Bleeping Computer

Github Will Warn Developers About Vulnerable Dependencies in Their Projects

GitHub — the Internet largest code hosting service — is rolling out a new security feature through which it hopes to reduce the number of vulnerable projects hosted and distributed through its ...
Dark Reading

Google Tackles Open Source Security With New Dependency Service

In a bid to reduce software supply chain risks in the open source software ecosystem, Google launched a free API service providing dependency data and security-related information on over 5 million ...
ZDNet

GitHub security alerts now support PHP projects

Since the Dependency Graph feature is intertwined with the Security Alerts (Vulnerability Alerts) feature, this also means GitHub users will also be eligible to receive automatic security alerts for ...