SSH certificate authentication for GitHub Enterprise Cloud
Enterprise and organization admins can now register their SSH certificate authorities with GitHub, helping their team access repositories over Git using SSH certificates.
Introducing Soft U2F, a software U2F authenticator for macOS
In an effort to increase the adoption of FIDO U2F second factor authentication, we’re releasing Soft U2F—a software-based U2F authenticator for macOS. Soft U2F currently works with Google Chrome and Opera’s built-in U2F implementations, as
Soft U2F
In an effort to increase the adoption of FIDO U2F second factor authentication, we’re releasing Soft U2F: a software-based U2F authenticator for macOS. We’ve long been interested in promoting better user security through two-factor authentication
HTTPS for GitHub Pages
Millions of people rely on GitHub Pages to host their websites and millions more visit these websites every day. To better protect traffic to GitHub Pages sites, as well as to encourage the broader adoption
Two years of bounties
Despite the best efforts of its writers, software has vulnerabilities, and GitHub is no exception. Finding, fixing, and learning from past bugs is a critical part of keeping our users and their data safe on
LIKE injection
Looking through our exception tracker the other day, I ran across a notice from our slow-query logger that caught my eye. I saw a SELECT … WHERE … LIKE query with lots of percent signs
GitHub supports Universal 2nd Factor authentication
To help users better secure their accounts, we are expanding GitHub’s authentication system to support FIDO Universal 2nd Factor (U2F)—a rapidly growing open authentication standard. GitHub encourages developers to build U2F support into their own
Subresource Integrity
Like many sites, GitHub uses a content delivery network (CDN) to serve static assets such as JavaScript, CSS, and images to our users. The CDN makes web browsing faster by delivering assets from data centers
GitHub implements Subresource Integrity
With Subresource Integrity (SRI), using GitHub is safer than ever. SRI tells your browser to double check that our Content Delivery Network (CDN) is sending the right JavaScript and CSS to your browser. Without SRI,
Read-only deploy keys
You can now create deploy keys with read-only access. A deploy key is an SSH key that is stored on your server and grants access to a single GitHub repository. They are often used to
Join us at GitHub Universe
Our largest product and community conference is returning to the Palace of Fine Arts in San Francisco, November 13-14. Hear what's next for the GitHub platform, find inspiration for your next project, and connect with developers who are changing the world.
Get ticketsGitHub Actions now supports CI/CD
GitHub Actions makes it easier to automate how you build, test, and deploy your projects on any platform, including Linux, macOS, and Windows. Try out the beta before GitHub Actions is generally available on November 13.
Sign up for the beta