Announcing the public preview of GitHub Advanced Security for Azure DevOps
GitHub Advanced Security for Azure DevOps is now available for public preview, making GitHub’s same application security testing tools natively available on Azure Repos.
I’m excited to announce that GitHub has signed an agreement to acquire npm.
For the millions of developers who use the public npm registry every day, npm will always be available and always be free. Our focus after the deal closes will be to:
Looking further ahead, we’ll integrate GitHub and npm to improve the security of the open source software supply chain, and enable you to trace a change from a GitHub pull request to the npm package version that fixed it. Open source security is an important global issue, and with the recent launch of the GitHub Security Lab and GitHub’s built-in security advisories, we are well-positioned to make a difference. In addition, GitHub Sponsors has already paid out millions of dollars to open source contributors, and we’re excited to explore tasteful ways to extend it to the npm ecosystem.
We also welcome your ideas on the future of npm. We’ll be hosting a Reddit AMA with some of the people on the team in the coming days.