The dependency graph is rolling out for all PHP repositories with Composer dependencies. In addition to Composer, GitHub supports package managers for many other programming languages, including Maven, NPM, Yarn, and Nuget.
Senior Product Manager - Security & Open Source Intelligence
Token scanning has reached a new milestone: one billion tokens identified. We’ve also added five new partners—Atlassian, Dropbox, Discord, Proctorio, and Pulumi.
Commit signing is now enabled for all bots by default.
It’s more important than ever that every developer becomes a security developer—that they responsibly disclose vulnerabilities and patch vulnerable code quickly. Today, we’re excited to announce several new security features designed to make it easier for developers to secure their code.
See what launched at GitHub Universe
Missed the main event? Learn more about everything that launched at GitHub Universe, from GitHub for mobile and a redesigned notifications experience to the GitHub Archive Program.Read the day one keynote recap
Secure the world's code, together
On day two of GitHub Universe, we announced GitHub Security Lab, bringing together security researchers, maintainers, and companies across the industry to secure open source.Read the day two keynote recap