The code hosting service GitHub confirmed that the introduction of GitHub security alerts in November allowed to obtain a significant reduction of vulnerable code libraries on the platform.
Github alerts warn developers when including certain flawed software libraries in their projects and provide advice on how to address the issue.
Last year GitHub first introduced the Dependency Graph, a feature that lists all the libraries used by a project. The feature supports JavaScript and Ruby, and the company also plans to add the support for Python this year.
The GitHub security alerts feature introduced in November is designed to alert developers when one …read more
Via:: Security Affiars