Unlocking security updates for transitive dependencies with npm
How Dependabot integrated with npm to address security vulnerabilities on transitive dependencies and increase the likelihood of success for JavaScript security updates by 40%.
Category
Engineering
New GitHub CLI extension tools
Support for GitHub CLI extensions has been expanded with new authorship tools and more ways to discover and install custom commands. Learn how to write powerful extensions in Go and find new commands to install.
GitHub Availability Report: December 2022
In December, we did not experience any incidents that resulted in degraded performance across GitHub services. This report sheds light into an incident that impacted customers using GitHub Packages and GitHub Pages in November.
What’s with all the ducks?
What in the world do rubber ducks have to do with programming? And why were they everywhere at GitHub Universe? A lot of you asked, so I’m here to help explain.
How we use GitHub to be more productive, collaborative, and secure
Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.
Creating an accessible search experience with the QueryBuilder component
GitHub’s search inputs have several complex accessibility considerations. Let’s dive into what those are, how we addressed them, and talk about the standalone, reusable component that was ultimately built.
Highlights from Git 2.39
Another new release of Git is here to end the year! Take a look at some of our highlights on what's new in Git 2.39.
Experiment: The hidden costs of waiting on slow build times
How much does it really cost to buy more powerful cloud compute resources for development work? A lot less than you think.
GitHub Availability Report: November 2022
In November, we experienced two incidents that resulted in degraded performance across GitHub services. This report also sheds light into an incident that impacted Codespaces in October.
To infinity and beyond: enabling the future of GitHub’s REST API with API versioning
We’re introducing calendar-based versioning for our REST API, so we can keep evolving our API, whilst still giving integrators a smooth migration path and plenty of time to update their integrations.
Exciting new GitHub features powering machine learning
Discover the exciting enhancements in GitHub that empower Machine Learning practitioners to do more.
How GitHub converts previously encrypted and unencrypted columns to ActiveRecord encrypted columns
This post is the second part in a series about ActiveRecord::Encryption that shows how GitHub upgrades previously encrypted and unencrypted columns to ActiveRecord::Encryption.
GitHub Availability Report: October 2022
In October, we experienced four incidents that resulted in degraded performance across GitHub services. This report also sheds light into an incident that impacted Codespaces in September.
Why and how GitHub encrypts sensitive database columns using ActiveRecord::Encryption
You may know that GitHub encrypts your source code at rest, but you may not have known that we encrypt sensitive database columns as well. Read about our column encryption strategy and our decision to adopt the Rails column encryption standard.
The Story of Scalar
New to Git v2.38, Scalar is a built-in repository manager for large repos. Here, we’ll tell the story of how Scalar went from a rough VFS for Git successor to a fully-integrated Git tool, with all of the engineering lessons learned in the process.
GitHub Availability Report: September 2022
In September, we experienced one incident that resulted in degraded performance across GitHub services. We also experienced one incident resulting in significant impact to Codespaces. We are still investigating that incident and will include it in next month’s report. This report also sheds light into an incident that impacted Codespaces in August and an incident that impacted Actions in August.