Dependabot auto-triage rules support CVE IDs and GHSA IDs
Dependabot auto-triage rules support CVE IDs and GHSA IDs
GitHub Blog Search
Dependabot auto-triage rules support CVE IDs and GHSA IDs
Dependabot user-defined rules for security updates and alerts; enforcement of auto-triage rules and presets for organizations (public beta)
Custom auto-triage rules for Dependabot alerts (public beta)
Expanding the Triage role and introducing new options for how content is reported
Expanding REST API support for triage and maintain roles
The triage and maintain roles now have expanded permissions. Users with the triage role can request reviews on pull requests, mark issues and pull requests as duplicates, and add or…
Administrators of organization-owned repositories can now assign "triage" and "maintain" roles to collaborators and teams as part of a public beta preview. If a contributor proves their ability to drive…
This blog post is an in-depth walkthrough on how we perform security research leveraging GitHub features, including code scanning, CodeQL, and Codespaces.
Our full year of 2023 transparency reporting data is now available and we’re taking a deep dive into how a form change caused an abrupt increase in circumvention claims.
With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.
The GitHub Enterprise Server 3.12 is generally available
Learn how we’re managing feature releases and establishing best practices within and across teams at GitHub using GitHub Projects.
The GitHub Enterprise Server 3.12 Release Candidate is available
A peek under the hood of GitHub Advanced Security code scanning autofix.
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.
Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.
Learn about how we run a scalable vulnerability management program built on top of GitHub.
For this year’s Cybersecurity Awareness Month, the GitHub bug bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@inspector-ambitious!
In this step-by-step tutorial, we’ll dive into how you can become the next open source contributor to the GitHub Classroom CLI, building commands that you can use to improve your workflow as an educator!