The company says over 745 percent of projects hosted on the platform use
dependencies, and that opens them up to inherent vulnerabilities.
Last month, GitHub launched its ‘dependency graph’ feature to help keep track of those your code depends on. This month, it’s about checking those dependencies are secure.
With the dependency graph feature active, GitHub will notify developers if a vulnerability is detected and will even suggest known fixes supplied by the community. If a safe version exists, GitHub says it will “select one using machine learning and publicly available data, and include it in our suggestion.”
Last month, GitHub launched its ‘dependency graph’ feature to help keep track of those your code depends on. This month, it’s about checking those dependencies are secure.
With the dependency graph feature active, GitHub will notify developers if a vulnerability is detected and will even suggest known fixes supplied by the community. If a safe version exists, GitHub says it will “select one using machine learning and publicly available data, and include it in our suggestion.”
