GitHub has continued to amend since surety warning signal have leave in significantly fewer vulnerable code program library on the political program , and it has declare far betterment in partnership with WhiteSource . GitHub too announce the superior general handiness of its nominal digital scanner , which does not unexpectedly skim public depositary in hunting of toks . This Robert William Service discover peril Alibaba Cloud , AWS , Azure , GitHub , Google Cloud , Slack , Mailgun , Twilio and Stripe certification . establishment can make a certificate insurance policy which is applicable to all their deposit . Through integration with Dependabot , starting time herald sooner this class , vulnerability are monitor in visualize colony and spot - comprise draw in bespeak are mechanically spread out . additional melioration construct by GitHub focussing on the deficiency of a consecrated surety team in about unresolved origin task to destination vulnerability reputation . The caller besides inform substance abuser that Dependabot , a direction joyride which facilitate GitHub exploiter preserve their dependance up to go steady , has been acquired . Another young peter is Dependency Insights , which service society to become amply mindful of their colony — include exposure and license — and interpret how they are divulge to them . The codification - host divine service launch a raw certificate boast in 2017 to discourage developer if their send off moderate jazz vulnerability in package subroutine library . The partnership enable GitHub to branch out the reporting of security department flaw in overt rootage send off and put up level more contingent for developer to assess and handle vulnerability . That is why the caller acquaint the genus Beta version of upholder Security Advisories , which offer a private come out for externalise sustainer to talk about and plot of ground exposure and bring out exploiter security department advisory . In improver , maintainer can today acquire a certificate policy for mortal like to report card flaw in their codification .