this dart programming languageFocusing on customer development in web and mobile applications, GitHub supply chain security features in service. The news was announced by the hosting platform last week.
Using the language created by Google in their projects with the functionality, developers and security teams will be able to visualize, maintain and protect dependencies in the Dart supply chain. This will bring society new ways to detect and fix insectsbefore it affects customer products.
One of the tools offered to users, GitHub Advisory DatabaseAn open database of security alerts about actionable vulnerability information. It allows you to privately discuss and resolve bugs before making them public.
And a programmer darts vulnerability With a CVE not reported in the advisory data pack, you can report it with input from the software user community.
more resources
HE Dart code support in GitHub’s supply chain security features It also brings other features to the users of the hosting platform, such as the dependency graph. By analyzing pubspec.yaml and pubspec.lock files from a repository, you can identify existing dependencies in the project,
The information collected is the basis for: Dependabot alerts, a function that identifies vulnerabilities in code dependencies. When the tool finds them in packages that are in use, it automatically updates the buggy builds to move them to a bug-free version.
According to GitHub, the improvements bring solutions to protect the end-to-end software supply chain, making the programming experience “safer, more collaborative and positive.” Apps like Google Ads, eBay Motors, and Alibaba Xianyu are some that use the Dart language.
Source: Tec Mundo
