Dark Reading

Google Tackles Open Source Security With New Dependency Service

In a bid to reduce software supply chain risks in the open source software ecosystem, Google launched a free API service providing dependency data and security-related information on over 5 million ...
adtmag.com

GitHub Intros Dependency Graphs, Security Alerts Coming Soon

GitHub is boosting the security capabilities of its software development platform, introducing a new open source project dependency graphs and promising alerts when bad actors show up in those graphs.
CSOonline

Google launches dependency API and curated package repository with security metadata

This week, Google launched a free API service that provides software developers with dependency data and security-related information on over 5 million software components across different programming ...
InfoQ

GitHub Introduces Dependency Graph and Security Alerts

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
TechCrunch

Endor emerges from stealth with $25M to secure software supply chains

An increasing percentage of the code that companies use to develop software is open source. In a 2018 survey by Tidelift, a software supply chain management platform, 92% of professional software ...