These compromised accounts could be used to roll out malicious changes or steal private code. GitHub explains that this move is part of its efforts to improve account security to secure the software development process. Then, GitHub expanded this policy to include all maintainers of popular packages with more than 500 dependents or over one million weekly downloads. The company made the 2FA requirement mandatory for maintainers of the top 100 npm packages in February 2022. GitHub first unveiled its plans to enroll all contributors in 2FA by the end of 2023. Starting today, the company will begin rolling out the 2FA requirement to all software developers worldwide. Microsoft’s owned GitHub has recently announced that it will soon require two-factor authentication (2FA) for developers who contribute code on the platform.
0 kommentar(er)
