As an organization owner or member of the security manager role, you can now use the repository security advisories REST API to get all repository security advisories across your organization.…
In the world of software development, collaboration can make the difference between a brittle last-minute release and a reliable, maintainable, pain-free project. Whether you’ve been coding for a day or a decade, your colleagues are there to help strengthen your work. But they can only help if you’ve given them the tools to do so.
You can now use the REST API to request a CVE identifier for your repository security advisories. Learn more about repository security advisories and CVE identification numbers.
We will be moving the private beta of required workflows on GitHub Actions to Repository Rules to give organization administrators a powerful way to protect their repositories with added feature…
Repository rules are now generally available on GitHub.com. Repository rules allow you to easily govern protections for branches and tags on your repositories. Repository collaborators also gain access to see…
Repository rules provide an easy, flexible way to define branch protections and ensure consistency in code across repositories.
npm will now check the linked source commit and repository when you view a package’s provenance information on npmjs.com. If the linked source commit or repository cannot be found, an…
With GHES 3.9, you and your organization can better manage your Dependabot alerts thanks to more granular enablement controls. You can now enable Dependabot alerts at the repository, organization, and…
We are introducing a number of enhancements, bug fixes and a breaking API change to repository rules. 1. UI Updates * Added a repository picker to target select repositories for…
Code scanning default setup now automatically updates when the languages in a repository change. If a repository that uses default setup changes to include the languages JavaScript/TypeScript, Ruby, Python, or…
The latest release of CodeQL for VS Code includes new functionality for creating lists of target repositories for multi-repository variant analysis with GitHub code search. Multi-repository variant analysis (MRVA) allows…
Code scanning now has the option to enable default setup for a subset of languages in a repository. This lets you customize the configuration to suit your repository’s needs, for…
We’ve now made it easier to understand changes to your repositories with the new activity view. Historically viewing pushes to a repository required contacting GitHub support. This new activity view…
Actions are coming to your Repositories on GitHub Mobile! Find all your repository’s workflows in one convenient place. Tapping on the new “Actions” row on a Repository now shows you…
On March 30, 2023, we fixed a bug that allowed a dependency graph hovercard URL to be used to retrieve the name, description, and star count of any repository on…
We’ve gotten great feedback on default setup, a simple way to set up code scanning on your repository. Now, you have the ability to use default setup across your organization’s repositories, in just one click.
Today we are announcing the public beta of repository rules! 🎉 Repository rules are GitHub’s next evolution of branch protections to help make your repositories more secure and compliant at…
You can now filter by repository topic or team on the enterprise-level Dependabot, code scanning, and secret scanning pages in security overview. These improvements have shipped to GitHub.com and will…
After recently adding the archive date of repositories to the GitHub UI, the timestamp is now also available in GraphQL API responses. Users can now query the archivedAt timestamp of…
You can now filter by repository topic or team on the organization-level Dependabot, code scanning, and secret scanning pages in security overview. These improvements have shipped to GitHub.com and will…
You can now programmatically view and act on repository advisories via a new REST API. New endpoints to create, view, list, and update advisories are available to all. Additionally, new…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
