Search results for: triage

How to level up your Git game with GitHub CLI

Using Git in the CLI can improve your development speed and power. Here are our top eight commands for using GitHub via your command line.

An illustration of two octocats repairing a robot.

Changelog

What’s New in Mobile, July Update

Changelog

Pre-defined organization roles that grant access to all repositories

Security

10 years of the GitHub Security Bug Bounty Program

Let’s take a look at 10 key moments from the first decade of the GitHub Security Bug Bounty program.

News & insights

GitHub and JFrog partner to unify code and binaries for DevSecOps

This partnership between GitHub and JFrog enables developers to manage code and binaries more efficiently on two of the most widely used developer platforms in the world.

Changelog

dependabot-core is now open source with an MIT license

Security

CodeQL zero to hero part 3: Security research with CodeQL

Learn how to use CodeQL for security research and improve your security research workflow.

Security

Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private vulnerability reporting

This blog post is an in-depth walkthrough on how we perform security research leveraging GitHub features, including code scanning, CodeQL, and Codespaces.

News & insights

Exploring an increase in circumvention claims in our transparency data

Our full year of 2023 transparency reporting data is now available and we’re taking a deep dive into how a form change caused an abrupt increase in circumvention claims.

News & insights

GitHub Enterprise Server 3.12 is now generally available

With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.

Changelog

The GitHub Enterprise Server 3.12 is generally available

Developer skills

How we’re using GitHub Projects to standardize our workflows and stay aligned

Learn how we’re managing feature releases and establishing best practices within and across teams at GitHub using GitHub Projects.

Changelog

The GitHub Enterprise Server 3.12 Release Candidate is available

Engineering

Fixing security vulnerabilities with AI

A peek under the hood of GitHub Advanced Security code scanning autofix.

A schematic diagram depicting the steps an SAST tool takes to scan the source code of an SQL application under an SQL injection attack. The first step is tokenizing the source code, the second is abstracting the source code, the third conducting semantic analysis, the fourth conducting taint analysis, and the last generating a security alert about the SQL injection vulnerability.

Enterprise software

The architecture of SAST tools: An explainer for developers

More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.

DevSecOps

5 ways to make your DevSecOps strategy developer-friendly

Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.

Application security

Scaling vulnerability management across thousands of services and more than 150 million findings

Learn about how we run a scalable vulnerability management program built on top of GitHub.

Security

Cybersecurity spotlight on bug bounty researcher @inspector-ambitious

For this year’s Cybersecurity Awareness Month, the GitHub bug bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@inspector-ambitious!

Developer skills

Calling all teachers! Learn how to build new commands on the GitHub Classroom CLI

In this step-by-step tutorial, we’ll dive into how you can become the next open source contributor to the GitHub Classroom CLI, building commands that you can use to improve your workflow as an educator!

Collaboration

A checklist and guide to get your repository collaboration-ready

In the world of software development, collaboration can make the difference between a brittle last-minute release and a reliable, maintainable, pain-free project. Whether you’ve been coding for a day or a decade, your colleagues are there to help strengthen your work. But they can only help if you’ve given them the tools to do so.