From malware.news
Google has open-sourced today a project named Allstar that can be used to secure GitHub projects by constantly watching and enforcing a set of security policies with the hope of preventing basic security misconfigurations.
Available as a GitHub app, Allstar can be installed on organizations and user accounts and allow it access to desired repositories.
Under the hood, Allstar works by reading a configuration file containing a set of user-defined rules—called security policies— and then constantly scanning and checking a project’s settings and recent events to ensure that no modifications are made to a project’s sensitive areas.