Our Blogs

GitHub Gets Better With Dependency Graph and Security Alerts

October 15, 2017
GitHub Gets Better With Dependency Graph and Security Alerts
GitHub has announced the rollout of the dependency graph and security alerts at the Universe Conference. Moreover, GitHub has been updated with a recommendation tool, which automatically fetches the relevant projects suitable for your environment. The Explore module provides a curated collection of topics and useful resources.

The GitHub dependency graph helps you to list out the useful dependencies for your repository. It can be easily accessed by navigating to the Insight section of your repository and selecting Dependency graph.

As a developer, you need to grant GitHub access to the relevant repo metadata if you have private repositories. As of this writing, the GitHub dependency graph provides support for JavaScript and Ruby including Python. It is to be noted that GitHub will be able to deliver security alerts to developers based on the data obtained by the dependency graph.

If a fix for a particular vulnerability is established, GitHub will automatically provide a suggestion, which could be upgrading to a new version. According to GitHub, the security alerts help the code to become safer.

GitHub also offers a recommender system, which is also named as Discover repositories. It provides automated suggestions about those repositories that will be suitable for the scenario. The collections produced by the Explore experience are useful results that is aimed at helping developers to learn more in their area of interest. Some of the examples of the collections include machine learning, government apps including the open source project.

Finally, GitHub also released Explore Octoverse info-graphics, which demonstrates how developers around the world have leveraged the rich potential of the GitHub in sharing code and selection of frameworks.