GitHub security advisories support CVSS 4.0

GitHub security advisories now support the new CVSS 4.0 schema. CVSS, or the Common Vulnerability Scoring System, is an industry standard maintained by FIRST. The CVSS 4.0 standard adds new metrics for a more thorough assessment of the risk of a particular vulnerability.

When creating a repository security advisory, you can now calculate either a CVSS 4.0 or 3.1 base score and view this data on the published global advisory, related Dependabot alerts, and through the API.

Learn more about CVSS scores and GitHub security advisories and the GitHub Advisory Database.

Inline Chat is now available in GitHub Copilot in JetBrains

You can now interact with GitHub Copilot directly within your active code file with Inline Chat for GitHub Copilot in JetBrains! This new feature is designed to enhance your coding experience by integrating interactive assistance directly within your code editor.

To start using it, ensure you have the GitHub Copilot plugin version 1.5.21.6667 or above installed in your JetBrains IDEs.

How to get started?

  1. Open Your File: Begin by opening the file you want to work on.
  2. Place Your Cursor: Position your cursor on the specific line or code block you want to discuss.
  3. Use the Shortcut: To access GitHub Copilot’s inline chat feature, press Shift+Ctrl+I (Mac) or Shift+Ctrl+G (Windows). Alternatively, right-click and choose “GitHub Copilot > Copilot: Inline Chat”. You can also simply click on the Copilot icon that appears when you select a line or section of code

How Inline Chat enhances your coding experience

  • Enhanced Workflow: Keep your focus on coding while receiving suggestions directly within the editor.
  • Contextual Awareness: Provide Copilot with specific code snippets for more relevant recommendations.
  • Focused Interaction: Enjoy a streamlined experience without the need for frequent context switching.

When to use Inline Chat

  • Refactoring: Request alternative methods to achieve the same functionality with cleaner, more maintainable code.
  • Testing: Get help generating unit tests for specific sections of your code.
  • Code Improvement: Seek assistance with restructuring complex logic, renaming variables, or adding comments for better readability.
  • Vulnerability Assessment: Consult Copilot about potential vulnerabilities, but remember to use established security tools for a comprehensive evaluation.
  • Performance Optimization: Obtain suggestions for improving your code’s efficiency.

How Inline Chat differs from Side Panel Chat

While both Inline Chat and Side Panel Chat allow interaction with Copilot, Inline Chat provides a more focused experience by integrating conversations directly with your active file. The Side Panel Chat, on the other hand, offers a dedicated space for broader discussions and tracking past interactions.

Start leveraging the power of Inline Chat in JetBrains Copilot today and make your coding experience more seamless and efficient!

Join the discussion within GitHub Community.

See more

GitHub CLI renews GPG signing key for Linux packages

The GPG key used to verify GitHub CLI Debian and RedHat packages expired on Friday, September 6. If you have installed gh via our official package repositories, we ask that you update your keyring to the new key to continue verifying GitHub CLI releases.

Please refer to this documentation for instructions on how to do so with your respective package manager.

For reference, a note on this was also included in the CLI v2.56.0 release notes, published earlier this week.

See more
View all changes