ZDNet

GitHub rolls out dependency review, vulnerability alerts for pull requests

GitHub will roll out dependency review, a security assessment for pull requests, in the coming weeks to developers. SEE: Meet the hackers who earn millions for saving the web, one bug at a time (cover ...
SD Times

Collaborator by SmartBear enhances GitHub’s pull request workflow

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
Bleeping Computer

GitHub can now alert of supply-chain bugs in new dependencies

GitHub can now block and alert you of pull requests that introduce new dependencies impacted by known supply chain vulnerabilities. This is achieved by adding the new Dependency Review GitHub Action ...