+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

WPTavern: GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

Last month GitHub launched its Dependency Graph feature that tracks a repository’s dependencies and sub-dependencies under the Insights tab. This week the company rolled out an expansion of the feature and will now identify known vulnerabilities and send notifications with suggested fixes from the GitHub community.

Dependency graphs and security alerts are automatically enabled for public repositories, provided the repository owner has defined the dependencies in one of the supported manifest file types, such as package.json or Gemfile. (Private repo owners have to opt in.) The vulnerability alerts are not public – they will only be shown to those who have been granted access to the vulnerability alerts.

GitHub uses data from the National Vulnerability Database to alert repository owners about publicly disclosed vulnerabilities that have CVE IDs. Vulnerability detection is currently limited to JavaScript and Ruby projects but Python support is next on the roadmap for 2018. PHP, which is a bet less widely used in projects on GitHub, is likely further down the list.



Source: WordPress

Related Post
BuddyPress: BuddyPress 3.0.0 “Apollo”

BuddyPress: BuddyPress 3.0.0 “Apollo” BuddyPress 3.0.0 “Apollo” is now available for immediate download from the WordPress.org plugin repository, or right from your WordPress Dashboard. “Apollo” focuses on various improvement for developers, site builders and site managers. Say hello to “Nouveau”! A bold reimagining of our legacy templates, Nouveau is our celebration of 10 years of BuddyPress! […]

Read more
WPTavern: WordPress 4.9.6 Released With User Data Export and Removal Tools

WPTavern: WordPress 4.9.6 Released With User Data Export and Removal Tools WordPress 4.9.6 has been released and is considered a privacy and maintenance release. Traditionally, minor versions contain security and bug fixes. This release is different as it includes a number of privacy related features such as: Privacy Policy page template/creation User Data Request Handling […]

Read more
Dev Blog: WordPress 4.9.6 Privacy and Maintenance Release

Dev Blog: WordPress 4.9.6 Privacy and Maintenance Release WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features. Privacy The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site […]

Read more