Dependabot can now keep your GitHub Actions workflows using the latest, greatest, and most secure actions.
Check out the full blog post to learn more.
Code scanning users can now scan their code for vulnerabilities using the GitHub Open Source Static Analysis Runner (OSSAR) action.
At GitHub Satellite, we announced code scanning, part of GitHub Advanced Security. Along with showing results from CodeQL, GitHub's code analysis engine, code scanning can display findings from any static analysis tool. The OSSAR action wraps several popular open source tools to integrate them with code scanning.
If you are not yet part of the code scanning beta you can request access here.
Dependabot can now keep your GitHub Actions workflows using the latest, greatest, and most secure actions.
Check out the full blog post to learn more.
Releases now show a preview of the version number, repo name, and release notes when shared on social media sites like Twitter and Facebook.
Previously a link to https://github.com/github/fetch/releases/tag/v3.0.0 would have looked like this:
Now it looks like this: