Skip to content

GitHub Sponsors for companies now available in beta

Companies can now invest in open source with GitHub Sponsors!

  • We’re launching GitHub Sponsors for companies in beta on December 8 (Tuesday) at Universe.
  • Self-service (payment via credit card or PayPal) orgs can sign up right away. During the beta, companies with invoiced accounts are not yet supported but can join a waitlist for updates.
  • Companies will be charged a 10% fee after the beta. We’re waiving the fee during the beta to thank early adopters for getting the program jump-started. After the beta, we will charge sponsors a 10% fee on top of the sponsorship amount to cover our operational costs.
  • We’ve added more discoverability with an improved Explore page.

Learn more

If you commit a secret to a public repository, the whole world can see it. GitHub secret scanning helps protect you from fraud and data breaches by scanning for leaked API tokens and, via our partners, automatically notifying you and/or revoking them.

In addition to our 33 existing partners, GitHub has now partnered with Doppler to scan for their API tokens. When we find a Doppler API token committed to a public repository we notify Doppler so they can automatically revoke it and notify the token owner. When we find a Doppler API token committed to a private repository with secret scanning enabled we notify the repository owner so they can take action.

See more

GitHub Apps and OAuth Apps now feature GA support for the OAuth 2.0 Device Authorization Grant, in addition to the existing Web Application Flow. This allows any CLI client or developer tool to authenticate using a secondary system with a browser. GitHub CLI uses this authentication method on the login command.

Read the full documentation on Authorizing OAuth Apps and Authorizing Users for GitHub Apps for more information.

See more