all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Unlocking security updates for transitive dependencies with npm

Add to bookmarks
Jan. 19, 2023, 8:24 p.m. | Bryan Dragon

The GitHub Blog: Security News and Updates github.blog

How Dependabot integrated with npm to address security vulnerabilities on transitive dependencies and increase the likelihood of success for JavaScript security updates by 40%.

address dependabot dependencies engineering javascript npm security security updates supply chain security updates vulnerabilities

Visit resource

More from github.blog / The GitHub Blog: Security News and Updates

Introducing Artifact Attestations–now in public beta 1 day, 13 hours ago | github.blog
actions artifact beta blog +7
Where does your software (really) come from? 3 days, 13 hours ago | github.blog
blog capabilities community github +11
CodeQL zero to hero part 3: Security research with CodeQL 4 days, 21 hours ago | github.blog
blog codeql github github security lab +6
Securing millions of developers through 2FA 1 week, 2 days ago | github.blog
2fa adoption developers ecosystem +9
Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private … 1 month ago | github.blog
blog blog post code codeql +16
Gaining kernel code execution on an MTE-enabled Pixel 8 1 month, 2 weeks ago | github.blog
android app arm arm mali +22
Keeping secrets out of public repositories 2 months ago | github.blog
blog default developers github +10
How to stay safe from repo-jacking 2 months, 1 week ago | github.blog
attack blog blog post can +10
Build code security skills with the GitHub Secure Code Game 2 months, 2 weeks ago | github.blog
actions blog build challenges +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Nestlé | St. Louis, MO, US, 63164
View on infosec-jobs.com

Cybersecurity Analyst

@ Dana Incorporated | Pune, MH, IN, 411057
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | United States
View on infosec-jobs.com

Linux DevSecOps Administrator (Remote)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Cyber Security Intern or Co-op

@ Langan | Parsippany, NJ, US, 07054-2172
View on infosec-jobs.com

Security Advocate - Application Security

@ Datadog | New York, USA, Remote
View on infosec-jobs.com
View more jobs