Users can hover over a repository’s contributor count, and community contributors will show a hovercard of direct and transitive contributors to dependencies parsed from that repository’s dependency graph.
WhiteSource vulnerability data
GitHub has partnered with WhiteSource to bring their vulnerability database into GitHub’s security vulnerability alerts. This additional data increases the number of known vulnerabilities to better protect your projects from risks in vulnerable dependencies.
Administrators of organization-owned repositories can now assign “triage” and “maintain” roles to collaborators and teams as part of a public beta preview.
If a contributor proves their ability to drive technical discussions or lead development of your project, you can empower them to take on additional issue or repository management responsibilities without needing to also grant the ability to modify your project’s source code or change potentially destructive repository settings.
The new roles are available to all organizations on the Free, Team, and Enterprise Cloud plans. For more information, see our documentation “Repository permission levels for an organization”.