The dependency graph is rolling out for all PHP repositories with Composer dependencies. In addition to Composer, GitHub supports package managers for many other programming languages, including Maven, NPM, Yarn, and Nuget. Â
Token scanning has reached a new milestone: one billion tokens identified. We’ve also added five new partners—Atlassian, Dropbox, Discord, Proctorio, and Pulumi.
Commit signing is now enabled for all bots by default.
Yarn now supports security alerts for public and private repositories.
It’s more important than ever that every developer becomes a security developer—that they responsibly disclose vulnerabilities and patch vulnerable code quickly. Today, we’re excited to announce several new security features designed to make it easier for developers to secure their code.
Our largest product and community conference is returning to the Palace of Fine Arts in San Francisco, November 13-14. Hear what's next for the GitHub platform, find inspiration for your next project, and connect with developers who are changing the world.
Get ticketsGitHub Actions makes it easier to automate how you build, test, and deploy your projects on any platform, including Linux, macOS, and Windows. Try out the beta before GitHub Actions is generally available on November 13.
Sign up for the beta