April 2022

Thanks to the efforts of the Elixir community, GitHub supports code navigation for Elixir repositories. Read how favorite language can add this support too!

These days software is subject to an ever-changing threat landscape. Check out the many ways you can keep your projects secure on GitHub today.

GitHub Desktop 3.0 brings better integration with your GitHub Pull Requests. You can now receive real time notifications and review the status of your check runs for your pull request.

This is the first post in a two-part series describing friendly forks and alternative strategies for managing them. Stay tuned for part two coming in May!

The ZX Spectrum, one of the best-selling microcomputers of all time, celebrates its 40 years anniversary today. Read more about how the community is still active – creating new content, archiving old content, and hacking on all sorts of hardware.

Do you worry that a CVE will hurt the reputation of your project? In reality, CVEs are a tracking number, and nothing more. Here’s how we think of them at GitHub.

From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account.

We’re kicking off InFocus, a global virtual event focused on accelerating, securing, and improving the way software development teams work.

The history of pre-receive hooks, how we discovered that the performance was problematic, and how we went about safely replacing them.

Organization profiles can now display custom content visible only to members of the organization. A new Member view can be tailored to show an alternative README and pinned private repositories.

We’re releasing exciting improvements that will streamline your Codespaces experience when working with multi-repository projects and monorepos.

Introducing CodeQL packs to help you codify and share your knowledge of vulnerabilities.

Another new release of Git is here! Take a look at some of our highlights on what’s new in Git 2.36.

On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the impact to GitHub, npm, and our users.

Upgrade your local installation of Git, especially if you are using Git for Windows, or you use Git on a multi-user machine.