The Security Alerts feature is one of GitHub's most useful services. It works by (GitHub) scanning the dependency tree (generated by the Dependency Graph feature) for a user's project.

To power GitHub’s security features, the platform aggregates and validates security vulnerabilities across millions of projects. Should one pop up, the API provides quick access to the information.

GitHub has updated its security alerts feature this week to support Python projects, after previously supporting JavaScript and Ruby. The feature, which launched last November, works by analyzing ...