The latest blogs from GitHub

We’re excited to announce that the GitHub Advisory Database now includes curated security advisories on Erlang, Elixir, and more.

The open source Git project just released Git 2.37. Take a look at some of our highlights from the latest release.

To celebrate Maintainer Month, GitHub has invested an additional $500,000 to help sponsor the open source projects that it depends on.

We’re releasing exciting functionalities that will enable organizations to confidently manage and scale with Codespaces.

We’re making GitHub Copilot, an AI pair programmer that suggests code in your editor, generally available to all developers for $10 USD/month or $100 USD/year. It will also be free to use for verified students and maintainers of popular open source projects.

GitHub is excited to announce the release of CodeQL queries that implement the standards CERT C++ and AUTOSAR C++. These queries can aid developers looking to demonstrate ISO 26262 Part 6 process compliance.

Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities

Each month, we highlight open source projects that have shipped major updates. These projects can include everything from world-changing technology to developer tooling, and weekend hobbies. We cover what the…

In this post I’ll exploit CVE-2022-22057, a use-after-free in the Qualcomm gpu kernel driver, to gain root and disable SELinux from the untrusted app sandbox on a Samsung Z flip 3. I’ll look at various mitigations that are implemented on modern Android devices and how they affect the exploit.

Git Merge, the conference dedicated to bringing the Git community together returns on September 14-15 in Chicago, Illinois.

Teams and GHEC customers can now create blazing fast codespaces, even for your largest and most complex projects.

To combat the prevalence of malware in the open source ecosystem, GitHub now publishes malware occurrences in the GitHub Advisory Database. These advisories power Dependabot alerts and remain forever free and usable by the community.

Learn why the GitHub Design Infrastructure team built a dedicated color tool and how they use it to create new color palettes for GitHub.

We share a recap of a recent roundtable event about what a federal open source software policy could look like in the United States.

June’s Open Source Monthly features Modos–a community-focused company building software and hardware that designs digital devices with respect for users’ time, attention, and well-being.

How can you robustly assert and identify a user’s identity?

Discover how GitHub thinks about browser support, look at usage patterns, and learn about the tools we use to make sure our customers are getting the best experience.

Dependabot is generally available in GitHub Enterprise Server 3.5. Here is how to set up Dependabot on your instance.

We’re excited to announce that we’re open sourcing our Identity and Access Management solution: Entitlements.

Available in public beta today, we’re announcing Achievements as a new way to commemorate milestones on GitHub.

We are archiving Atom and all projects under the Atom organization for an official sunset on December 15, 2022.