Echo JS 0.11.0

Using ChatGPT to look for malware on npm

at socket.dev

2 up and 0 down, posted by feross 392 days ago 5 comments

tracker1 387 days ago. link parent 1 point ▲ ▼

If you have a node codebase on Github, it will create pull requests against your codebase for your repository when there are security issues against a package you depend on. I'm not sure what you're expecting beyond that.

Replies

jklu 384 days ago. link 1 point ▲ ▼

Well apparently others can do more using technology that is made available by Microsoft. 

Things like detecting obfuscated code and SQL injection seem, reading this article, to be easily catched by chatGPT.
If this technology is so good, then why does GitHub not use it to improve security for the whole ecosystem?

tracker1 381 days ago. link 2 points ▲ ▼

You should file an issue, or the suggestion with Github.

jklu 369 days ago. link 2 points ▲ ▼

Thanks for the hint, it motivated me to figure out how to submit such a suggestion :-)
https://github.com/orgs/community/discussions/54075