ZDNet

GitHub launches Package Registry to easily generate packages from your code

Code hosting website GitHub announced today a new service for its customers that will allow developers and organizations an easy way to generate "packages" from their code. Packages are ...
InfoWorld

GitHub launches GitHub Package Registry

GitHub has introduced the GitHub Package Registry, a package management service integrated into GitHub that allows developers to publish private or public packages next to their source code. GitHub ...
Neowin

GitHub increases verifiability of npm packages for added security

GitHub now allows npm package developers to link their published packages to their source code to prove that the package was built from the source. This will help build trust and boost security.
Business Insider

GitHub just launched its first big new product since Microsoft bought it for $7.5 billion, and it's a crucial service for developers

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. Follow Rosalie Chan Every time Rosalie publishes a story, you’ll get an alert straight to your inbox!
ZDNet

GitHub tackles severe vulnerabilities in Node.js packages

GitHub has resolved numerous vulnerabilities in Node.js packages tar and @npmcli/arborist, with the worst allowing file overwrites and arbitrary code execution. On Wednesday, GitHub said the company ...