more