dcsimg
August 17, 2018
Hot Topics:

GitHub Found 4 Million Vulnerabilities in its Repositories

  • March 22, 2018
  • By Developer.com Staff

Since last November, GitHub has been scanning its code repositories for vulnerabilities as part of its dependency graph service. Today it announced that it has found more than 4 million known vulnerabilities, so far, and has alerted project owners about the problems.

GitHub currently scans only public repositories written in Java and Ruby, which is about a half million repositories. Owners of private repositories can opt in to be included in the service.

The firm says that about 30 percent of the security vulnerabilities it finds are resolved within a week after notification. However, 55 percent of alerts went to repositories that haven't been changed in 90 days.

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.

Sitemap

Thanks for your registration, follow us on our social networks to keep up-to-date