Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upGitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
Dependency Graph: Dependency Review (Cloud Beta) #80
Projects
Comments
github-product-roadmap
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Summary
Review Dependency Changes allows a reviewer to see dependencies and vulnerabilities in those dependencies they are introducing as part of PRs.
Intended Outcome
Have information in a pull request to know if you are introducing any new dependencies or vulnerabilities before these are added to your environment.
How will it work?
Today, Dependency Graph helps you understand your dependencies, and Security alerts notify you of newly discovered vulnerabilities in your dependencies. In a PR merging a branch to master, you will be able to get predictive information from the Dependency Graph and Security alerts before merging a branch, to see if you are introducing new dependencies or vulnerabilities before these are added to your environment.