Dependabot security updates now supports GitHub Actions
Dependabot security updates now supports GitHub Actions
GitHub Blog Search
Search Results for: Ecosystem
Dependabot support for self-hosted Hex repositories
Dependabot support for self-hosted Hex repositories
Octoverse 2022: 10 years of tracking open source
How is open source changing the world and impacting businesses? In this year's Octoverse report, we identified three big trends to watch.
Dependabot version updates for Docker image tags in Kubernetes manifests
Dependabot version updates for Docker image tags in Kubernetes manifests
An open source economy–built by developers, for developers
Investing in our open source future by supporting the maintainers of today.
The importance of improving supply chain security in open source
We think a lot about a high-profile supply chain attack that might cause developers, teams, and organizations to lose trust in open source. That’s why we’re investing in new ways to protect the open source ecosystem.
Bringing greater financial sustainability to open source communities
We know that companies benefit from open source. That's why we’re making it easier for companies to financially support projects.
Advocating for developers to the US Copyright Office
How GitHub advocated for developer interests at the US Copyright Office technical measures consultations
GitHub partners with Arm to revolutionize Internet of Things software development with GitHub Actions
Developers creating Internet of Things software use a complex stack of software that needs to be custom built into their CI/CD platform. Arm is leveraging the simplicity and scalability of GitHub Actions with a native integration that will revolutionize IoT software development.
Creating a more inclusive security research field
A glimpse into the backgrounds and day-to-day work of several GitHub employees in cybersecurity roles.
Choose your own GitHub Universe 2022 adventure
You can now build your agenda on GitHubUniverse.com! Whether you’re just getting started or you’re a seasoned industry professional, there’s a session for you.
What we learned from the Security Lab’s Community Office Hours
The GitHub Security Lab provided office hours for open source projects looking to improve their security posture and reduce the risk of breach. Here’s what we learned and how you can also participate.
Diversity, inclusion, and belonging at GitHub in 2022
As GitHub continues to grow, our vision of being the home for all developers continues to materialize, expanding our progress, perspectives, and responsibility to the world.
Why we’re excited about the Sigstore general availability
The Sigstore GA means you can protect your software supply chain today with GitHub Actions, and will power new npm security capabilities in the near future.
Dependabot updates support for the Python PEP 621 standard
Dependabot updates support for the Python PEP 621 standard
Reduce Dependabot version updates in your Python projects with the increase-if-necessary strategy
Reduce Dependabot version updates in your Python projects with the increase-if-necessary strategy
Dependabot can now generate security and version updates for Yarn v2 and v3
Dependabot can now generate security and version updates for Yarn v2 and v3
Improving navigation for GitHub Actions
GitHub Actions changed how developers automate workflows with GitHub. Today, we’re introducing a new navigation to manage your GitHub Actions experience, improving discoverability and accessibility as well as opening up future feature opportunities.
OSI’s Deep Dive is an essential discussion on the future of AI and open source
GitHub is sponsoring Open Source Initiative’s Deep Dive: AI because we think it’s important for the community to unpack how open source software, process, and principles can help best deliver on the promise of AI.
The Story of Scalar
New to Git v2.38, Scalar is a built-in repository manager for large repos. Here, we’ll tell the story of how Scalar went from a rough VFS for Git successor to a fully-integrated Git tool, with all of the engineering lessons learned in the process.
Developers are now included in the WIPO Global Innovation Index
We’re excited that the World Intellectual Property Organization (WIPO) has launched the 2022 edition of its Global Innovation Index (GII) with an indicator of developer creative outputs based on GitHub commits.