https://techcrunch.com/2017/10/11/github-will-soon-warn-developers-of-insecure-dependencies-adds-news-feed-team-chat-and-more/

GitHub, the online code repository, is hosting its annual user conference this week and following long-standing tradition in the tech industry, the company used the event to announce a number of new features for its service. The announcements center around two topics: security and discoverability.

Given the number of hacks we’ve seen in recent years, it’s no surprise that GitHub, too, wants to do its part to ensure that the code its users work on is as a secure as possible. The basic idea here is that most projects these days rely on a wide variety of third-party libraries and other dependencies.