At WESPA Spaces, on April 6, 2022, we held the second Graph Data Zagreb meetup! The speaker of this meetup was Goran Cvijanović, and he held the talk on ‘Detecting GitHub Repository Vulnerabilities with Graph Databases’. Everyone gathered at 6 PM and listened to Goran’s interesting presentation.

Due to the enormous rise of dependency chain attacks, especially through the NPM and PyPI package repositories, more scrutiny and mitigations should be added. We can visualize our software structure as a graph of dependencies and detect which components are exposed to the CVE security issues. Dependencies to the other repositories, libraries, and projects increase the complexity of this analysis, but they can be represented and visualized using graph technology.

Goran has shown an online service that they have built, Code Graph. You can use this service to check the public GitHub repositories to see if they are vulnerable to publicly disclosed cybersecurity vulnerabilities. Code Graph uses Python for web application service and Javascript for visualization. Memgraph is used as a graph database server.

Later on, everyone got the chance to meet and hang out with a tasty bite and toasted to yet another lovely meetup. 🍻

🗣️ You would like to talk about graphs? Fill out the form and we’ll contact you with the further information.

If you still haven’t, join the Graph Data Zagreb meetup group and stay tuned for the announcement of the next event! Want to continue the conversation you started at one of our meetups? Join Memgraph’s Discord server and check out the #graph-data-zagreb channel.