[ad_1]
As an energetic member of the open supply software program (OSS) group, Google acknowledges the rising risk of software program provide chain assaults in opposition to OSS we use and develop. Constructing on our efforts to enhance OSS safety with an end-to-end framework (SLSA), metrics (Scorecards), and coordinated vulnerability disclosure (information), we’re excited to announce Allstar.
Allstar is a GitHub app that constantly enforces safety coverage settings by way of selectable automated enforcement actions. Allstar is already submitting and shutting safety points for Envoy and GoogleContainerTools, with extra organizations and repositories lined up.Â
See the OpenSSF announcement for extra info on Allstar.
[ad_2]
