Programmer Introspective
Signing is Just the Start
Socket provides an introspective on code signing in relation to the supply chain incident from SolarWinds.
Big news!Introducing Socket AI - ChatGPT-Powered Threat Analysis.Learn more →
Project Health Reports now run on the default branch
The Socket GitHub app now runs Project Health Reports on the default branch instead of in pull requests.
Bret Comnes
May 3, 2023
The Socket GitHub app now runs Project Health Reports on the default branch instead of in pull requests. Previously, Project Health Reports were only run in the pull request context, along side pull request alert scanning. After usage feedback and building a better understanding how these reports are being used, we decided to run them on all new commits created on the default branch of repositories.
Photo by Simon Launay on Unsplash
Changelog
Subscribe to the Socket Blog
The Socket blog now offers both full content Atom and JSON feeds which let you subscribe to all future Socket blog posts.
By Bret Comnes
Application Security
npm Registry Code Signing
Socket explains the newly released npm provenance provided by GitHub.