The latest blogs from GitHub

When it comes to secure database access, there’s more to consider than SQL injections. OWASP Top 10 Proactive Control C3 offers guidance.

Learn new skills, build projects and meet like-minded students with the latest shows from the GitHub Education Stream Team.

GitHub continues to improve account security and developer experience with a new 2FA mechanism in GitHub Mobile on iOS and Android.

The open source Git project just released Git 2.35. Here’s GitHub’s look at some of the most interesting features and changes introduced since last time.

Our community has been hard at work through December shipping updates. Here’s our staff picks for open source projects with major version releases.

When digital infrastructure is overlooked by governments, it isn’t just a missed opportunity: policies may inadvertently endanger open source collaboration.

We’re excited to announce the V4 release of the OpenSSF’s Scorecard project in partnership with Google.

With the successful liftoff of the James Webb Space Telescope, we ask our very own Arfon Smith about the history of open source and space science.

Here are the top games created in our annual game jam as rated and reviewed by the developers that made them. Game On! 🤘🏻

From answering questions about a new release to fielding feature requests, here’s how five open source communities use GitHub Discussions.

My colleague Stormy Peters and I are proud to represent GitHub at the White House’s Open Source Software Security Summit.

Learn how the GitHub Mobile Team automates their release process with GitHub Actions.

In December, we experienced no incidents resulting in service downtime to our core services.

The GitHub Security Lab’s CodeQL bounty program fuels GitHub Advanced Security with queries written by the open source community.

As the year winds down, we’re highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers.

In this third and last part, I’ll share the results of my research on Apache HTTP server, and I’ll show some of the vulnerabilities that I’ve found.

GitHub was honored to contribute to the Santa Clara Principles on Transparency and Accountability in Content Moderation 2.0.

In this post, I’ll discuss how to apply OWASP Proactive Control C2: Leverage security frameworks and libraries.

When you want to create a workflow in the Actions tab of your repository, the recommendations are now based on an analysis of repo content.

Codespaces is a great tool for technical hiring exercises and helps level the playing field for candidates.

Looking to avoid security vulnerabilities, buttons that don’t work, slow site speeds, or manually writing release notes? This one’s for you.