How we designed and wrote the narrative for our homepage
This post is the fifth installment of our five-part series on building GitHub’s new homepage: How our globe is built How we collect and use the data behind the globe…
GitHub Blog Search
This post is the fifth installment of our five-part series on building GitHub’s new homepage: How our globe is built How we collect and use the data behind the globe…
Security vulnerabilities can be unpleasant to address, and that only gets worse the more you have. When you’re dealing with a large volume of vulnerabilities, you need to be able…
After much anticipation, the npm CLI version 7 is now generally available!
If you haven’t seen it, the GitHub Changelog helps you keep up-to-date with all the latest features and updates to GitHub. We shipped a tonne of changes last year, and…
Dependency review allows you to easily understand your dependencies before you introduce them to your environment. As part of a pull request, you can see what dependencies you’re introducing, changing, or removing, and information about their vulnerabilities, age, usage, and license.
ghcr.io container names redirect to the container page
To best apply DevSecOps principles to improve the security of your supply chain, you should ask your developers to declare your dependencies in code; and in turn provide your developers with maintained ‘golden’ artifacts and automated downstream actions so they can focus on code.
Learn about nbdev, a new literate programming environment for Python.
Today we reinstated youtube-dl, a popular project on GitHub, after we received additional information about the project that enabled us to reverse a Digital Millennium Copyright Act (DMCA) takedown.
We’re releasing v7.0.0 of the npm CLI, which includes exciting new features such as Workspaces, automatically installed peer deps, and more!
Keep dependencies up to date, to make sure you can quickly apply a patch when it really matters - when there’s a critical security vulnerability.
Explore some impactful open source projects being created by teams around the world in response to COVID-19.
Learn more about updates we’ve made to our Terms of Service and Privacy Statement.
To celebrate 365 days of achievements, let’s look back at the code and communities built on GitHub this year.
Packages published to private repositories can now be deleted by organization owners via the Package Version Deletion API. Learn more from the documentation
Software security is a collective problem, a responsibility that involves producers and consumers of code, open source maintainers, security researchers, and security teams. At GitHub, we want to give the community the tools it needs to secure the software we all depend on.
The dependency graph is rolling out for all PHP repositories with Composer dependencies. In addition to Composer, GitHub supports package managers for many other programming languages, including Maven, NPM, Yarn, and Nuget.
We’re sharing interviews from several open source contributors about their projects, challenges, and what a GitHub sponsorship means to them. This week, hear from Fatih Arslan.