Search results for: integrator

GitHub, the Rust Foundation, and the Rust Project are collaborating to help protect you from leaked crates.io keys. From today, GitHub will scan every commit to a public repository for…

On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the impact to GitHub, npm, and our users.

GitHub Secret Scanning scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally. This protects users from fraud and data leaks. GitHub has…

If you commit a secret to a public repository, the whole world can see it. GitHub secret scanning helps protect you from fraud and data breaches by scanning for leaked…

GitHub and the Python Package Index (PyPI) are collaborating to help protect you from leaked PyPI API tokens. From today, GitHub will scan every commit to a public repository for…

Your tools. Your workflows. All within Copilot Chat. GitHub Copilot Extensions are now generally available for users across all Copilot license tiers. With Copilot Extensions, you can integrate and prompt…

The GitHub Awards celebrates the outstanding contributions and achievements in the developer community by honoring individuals, projects, and organizations for creating an outsized positive impact on the community.

Code reviews and suggestions from colleagues, integrators, and AI agents like Copilot code review and Copilot autofix increase your code’s quality, but at times they can get overwhelming. You can…

Outcomes from the Partnership on AI and GitHub workshop.

The Source Imports REST API allows integrators to programatically import internet-accessible Git repositories into GitHub.com – for example, from code hosting platforms like Bitbucket Cloud or GitLab.com. We’re ending support…

In early July, GitHub announced a new rate limit was coming for the audit log API endpoints. Starting today, each audit log API endpoint will impose a rate limit of…

What’s the state of open source and how has it changed over the last decade? GitHub’s VP of Developer Relations, Martin Woodward, tackles that question and more in a 2022 keynote.

Today, we’re introducing calendar-based versioning for the REST API to give API integrators a smooth migration path and plenty of time to update their integrations when we need to make…

We’re introducing calendar-based versioning for our REST API, so we can keep evolving our API, whilst still giving integrators a smooth migration path and plenty of time to update their integrations.

API users can now integrate with a new dependabot_alert webhook, which matches the naming and structure of the recently introduced Dependabot alerts REST API. You should use this webhook in…

npm’s impact analysis of the attack campaign using stolen OAuth tokens and additional findings.

From today the OAuth Device Authorization flow feature must be manually enabled for all OAuth and GitHub Apps. This change reduces the likelihood of Apps being used in phishing attacks…

On September 28, 2021, we received notice from the developer Axosoft regarding a vulnerability in a dependency of their popular git GUI client – GitKraken. An underlying issue with a dependency, called `keypair`, resulted in the GitKraken client generating weak SSH keys.

The benefits of multifactor authentication are widely documented, and there are a number of options for using 2FA on GitHub.

A public beta for CodeQL package manager, additional options to manage Actions runs from first-time contributors, GitHub Discussions translation, and more.

This month, we have some exciting updates to share. A lot of you have welcomed the improvements to your ability to sync a forked repo with upstream from the web…