How the community powers GitHub Advanced Security with CodeQL queries
The GitHub Security Lab’s CodeQL bounty program fuels GitHub Advanced Security with queries written by the open source community.
The GitHub Security Lab’s CodeQL bounty program fuels GitHub Advanced Security with queries written by the open source community.
In August of 2020, we started highlighting stories that showcase how developers, maintainers, and organizations are moving humanity forward through The ReadME Project.
When you move from 1 maintainer to 1+N maintainers of your project, things can get complicated. Minimum Viable Governance (MVG) is a simple, easy-to-implement governance framework for your free and open source projects.
GitHub’s supply chain security features are now available for Go modules, which will help the Go community discover, report, and prevent security vulnerabilities.
A year ago, we were celebrating the launch of GitHub India to serve the third largest developer community on GitHub. Today, I am thrilled to welcome GitHub Satellite to India…
February is Black History Month in the US and Canada, a month when we celebrate our amazing Black/African American heritage and what it represents in our society, our work, and…
This is the second post in a series about how we built our new homepage. How our globe is built How we collect and use the data behind the globe…
Remote Education explores the challenges of organizing student communities and events online. We’ll be speaking with event organizers and community leaders in the industry and academics each week to help…
GitHub provides the security capabilities to achieve Level 1 of the OWASP DevSecOps Maturity Model. In this post, we explore the principles of DSOMM Level 1 and how you can implement secret scanning, SCA, SAST and DAST using native tooling on GitHub.
Community content reports included in community profile
We’ve given the GitHub Support Community a major upgrade with a number of benefits: built using open-source, great Markdown support, more responsive design, and so much more.
GitHub Actions continues its community momentum and ships new features for enterprises and developers.
We’ve taken further steps to ensure that our people can be safe and productive wherever they are, and that our community’s home on GitHub remains reliable and resilient.
Learn more about decisions we’ve made to protect our employees, our community, and our customers in response to COVID-19.
As we celebrate Actions becoming generally available, check out some of the ways teams are contributing to Actions—and how you can start automating more of your workflow.
Celebrate a GitHub Action’s milestone with highlights of a few key actions and a technology partner’s work.
To make it easier for businesses to securely embrace open source and keep up with the best technology has to offer, we’re launching several improvements to GitHub Enterprise. These new features will support businesses as they work toward their goals, encourage open collaboration, and build trust at scale.
Today, we joined hundreds of developers in Berlin for GitHub Satellite, our global developer conference. To celebrate our interconnected community, we launched GitHub Sponsors to help support open source maintainers and contributors, released new security features to enable more secure software development from start to finish, and introduced new capabilities that address the needs of enterprises and large organizations.
Users can hover over a repository’s contributor count, and community contributors will show a hovercard of direct and transitive contributors to dependencies parsed from that repository’s dependency graph. Learn more…
We’re excited to welcome the Apache Software Foundation (ASF) to GitHub.
Organizations can now add community health files to a specially named .github repository to serve as organization-wide defaults for all repositories within their organization. You can add CONTRIBUTING, SUPPORT, CODE_OF_CONDUCT,…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Get tickets to the 10th anniversary of our global developer event on AI, DevEx, and security.