Linux Journal

Debian Package Dependency Management: Handling Dependencies

Debian-based Linux distributions, such as Ubuntu, Linux Mint, and Debian itself, rely on robust package management systems to install, update, and remove software efficiently. One of the most critical ...
Bleeping Computer

Github Will Warn Developers About Vulnerable Dependencies in Their Projects

GitHub — the Internet largest code hosting service — is rolling out a new security feature through which it hopes to reduce the number of vulnerable projects hosted and distributed through its ...
adtmag.com

GitHub Intros Dependency Graphs, Security Alerts Coming Soon

GitHub is boosting the security capabilities of its software development platform, introducing a new open source project dependency graphs and promising alerts when bad actors show up in those graphs.
CSOonline

Google launches dependency API and curated package repository with security metadata

This week, Google launched a free API service that provides software developers with dependency data and security-related information on over 5 million software components across different programming ...
Dark Reading

Open Source Flaws Take Years to Find But Just a Month to Fix

Developer mistakes and indirect dependencies are the two main sources of vulnerabilities in open source software projects, which together are expected to cause the majority of security alerts in the ...
Dark Reading

Malicious NPM Packages Disguised With 'Invisible' Dependencies

As poisoned software continues to pop up across the industry, some threat actors have found a way to hide malicious code in npm packages and avoid detection from most security tools. In an blog post ...
InfoWorld

Conan 2.0 revamps C/C++ package manager

Major upgrade due in February features a cleaner syntax, a new public Python API, new build system integrations, and a new graph model that better represents the relations between packages. Conan 2.0, ...