+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

Last month GitHub launched its Dependency Graph feature that tracks a repository’s dependencies and sub-dependencies under the Insights tab. This week the company rolled out an expansion of the feature and will now identify known vulnerabilities and send notifications with suggested fixes from the GitHub community.

Dependency graphs and security alerts are automatically enabled for public repositories, provided the repository owner has defined the dependencies in one of the supported manifest file types, such as package.json or Gemfile. (Private repo owners have to opt in.) The vulnerability alerts are not public – they will only be shown to those who have been granted access to the vulnerability alerts.

GitHub uses data from the National Vulnerability Database to alert repository owners about publicly disclosed vulnerabilities that have CVE IDs. Vulnerability detection is currently limited to JavaScript and Ruby projects but Python support is next on the roadmap for 2018. PHP, which is a bet less widely used in projects on GitHub, is likely further down the list.



Source: WordPress

Related Post
WPTavern: Codecademy Launches New Free PHP Course

WPTavern: Codecademy Launches New Free PHP Course Codecademy introduced a new free course today called Learn PHP. The company, which offers free coding courses, is rebuilding its PHP education after removing all of its PHP courses in 2017. A Codecademy representative explained that the courses were outdated and that their team thought PHP was declining […]

Read more
WPTavern: Gutenberg Cloud Team Advocates for Making WordPress.org’s New Block Directory a CMS-Agnostic Library

WPTavern: Gutenberg Cloud Team Advocates for Making WordPress.org’s New Block Directory a CMS-Agnostic Library Frontkom‘s presentation at WordCamp Nordic introduced the audience to the Gutenberg Cloud project, which allows developers to share JS-only blocks across CMS platforms. Marco Fernandes and Thor Andre Gretland, representatives of the 45-person agency based in Europe, are also part of […]

Read more
WPTavern: WPWeekly Episode 349 – Sandy Edwards and the Kids Event Working Group Initiative

WPTavern: WPWeekly Episode 349 – Sandy Edwards and the Kids Event Working Group Initiative In this episode, John James Jacoby and I are joined by Sandy Edwards. Sandy gave us a behind the scenes look at what it takes to organize a WordPress event for children and teens. She also provides background information on a […]

Read more