DEV Community

loading...

Discussion on: People that don't use Github, what do you use and why?

Collapse
databasesponge profile image
MetaDave 🇪🇺

Here's their policy:

"When GitHub receives a notification of a newly-announced vulnerability, we identify public repositories (and private repositories that have opted in to vulnerability detection) that use the affected version of the dependency. Then, we send security alerts to owners and people with admin access to affected repositories."

It looks like they operate an opt-in for security scanning.

Collapse
damirtomic profile image
DamirTomic

foreach (code in codebase) {
..analyze();
....if(wantNotification){
..sendNotification();
..}
}

:D

Thread Thread
idanarye profile image
Idan Arye

Surely the optimizer can fix this?