Search results for: Ecosystem

GitHub Sponsors is now available to all developers in India – no more waitlist, you can sign up right away!

Dependabot alerts now show all affected files if your repository code is calling known vulnerable functions from the dependency’s vulnerability. Previously, we only highlighted one of these matches on an…

Introduction Open Sauced, GitHub’s Explore page, Hacktoberfest, and First Timers Only help folks discover open source projects. This monthly series–Open Source Monthly—will add to these efforts by helping: First-time contributors…

We’re taking a look at some of the most common security vulnerabilities and detailing how developers can best protect themselves.

GitHub will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023.

These days software is subject to an ever-changing threat landscape. Check out the many ways you can keep your projects secure on GitHub today.

The macOS 12 Actions runner image public beta is now available. Start using GitHub Actions to build and publish apps for the Apple ecosystem with the latest version of Xcode…

The ZX Spectrum, one of the best-selling microcomputers of all time, celebrates its 40 years anniversary today. Read more about how the community is still active – creating new content, archiving old content, and hacking on all sorts of hardware.

From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account.

Introducing CodeQL packs to help you codify and share your knowledge of vulnerabilities.

On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the impact to GitHub, npm, and our users.

Dependabot alerts now show if your repository code is calling known vulnerable functions from the dependency’s vulnerability. If your code is calling vulnerable code paths, this information is surfaced via…

Ensuring secure access to your source code is more important than ever. Git Credential Manager helps make that easy.

Users of Dependabot version updates can now proactively update their dependencies for Flutter or Dart projects which use the pub package manager. To test version updates on your own Dart…

From automating builds and releases to taking care of large-scale regression testing, here are a few ways we use GitHub Actions to build GitHub.

Anyone can now provide additional information to further the community’s understanding and awareness of security advisories.

Today we launched new code scanning analysis features powered by machine learning. The experimental analysis finds more of the most common types of vulnerabilities.

GitHub Enterprise Server 3.4 is now generally available for all customers. This release makes software development faster and more secure with new features like reusable workflows, Dependabot security updates, and GitHub Advanced Security enhancements.

A comprehensive guide for vulnerability reporters.

A deep dive into how GitHub adds support for new languages to CodeQL.

When digital infrastructure is overlooked by governments, it isn’t just a missed opportunity: policies may inadvertently endanger open source collaboration.