Github launches new tools to say when your project’s dependencies get pwned

Github today announced the introduction of more robust security features for its users, which will help developers identify vulnerable dependencies in their code. The announcement came at the company’s flagship Github Universe conference, taking place at Pier 70 in San Francisco. The new feature, called Dependency Graph, enumerates the software libraries that constitute a project. This information is then visualized in a way that’s easy for developers to digest, giving them an accurate overview of their codebase. Github intends to build upon this with Security Alerts. This will alert developers when vulnerabilities are discovered in libraries they use. This allows…

This story continues at The Next Web
The Next Web