Search results for: Ecosystem

Here are the top games created in our annual game jam as rated and reviewed by the developers that made them. Game On! 🤘🏻

As part of our ongoing commitment to npm ecosystem security, and in advance of enforcing two-factor authentication for top packages maintainers, the npm team has been hard at work improving…

Last week, GitHub joined the Internet Governance Forum to spread awareness of developers’ initiatives and public policy interests.

Code navigation is now available in PRs, and code navigation results for Python are now more precise.

Today we’re introducing enhanced login verification to the npm registry, and we will begin a staged rollout to maintainers beginning Dec 7.

GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow.

Recently, the Copyright Office responded to the calls to clarify the scope of protected security research.

What an incredible month it’s been for GitHub and our communities. Whilst we’ve been busy with GitHub Universe, our communities have been busy coding. It’s been a successful year for…

GitHub Marketplace just passed 10,000 published actions! Learn about contributing to this growing open source ecosystem.

If you are posting or editing a draft repository Security Advisory and the vulnerability impacts multiple packages and/or ecosystems, you can now identify all applicable affected products in the advisory.…

Catch up on 44 ships, including a colorblind-accessible theme, a public README.md for organizations, and customization of code review settings.

Today, we’re adding a proxy on top of the GitHub Advisory Database that speaks the `npm audit` protocol. This means that every version of the npm CLI that supports security audits is now talking directly to the GitHub Advisory Database.

macOS Big Sur (11) became generally available on GitHub-hosted runners in August 2021. Over the next 8 weeks, jobs using the macos-latest runner label will migrate from Catalina (10.15) to…

Filtered files on the Pull Request Files Changed tab are now completely hidden from view (not just collapsed). This helps decrease distractions and lets you focus on just the files…

The GitHub Advisory Database now includes curated Rust advisories. This brings the Advisory Database to eight supported ecosystems, including: Composer (PHP), Go, Maven, npm, NuGet, pip, and RubyGems. Support for…

We’re excited to announce that the GitHub Advisory Database now includes curated security advisories on the Rust ecosystem!

We put out a call to open source developers and security researchers to talk about the security vulnerability disclosure process. Here’s what we found.

Between July 21, 2021 and August 13, 2021 we received reports through one of our private security bug bounty programs from researchers regarding vulnerabilities in tar and @npmcli/arborist.

Ensuring that software copyright allegations are specific and actionable benefits the entire developer ecosystem. That’s why GitHub submitted a “friend of the court” brief in the SAS Institute, Inc. v. World Programming Ltd. case before a Federal Court of Appeals.

macOS 11 Big Sur is now generally available on GitHub-hosted runners. Use GitHub Actions to build and publish apps for the latest Apple ecosystem by updating your workflows to include…

Today, we’re happy to announce more than 15 new integrations with open source security tools that broaden our language coverage to include PHP, Swift, Kotlin, Ruby, and more.