Search results for: Ecosystem

Multi-ecosystem grouped updates are now generally available for all Dependabot users! This configurable functionality allows you to group security or version dependency updates across multiple package ecosystems into a single…

GitHub’s dependency graph now supports a wider range of package ecosystems, including transitive path information and the registered name of the ecosystem. This change increases the accuracy and usefulness of…

Explore insights into open source community growth, innovation, and inclusivity with an updated survey dataset.

Applications for the new GitHub Secure Open Source Fund are now open! Applications will be reviewed on a rolling basis until they close on January 7 at 11:59 pm PT. Programming and funding will begin in early 2025.

Whether you’re an individual developer looking to streamline your workflow or an organization aiming to integrate proprietary tools, GitHub Copilot Extensions now offers a platform to make that happen and to share your creations on the GitHub Marketplace.

The world of Copilot is getting bigger, improving the developer experience by keeping developers in the flow longer and allowing them to do more in natural language.

We’re sharing details of recent incidents on the npm registry, our investigations, and how we’re continuing to invest in the security of npm.

As the world becomes more interconnected and complicated, so too does the expanse of open source ecosystems. While the majority of open source software (OSS) lies with corporate technology companies,…

We detail the great momentum we’ve had with our partners at GitHub this past year, building a healthy ecosystem aimed at making our users more productive.

Automatic dependency submission now supports the pip package manager for Python. This release completes the cohort of package managers that now have auto-submission support, adding to the previously-released Maven, Gradle,…

Learn how to streamline your development workflow with five different MCP use cases.

Dependency auto-submission now supports the .NET package manager NuGet. This feature continues to expand the supported range of package manager ecosystems, adding to the existing Maven and Gradle support. Dependency…

The GitHub dependency graph maps every direct and transitive dependency in your project, so you can identify risks, prioritize fixes, and keep your code secure.

The cooldown feature is now generally available for Dependabot version updates! This feature gives you control over when version update pull requests are created to bump your dependencies. What’s new…

Use these insights to automate software security (where possible) to keep your projects safe.

The open source Git project just released Git 2.50. Here is GitHub’s look at some of the most interesting features and changes introduced since last time.

Get insights on the latest trends from GitHub experts while catching up on these exciting new projects.

A full look at agent mode in GitHub Copilot, including what it can do, when to use it, and best practices.

Implementing features has never been easier: Just assign a task or issue to Copilot. It runs in the background with GitHub Actions and submits its work as a pull request.

GitHub takes the Global Accessibility Awareness Day (GAAD) pledge.

Three maintainers share their tips for gracefully sunsetting open source projects.