Search results for: Security

With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.

The GitHub Enterprise Server 3.13 release is generally available GitHub Enterprise Server 3.13 gives customers more fine-grained control over deployment requirements and enhanced security controls. Here are a few highlights:…

Secret scanning’s delegated bypass for push protection allows you to specify which teams or roles have the ability to bypass push protection, and requires everyone else to submit a request…

Pushing code to GitHub is one of the most fundamental interactions that developers have with GitHub every day. Read how we have significantly improved the ability of our monolith to correctly and fully process pushes from our users.

CodeQL is the static analysis engine that powers GitHub code scanning. CodeQL version 2.17.4 has been released and has now been rolled out to code scanning users on GitHub.com. This…

For security and convenience, we’ve updated how the account picker can be triggered during sign-in to an OAuth or GitHub Application. Some apps will see it all of the time,…

We are excited to announce that compliance reports are now available for GitHub Copilot Business and Copilot Enterprise. Specifically, GitHub has published a SOC 2 Type I report for Copilot…

Dependabot can now provide updates to Rust dependencies by accessing Cargo private registries. To learn more, check out the documentation for configuring private registries for Dependabot.

We are excited to announce that organizations within an enterprise can now create network configurations independently of their enterprise for Azure private networking. Azure private networking is a powerful feature…

GitHub secret scanning lets you know if your secret is active or inactive with partner validity checks. These checks are run on an ongoing basis for supported providers for any…

This partnership between GitHub and JFrog enables developers to manage code and binaries more efficiently on two of the most widely used developer platforms in the world.

Secret scanning will now continually run validity checks on closed alerts, similarly to the behavior for open alerts today. You can still request on-demand checks for supported secret types from…

Announcing the second cohort, delivering value to projects, and driving a new frontier.

All organization owners now have access to a Compliance tab within their organization’s settings page. This page has been available for all organizations on the GitHub Enterprise plan, but is now…

The GitHub Enterprise Server 3.13 release candidate is here GitHub Enterprise Server 3.13 gives customers more fine-grained control over deployment requirements, and enhanced security controls. Here are a few highlights:…

GitHub celebrates Global Accessibility Awareness Day by launching another installment of the Coding Accessibility series and sharing how we scale accessibility within GitHub and beyond.

Git is releasing several new versions to address five CVEs. Upgrading to the latest Git version is essential to protect against these vulnerabilities.

We’re excited to announce that the dependabot-core project is being relicensed under the MIT License, making it easier for the community to contribute to Dependabot. Keeping dependencies updated is a…

Azure private networking was made generally available in April 2024 with 11 available regions. GitHub Actions has expanded the number of supported regions to 17, with the following new additions:…

Secret scanning is expanding coverage for push protection to repository file uploads made via a browser. If push protection is enabled for a repository, secret scanning will now also block…

When uploading a SARIF file that contains multiple SARIF runs for the same tool and category, Code Scanning combines those runs into a single run. Combining multiple runs within the…