GitHub is boosting the security capabilities of its software development platform, introducing a new open source project dependency graphs and promising alerts when bad actors show up in those graphs.