GitHub has just announced that they are launching a Security Advisory API that will provide data on vulnerabilities aggregated from millions of projects. Programmatic access to security advisories should allow developers to more proactively address issues.
Previously users could find security alerts affecting a particular project on the repository's Alerts tab or in the repository's dependency graph. The company also allows users to automatically be notified of issues via a configurable security alert feature. With the release of the Security Advisory API, users are now able to track issues more broadly.
The announcement of this API comes as part of a larger release, which includes the all new GitHub Actions. In the announcement GitHub stated:
GitHub Actions allows you to connect and share code containers to run your software development workflow. Easily build, package, release, update, and deploy your project in any language—on GitHub or any external system—without having to run code yourself.
GitHub Actions is in limited private beta, interested parties can go here to sign up.