Game Bytes · April 2023
Game Bytes is our monthly series taking a peek at the world of gamedev on GitHub—featuring game engine updates, game jam details, open source games, mods, maps, and more. Game on!
GitHub Blog Search
Search Results for: REST API
Building organization-wide governance and re-use for CI/CD and automation with GitHub Actions
Many of us are aware of the benefits that a strong focus on automation can bring, particularly in our development workflow and DevOps lifecycle. But silos across businesses can lead to duplication of effort, and potential to lose out on best practices. In this post, we’ll explore how CI/CD can be shared across your entire organization alongside policies, for a well-governed experience with GitHub Actions.
Build a secure code mindset with the GitHub Secure Code Game
Writing secure code is as much of an art as writing functional code, and it is the only way to write quality code. Learn how our Secure Code Game can provide you with hands-on training to spot and fix security issues in your code so that you can build a secure code mindset.
Highlights from Git 2.40
The first Git release of the year is here! Take a look at some of our highlights on what's new in Git 2.40.
Application security orchestration with GitHub Advanced Security
Learn how teams can leverage the power of GitHub Advanced Security’s code scanning and GitHub Actions to integrate the right security testing tools at the right time.
Release Radar · February 2023 Edition
Our community—along with ourselves—took a much needed break over the festive season. Now everyone is back into the full swing of work, and the open source community is showing us…
GitHub Security Lab audited DataHub: Here’s what they found
The GitHub Security Lab audited DataHub, an open source metadata platform, and discovered several vulnerabilities in the platform's authentication and authorization modules. These vulnerabilities could have enabled an attacker to bypass authentication and gain access to sensitive data stored on the platform.
How to build a consistent workflow for development and operations teams
Explore how using GitHub and HashiCorp together enables enterprises to develop and ship to their customers faster and more secure with consistent workflows and actions.
The code that wasn’t there: Reading memory on an Android device by accident
CVE-2022-25664, a vulnerability in the Qualcomm Adreno GPU, can be used to leak large amounts of information to a malicious Android application. Learn more about how the vulnerability can be used to leak information in both the user space and kernel space level of pages, and how the GitHub Security Lab used the kernel space information leak to construct a KASLR bypass.
Open source’s impact on the world’s 100 million developers
We’re taking a look at how open source software has evolved on GitHub, and how the role of a maintainer and contributor has changed alongside the massive growth in open source software.
Bypassing OGNL sandboxes for fun and charities
Object Graph Notation Language (OGNL) is a popular, Java-based, expression language used in popular frameworks and applications, such as Apache Struts and Atlassian Confluence. Learn more about bypassing certain OGNL injection protection mechanisms including those used by Struts and Atlassian Confluence, as well as different approaches to analyzing this form of protection so you can harden similar systems.
New GitHub CLI extension tools
Support for GitHub CLI extensions has been expanded with new authorship tools and more ways to discover and install custom commands. Learn how to write powerful extensions in Go and find new commands to install.
Passwordless deployments to the cloud
Discovering passwords in our codebase is probably one of our worst fears. But what if you didn’t need passwords at all, and could deploy to your cloud provider another way? In this post, we explore how you can use OpenID Connect to trust your cloud provider, enabling you to deploy easily, securely and safely, while minimizing the operational overhead associated with secrets (for example, key rotations).
GitHub and the Ekoparty 2022 Capture the Flag
Learn about the design behind, and solutions to, several of GitHub’s CTF challenge for Ekoparty’s 2022 event!
![[Video] How has open source changed in the last 10 years?](https://github.blog/wp-content/uploads/2022/12/CMT011-Octoverse2022.001-1.jpeg?resize=800%2C425)
[Video] How has open source changed in the last 10 years?
What’s the state of open source and how has it changed over the last decade? GitHub’s VP of Developer Relations, Martin Woodward, tackles that question and more in a 2022 keynote.
GitHub Actions – Sharing actions and reusable workflows from private repositories is now GA
GitHub Actions - Sharing actions and reusable workflows from private repositories is now GA
Creating an accessible search experience with the QueryBuilder component
GitHub’s search inputs have several complex accessibility considerations. Let’s dive into what those are, how we addressed them, and talk about the standalone, reusable component that was ultimately built.
Release Radar · October 2022 Edition
Before you say it, yes, the October Release Radar was supposed to be shared in November. But with Hackatoberfest, GitHub Universe, Turkey Day, and in real life (IRL) conferences returning…
ICYMI: A look back at GitHub Universe 2022
Catch up on everything we announced and see what else happened during this year’s GitHub Universe conference that took place November 9-10.