|GitHub Security Alerts For Python|
|Written by Kay Ewbank|
|Monday, 13 August 2018|
GitHub has added Python to the list of languages where you can check out security alerts. Python developers can now see problems on a dependency graph and receive security alerts whenever their repositories depend on packages with known security vulnerabilities.
In addition to highlighting dependencies that are the source of a potential vulnerability, and their severity on a four-point scale - Low, Moderate, High, or Critical - GitHub aims to provide a solution to the problem.
The GitHub team says:
The dependency graph is a chart that displays the projects your code depends on and projects that depend on your code. It can be enabled by clicking Insights under your repository name then clicking Dependency graph in the left sidebar.
The newly announced Python support means Python users can now access the dependency graph and receive security alerts whenever their repositories depend on packages with known security vulnerabilities. Python projects have to have their dependencies defined in a requirements.txt or pipfile.lock file in order to enable the dependency graph.
GitHub says the new platform has been launched with a relatively small set of recent vulnerabilities. Over the coming weeks, more historical Python vulnerabilities will be added to the database so the security alerts will become more useful. As new vulnerabilities in Python libraries are discovered, alerts will be sent to Python repository admins whose repositories show dependencies on those libraries.
GitHub article about security alerts for vulnerable dependencies
GitHub instructions for listing the packages that a repository depends on
GitHub For Unity Now Available
Microsoft Buys GitHub - Get Ready For a Bigger Devil
GitHub Marketplace Now Accepts Free Apps and Offers Free Trials
GitHub Enterprise Adds Team Discussions
Visual Studio Improves Gaming Tools For Unity
To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.
or email your comment to: firstname.lastname@example.org
|Last Updated ( Monday, 13 August 2018 )|