The latest blogs from GitHub

Git 2.46 is here with new features like pseudo-merge bitmaps, more capable credential helpers, and a new git config command. Check out our coverage on some of the highlights here.

Teams with neurodivergent employees can be up to 30 percent more productive. Discover tips on how best to support them in your workplace.

Take the next step in our GitHub for Beginners series and add code to your repository. Learn how to create branches and upload changes into a pull request.

Meet each maintainer, watch their project demos, and discover the unique story of each open source AI project.

Solving and staying ahead of problems when scaling up a system of GitHub’s size is a delicate process. Here’s a look at some of the tools in GitHub’s toolbox, and how we’ve used them to solve problems.

GitHub Staff Engineer Sarah Vessels discusses her philosophy of code review, what separates good code review from bad, her strategy for finding and reviewing code, and how to get the most from reviews of her own code.

In this blog post, we’ll explain how we discovered three critical vulnerabilities in Kafka UI and how they can be exploited.

An interview with economic researchers who are applying causal inference techniques to analyze the effect of generative AI tools on software development activity.

In June, we experienced two incidents that resulted in degraded performance across GitHub services.

Outcomes from the Partnership on AI and GitHub workshop.

Drag-and-drop is a highly interactive and visual interface. We often use drag-and-drop to perform tasks like uploading files, reordering browser bookmarks, or even moving a card in solitaire.

The next step in our GitHub for Beginners series is learning how to add files and folders to your GitHub repository.

In this post, I’ll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.

Git started on your first repository in the third installment of GitHub for Beginners. Discover the essential features and settings to manage your projects effectively.

Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in Ruby projects.

With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.

Unstructured data holds valuable information about codebases, organizational best practices, and customer feedback. Here are some ways you can leverage it with RAG, or retrieval-augmented generation.

In May, we experienced one incident that resulted in degraded performance across GitHub services.

From sending emergency alerts about nearby fires to mapping services in refugee camps, developers are taking action to solve global problems.

Pushing code to GitHub is one of the most fundamental interactions that developers have with GitHub every day. Read how we have significantly improved the ability of our monolith to correctly and fully process pushes from our users.

Let’s take a look at 10 key moments from the first decade of the GitHub Security Bug Bounty program.