GitHub Blog Search
Search Results for: Security
Revolutionize your open source workflows: the top 3 reasons why GitHub Codespaces is a must-have for maintainers
GitHub Codespaces is reliable, accessible, and always-ready. Try it out during Maintainer Month and take your projects to new heights!
How companies are boosting productivity with generative AI
Explore how generative AI coding tools are changing the way developers and companies build software.
Secret scanning’s push protection is available on public repositories, for free
Secret scanning's push protection is available on public repositories, for free
How to fix a ReDoS
Code scanning detects ReDoS vulnerabilities automatically, but fixing them isn’t always easy. This blog post describes a 4-step strategy for fixing ReDoS bugs.
Push protection is generally available, and free for all public repositories
Announcing the general availability of push protection–a feature that proactively prevents secret leaks in your public and private repositories.
Building a culture of innovation in your business with GitHub
Consider the typical software development practices in an organization. Projects are commonly closed, and causes friction across engineering teams. But open source communities work asynchronously, openly, remotely and at global-scale. What if our internal teams could reuse those same practices?
Secret scanning summary email for historical scans
Secret scanning summary email for historical scans
Dependabot alerts now automatically dismiss false positives for npm (public beta)
Dependabot alerts now automatically dismiss false positives for npm (public beta)
Dependabot relieves alert fatigue from npm devDependencies
A new alert rules engine for Dependabot leverages alert metadata to identify and auto-dismiss up to 15% of alerts as false positives.
Secret scanning now supports validation checks for supported partner patterns
Secret scanning now supports validation checks for supported partner patterns
Grafana Labs is now a GitHub secret scanning partner
Grafana Labs is now a GitHub secret scanning partner
GitHub Actions: Create and share your own deployment protection rules for safe and controlled deployments
GitHub Actions: Create and share your own deployment protection rules for safe and controlled deployments
Announcing GitHub Actions Deployment Protection Rules, now in public beta
Create and share your own deployment protection rules, or use the rules from our great partners, like Datadog, Honeycomb, New Relic, NodeSource, Sentry, and ServiceNow, to control your deployments with more confidence. And the API is open for the community to build their own rules to make GitHub Enterprise Cloud even better.
Private vulnerability reporting now generally available
Open source maintainers and security researchers embrace a new best practice to report and fix vulnerabilities.
Introducing npm package provenance
How to verifiably link npm packages to their source repository and build instructions.