Latest in Gear

Image credit: GitHub

GitHub can actively look for security holes in your code

The system has already caught 20,000 security issues.
Daniel Cooper, @danielwcooper
October 1, 2020
211 Shares
Share
Tweet
Share

Sponsored Links

GitHub
GitHub

GitHub, the Microsoft-owned code repository, has announced something that will hopefully make all our software much more secure. The platform has, after several months of testing, now launched code scanning, a system that will read through software looking for security holes. As the code is created, the system will now scan through it, highlighting areas that could be exploited in future. The hope is that, by catching errors ahead of time, the number of security incidents we all face could be reduced.

So far, GitHub has scanned 12,000 repositories 1.4 million times, with the company’s Justin Hutchings saying that it’s caught 20,000 security issues. That included holes that would have enabled remote code execution, SWL injection and cross-site scripting, of which 72 percent was fixed in the subsequent 30 days. Given that GitHub’s public libraries can be examined, worked on and adopted by lots of other GitHub users, that’s plenty of crises averted already. 

In this article: GitHub, Code Scanning, Security, Privacy, news, gear
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
211 Shares
Share
Tweet
Share

Popular on Engadget

Scientists found an Earth-sized ‘rogue’ planet in the Milky Way

Scientists found an Earth-sized ‘rogue’ planet in the Milky Way

View
Microsoft Excel spreadsheets now take custom live data

Microsoft Excel spreadsheets now take custom live data

View
Netflix is raising the price of standard and premium plans in the US

Netflix is raising the price of standard and premium plans in the US

View
Jabra Elite 85t review: Noise-blocking comfort that rivals the best

Jabra Elite 85t review: Noise-blocking comfort that rivals the best

View
Some Google One plans now come with a complimentary VPN

Some Google One plans now come with a complimentary VPN

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr