roadmap icon indicating copy to clipboard operation
roadmap copied to clipboard
verified publisher icon github

Dependency review enforcement (GHES beta)

Open github-product-roadmap opened this issue 3 years ago • 0 comments

Summary

This feature is the GHES version of https://github.com/github/roadmap/issues/149. In the initial version, it will be delivered as an API which allows developers to block pull requests which include vulnerable dependencies using an app or GitHub Action. We will deliver an open-source GitHub action which implements this functionality.

Intended Outcome

Developers will check in fewer vulnerable dependencies by preventing accidental inclusion of vulnerable dependencies, leaving their end customers more secure.

How will it work?

We will provide an API and a GitHub action which implement this functionality.

github-product-roadmap avatar Apr 13 '22 20:04 github-product-roadmap