When resolving security alerts for vulnerable transitive npm dependencies, it is possible that updating a direct dependency will remove the vulnerable transitive dependency from the tree. Dependabot can now resolve…
You can now display your local timezone on your profile to give others an idea of when to expect responses to pull requests or issues from you. You can opt…
You can now programmatically view and act on Dependabot alerts via the REST API. New endpoints to view, list, and update Dependabot alerts are available in a public beta. For…
Node 12 has been out of support since April 2022, as a result we have started the deprecation process of Node 12 for GitHub Actions. We plan to migrate all…
We have started creating and storing CodeQL databases for the most popular open-source projects on GitHub.com. If you use CodeQL for security research, you can now obtain these databases easily…
Today, we’re adding support for users to create a GitHub Sponsors profile and choose to receive sponsorship payouts via a fiscal host. This will give maintainers more flexibility and choice…
GitHub Mobile can no longer connect to GitHub Enterprise Server 3.1. To enable connections from GitHub Mobile to GitHub Enterprise Server, a site administrator must upgrade to GitHub Enterprise Server…
We recently released the ability to use web based authentication for the npm login and npm publish commands with the –auth-type=web flag. Now we are extending this feature to all…
A month ago we shared an update about the help.github.com URL. Starting today help.github.com will start redirecting to GitHub’s Support Portal at support.github.com Users should continue to use docs.github.com to…
Enterprise administrators can now choose to redirect signed-out Enterprise Managed Users to their company’s single sign-on (SSO) page. This feature is available as a public beta. By default, enterprises with…
The author of the Git commit created when squash merging a pull request is now shown before merging. Previously, the commit author was only shown when merging with a merge…
In order to streamline sponsoring maintainers, we’re changing the custom amount settings for GitHub Sponsors. Starting October 3rd, 2022, all Sponsors profiles will have custom amounts enabled by default. On…
Introducing “Edit File” within pull requests on GitHub for iOS! Make quick updates to existing pull requests to fix those pesky typos or add that missing method before merging. File…
When GitHub creates merge commits, like to test whether a pull request can be merged cleanly or to actually merge a pull request, it now uses the merge-ort strategy. merge-ort…
GitHub’s audit log allows admins to quickly review the actions performed by members of their Enterprise. It includes details such as who performed the action, what the action was, and…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
