Skip to content
View jhutchings1's full-sized avatar
170 followers · 2 following

Achievements

Achievement: YOLOAchievement: Pair Extraordinairex3Achievement: QuickdrawAchievement: Galaxy BrainAchievement: Pull Sharkx3Achievement: Arctic Code Vault ContributorAchievement: Starstruck
BetaSend feedback

Achievements

Achievement: YOLOAchievement: Pair Extraordinairex3Achievement: QuickdrawAchievement: Galaxy BrainAchievement: Pull Sharkx3Achievement: Arctic Code Vault ContributorAchievement: Starstruck
BetaSend feedback

Highlights

Block or Report

Block or report jhutchings1

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
jhutchings1/README.md

Hello! I'm Justin Hutchings, and I'm a product manager here at GitHub working on our security features for developers.

I'm currently working on our supply chain security features including @Dependabot, the Advisory Database, and the dependency graph.

Previously, I worked on the integration of Semmle's super cool CodeQL into GitHub with code scanning. Code scanning is free for public repositories, so go try it out (check your repository's security tab!).

A few of my talks on security and software:
GitHub Advanced Security roundup Applying the GitHub security development lifecycle to your project GitHub Code Scanning GitHub security advisories

Pinned

  1. calendar-to-md calendar-to-md Public

    This web app can be used to convert a Google calendar event into a simple Markdown file suitable for taking meeting notes.

    JavaScript 4 2

  2. test_vulnerability test_vulnerability Public

    This repository includes a Gemfile which includes a fake dependency which is always flagged as having security vulnerabilities.

    Ruby 8

  3. github/enable-security-alerts-sample github/enable-security-alerts-sample Public

    This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given organization.

    JavaScript 77 47

  4. get-code-scanning-alerts-in-org-sample get-code-scanning-alerts-in-org-sample Public

    This repo demonstrates how to use the GitHub Code Scanning API to export all the alerts in an organization to a CSV file

    JavaScript 17 9

  5. Create-ActionsPRs Create-ActionsPRs Public

    This repository creates pull requests to push a GitHub Actions workflow to a collection of workflows.

    PowerShell 40 25