04/2023

You can now use the REST API to open a private vulnerability report on open-source repositories that have this feature enabled. Learn more about the repository security advisories REST API

On March 30, 2023, we fixed a bug that allowed a dependency graph hovercard URL to be used to retrieve the name, description, and star count of any repository on…

Since the introduction of Category Sections to organize content in our own community, users have asked for similar features to organize their own Discussions. Today, we’re introducing the ability for…

Available in public beta today, the security coverage page now includes multi-repository enablement, which lets you enable or disable security features across several repositories at once. This feature improves upon…

Today we are announcing the public beta of repository rules! 🎉 Repository rules are GitHub’s next evolution of branch protections to help make your repositories more secure and compliant at…

When we introduced GitHub Discussions in 2020, we allowed users to mark an answer to a question in the “Q&A” Discussions category. As the feature began getting more usage, we…

GitHub Importer allows you to import repositories from other code hosting platforms to GitHub.com using a UI or REST API. Today, GitHub Importer supports Git, Mercurial, Subversion and Team Foundation…

When changes in a repository make a Dependabot pull request out-of-date, Dependabot will automatically rebase it so that it is able to be merged without your manual effort. With this…

You can now filter by repository topic or team on the enterprise-level Dependabot, code scanning, and secret scanning pages in security overview. These improvements have shipped to GitHub.com and will…

You can now fetch release notes, changelogs and commit history for Docker update pull requests with Dependabot. This will allow you to quickly evaluate the stability risk of the dependency…

GitHub Advanced Security customers using secret scanning can now view any secrets exposed historically in an issue’s title, description, or comments within the UI or the REST API. This expanded…

Following our recent release of generating a software bill of materials from the repository’s dependency graph, you can now generate an SBOM for a repository using a new REST API…

Following a successful beta with lots of great customer feedback, webhook forwarding in the GitHub CLI is now available to everyone. Webhook forwarding makes it easy to test your webhooks…

Code scanning default setup is now available for Go! Default setup automatically finds and sets up the best CodeQL configuration for your repository. It detects the languages in the repository…

Users with access to secret scanning alerts can now view metadata for any active GitHub token leaked in their repositories. Metadata includes details like the token’s owner, expiration date, and…