The latest blogs from GitHub

Our community—along with ourselves—took a much needed break over the festive season. Now everyone is back into the full swing of work, and the open source community is showing us…

The GitHub Security Lab audited DataHub, an open source metadata platform, and discovered several vulnerabilities in the platform’s authentication and authorization modules. These vulnerabilities could have enabled an attacker to bypass authentication and gain access to sensitive data stored on the platform.

GitHub Desktop helps you feel confident in your Git and GitHub workflows.

SCaLE is the largest community-run open-source and free software conference in North America. It takes place next week in Pasadena, CA from March 9-12, 2023 and we’ll be there!

A deep dive into why more people are using Python than ever, its key use cases, and why it’s still so popular 30-plus years after it was first released.

In February, we experienced three incidents that resulted in degraded performance across GitHub services. This report also sheds light into a January incident that resulted in degraded performance for GitHub Packages and GitHub Pages and another January incident that impacted Git users.

We’re excited to announce the general availability of GitHub Actions Importer. GitHub Actions Importer helps you plan, forecast, and automate migrations from Azure DevOps, CircleCI, GitLab, Jenkins, and Travis CI…

Speed up your GitHub Actions jobs on macOS with all new, faster GitHub-hosted macOS runners for x64.

Explore how using GitHub and HashiCorp together enables enterprises to develop and ship to their customers faster and more secure with consistent workflows and actions.

Unlock the full potential of GitHub Codespaces with these 10 tips and tricks! From generating AI images to running self-guided coding workshops, discover how to optimize your software development workflow with this powerful tool.

Secret scanning alerts are now generally available for all public repositories. Admins can now turn on the alert experience with one click.

Learn how to enable developer productivity and collaboration while staying secure and compliant. Stay compliant without slowing down your business. From security to CI/CD, automate every step of your software workflow—so your developers can stay focused on what matters most: building.

Policymakers around the world are developing policies that impact how software gets built and who gets to build it, see the latest now.

CVE-2022-25664, a vulnerability in the Qualcomm Adreno GPU, can be used to leak large amounts of information to a malicious Android application. Learn more about how the vulnerability can be used to leak information in both the user space and kernel space level of pages, and how the GitHub Security Lab used the kernel space information leak to construct a KASLR bypass.

When you’re new to coding, it’s easy to get stuck completing endless tutorials. You can apply what you’ve learned (and learn even more) through GitHub Codespaces. The best part is you don’t need a powerful computer to get started.

GitHub Copilot boosts developer productivity, but using it responsibly still requires good developer and DevSecOps practices.

A look at what happened on January 30, what measures we’re putting in place to prevent surprises, and how we’ll handle future changes.

Learn about CodeQL’s improved user experience and enhancements that let you scan new languages, detect new types of CWEs, and perform deeper analyses of your applications.

Looking back over a year’s worth of developer-first content moderation and, new in this report, making our data more accessible to researchers.

Git users are encouraged to upgrade to the latest version, especially if they use `git apply` or `git clone` against untrusted patches or repositories.

We’re launching new improvements to GitHub Copilot to make it more powerful and more responsive for developers.