OpenSFF’s Allstar aims to fix vulnerabilities in open source projects

By Kyle Wiggers
VentureBeat
 8 days ago

Cover picture for the articleLet the OSS Enterprise newsletter guide your open source journey! Sign up here. GitHub and Google today announced the launch of Allstar, an app that provides automated continuous enforcement of security best practices for GitHub projects. Allstar, which was created by Google and the wider Open Source Security Foundation (OpenSSF), can check for security policy adherence, set enforcement actions, and enact those enforcements when triggered by a setting or file change in a repository.

