All historical NVD advisories are now listed on GitHub

When you visit the GitHub Advisory Database, you can now search for any historical advisory recognized by the National Vulnerability Database.

Previously, we only displayed advisories from our supported ecosystems. We then expanded to have an Unreviewed category for advisories that do not belong to those ecosystems, and we've been auto-publishing new advisories to this category since.

We've now backfilled our database to include all historical advisories from prior years, so you can find any advsiory you may be searching for regardless of publication date. This brings us to over 160 thousand advisories, and counting! You can browse them by clicking the "All unreviewed" button or by searching "type:unreviewed" in the search bar.
Unreviewed advisories backfilled

GitHub Education now provides a safe place for students to take the first step in their open source journey with the launch of Community Exchange on GitHub Global Campus. Community Exchange offers students the ability to connect with peers to learn valuable skills to contribute to open source.

cx_screenshot

With Community Exchange, users can discover student created repositories and even submit a repository of their own. By submitting a repository a student can:

  • Get exposure for their repository by the nearly two million students on Global Campus
  • Build their portfolio by maintaining or contributing to repositories
  • Help other students learn
  • Grow their network

Community Exchange is available to all Global Campus students on their Global Campus dashboard. Students who haven't joined Global Campus can apply for GitHub Global Campus benefits.

To learn more about Community Exchange, check out our blog post.

See more

GitHub Advanced Security customers can now use sort and direction parameters in the GitHub REST API when retrieving secret scanning alerts. API users can sort based on the alert’s created or updated fields. The new parameters are available at the enterprise, organization, and repository level API endpoints.

Learn more about the secret scanning REST API
Learn more about private repository scanning with Advanced Security

See more