GitHub has announced a slew of supply chain security upgrades for modules based on the Go programming language.
On July 22, GitHub staff product manager William Bartholomew said in a blog post that Go — also known as Golang — is now firmly entrenched in the top 15 programming languages on the platform, and as the most popular host for Go modules, GitHub wants to help the community “discover, report, and prevent security vulnerabilities.”
Introduced in 2019, Go modules were designed to improve dependency management. According to the Go Developer Survey 2020, 76% of respondents said that Go is now used in some form in the enterprise.
In addition, Go modules adoption is increasing, with 96% of those surveyed saying that these modules are used for package management — an increase of 7% from 2019 — and 87% of respondents reported that only Go modules are used for this purpose.
An overall trend in the survey appears to suggest the use of other package management tools is decreasing.