Sonatype has released DepShield, a new GitHub application that monitors projects and flags security vulnerabilities. It also compiles a list of known vulnerabilities based on GitHub's Issue Tracker.
“The need for more secure coding practices has never been greater,” said Wayne Jackson, CEO of Sonatype. “Developers live, eat and breathe in GitHub. While developers find value in GitHub’s native dependency graph, they need, and are demanding, more self-help security. With DepShield, we’re enabling 28 million developers to add an initial layer of defense, to not only help protect their software projects, but the millions of enterprises, organizations and individuals who will use their code down the road.”