4 things you didn’t know you could do with GitHub Actions
GitHub Actions is a powerful platform that empowers your team to go from code to cloud, all from the comfort of your repositories. In this post, I’ll walk through a few examples of how you
Product
Featured
All "Product" posts
GitHub Security Lab Capture the Flag: A call to hacktion
Save the date! March 17 to 21, take your chance with the GitHub CTF “A Call to Hacktion!” What is a CTF? In software security, a Capture the Flag (CTF) is a contest where participants
The little bug that couldn’t: Securing OpenSSL
Software security doesn’t end at the boundaries of your own code. The moment a library dependency is introduced, you’re adopting other people’s code and any bugs that come with it. Code review and good software
GitHub Enterprise Server 3.0 is now generally available
Today we’re announcing general availability of GitHub Enterprise Server 3.0. Introduced during the GitHub Universe 2020 keynote, it’s the biggest ever change to Enterprise Server. Every company using GitHub can now safely and securely take
Avoiding npm substitution attacks
Supply chain attacks are a reality in modern software development. Thankfully, you can reduce the attack surface by taking precautions and being thoughtful about how you manage your dependencies. We hope you walk away from
Using CWE and CVSS scores to get more context on a security advisory
Security vulnerabilities can be unpleasant to address, and that only gets worse the more you have. When you’re dealing with a large volume of vulnerabilities, you need to be able to easily understand, compare, and
GitHub reduces Marketplace transaction fees, revamps Technology Partner Program
At GitHub, our community is at the heart of everything we do. We want to make it easier to build the things you love, with the tools you prefer to use—which is why we’re committed
GitHub Availability Report: January 2021
Introduction In January, we experienced one incident resulting in significant impact and degraded state of availability for the GitHub Actions service. January 28 04:21 UTC (lasting 3 hours 53 minutes) Our service monitors detected abnormal
npm 7 is now generally available!
After much anticipation, the npm CLI version 7 is now generally available! In addition to new features and some breaking changes, we have made a significant impact on the performance of npm 7 as compared
GitHub security features: highlights from 2020
We’ve made huge advances in our security features at GitHub in 2020, with launches for code scanning, secret scanning, Dependabot version updates, dependency review, and more.
