Skip to content
Avatar

Highlights

Block or Report

Block or report jhutchings1

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
jhutchings1/README.md

Hello! I'm Justin Hutchings, and I'm a product manager here at GitHub working on our security features for developers.

I'm currently working on our supply chain security features including @Dependabot, the Advisory Database, and the dependency graph.

Previously, I worked on the integration of Semmle's super cool CodeQL into GitHub with code scanning. Code scanning is free for public repositories, so go try it out (check your repository's security tab!).

A few of my talks on security and software:
GitHub Advanced Security roundup Applying the GitHub security development lifecycle to your project GitHub Code Scanning GitHub security advisories

Pinned

  1. This web app can be used to convert a Google calendar event into a simple Markdown file suitable for taking meeting notes.

    JavaScript 5 1

  2. This repository includes a Gemfile which includes a fake dependency which is always flagged as having security vulnerabilities.

    Ruby 6

  3. This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given organization.

    JavaScript 70 39

  4. This repo demonstrates how to use the GitHub Code Scanning API to export all the alerts in an organization to a CSV file

    JavaScript 15 9

  5. This repository creates pull requests to push a GitHub Actions workflow to a collection of workflows.

    PowerShell 24 21

685 contributions in the last year

Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Mon Wed Fri

Contribution activity

July 2022

Created 1 repository

Created a pull request in github/advisory-database that received 1 comment

[GHSA-7mwh-4pqv-wmr8] All versions of package scss-tokenizer are vulnerable to...

Updates Affected products Severity Source code location Summary

+26 −3 1 comment
20 contributions in private repositories Jul 1 – Jul 14

Seeing something unexpected? Take a look at the GitHub profile guide.