Skip to content

Incremental improvements on security advisory form

We've recently released a few minor user experience improvements for our GitHub Security Advisory form:

  • You're no longer required to fill out as many fields in the form before submitting it, so you can publish faster.
  • You now fill out title/description first in the form.
  • You can now access the CVSS Calculator as a top-level attribute, rather than it being the bottom of a dropdown menu.

Further reading:

GitHub organizations can now use the code scanning organization-level API endpoint to retrieve code scanning alerts on public repositories; this no longer requires a GitHub Advanced Security license. This new endpoint supplements the existing repository-level endpoint.

Learn more about the code scanning organization-level REST API.

See more

Dependabot security updates now supports the Pub ecosystem, making it easier for you to fix vulnerable dependencies in your Dart or Flutter apps. With security updates enabled, Dependabot will automatically raise a pull request to update vulnerable Pub dependencies to the latest patched version.

Learn more about Dependabot security updates.

See more