How the GitHub Docs team uses GitHub Projects
Explore how the GitHub Docs team uses GitHub Projects for content coordination, reviews, and publishing.
GitHub Blog Search
Search Results for: enterprise
GitHub Actions – Updating the default GITHUB_TOKEN permissions to read-only
GitHub Actions - Updating the default GITHUB_TOKEN permissions to read-only
API requests are available via audit log streaming – Private Beta
API requests are available via audit log streaming - Private Beta
Audit log streaming to AWS S3 integration with AWS CloudTrail Lake
Audit log streaming to AWS S3 integration with AWS CloudTrail Lake
Twilio Segment is now a GitHub secret scanning partner
Twilio Segment is now a GitHub secret scanning partner
Secret scanning users can now see the validity of detected GitHub tokens
Secret scanning users can now see the validity of detected GitHub tokens
False-alert flags will appear in audit logs due to a bug in branch protections
False-alert flags will appear in audit logs due to a bug in branch protections
Remediation made simple: Introducing new validity checks for GitHub tokens
GitHub now tells you whether GitHub tokens found by secret scanning are active so you can prioritize and escalate remediation efforts.
Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use `git archive`, work in untrusted repositories, or use Git GUI on Windows.
3 common DevOps antipatterns and cloud native strategies that can help
Explore how GitHub and cloud native strategies can help you address common DevOps pipeline and team antipatterns.
Security overview’s team filter now includes repositories with write privileges
Security overview's team filter now includes repositories with write privileges
A smarter, quieter Dependabot
Dependabot is getting a little smarter—and, a little quieter—by reducing bot-based noise from repositories based on your interaction with Dependabot.
Passwordless deployments to the cloud
Discovering passwords in our codebase is probably one of our worst fears. But what if you didn’t need passwords at all, and could deploy to your cloud provider another way? In this post, we explore how you can use OpenID Connect to trust your cloud provider, enabling you to deploy easily, securely and safely, while minimizing the operational overhead associated with secrets (for example, key rotations).
Introducing required workflows and configuration variables to GitHub Actions
Now, you can standardize and enforce CI/CD best practices across all repositories in your organization to reduce duplication and secure your DevOps processes.
GitHub Actions – Support for organization-wide required workflows public beta
GitHub Actions - Support for organization-wide required workflows public beta