Search results for: triage

In July, GitHub Mobile introduced three major improvements App Lock! Securely unlock the GitHub app with just a glance. Enable App Lock in Settings to use FaceID, TouchID or pass…

Organization owners can now grant a user or team access to all of the repositories in their org with a single click. Five new pre-defined roles have been added to…

Let’s take a look at 10 key moments from the first decade of the GitHub Security Bug Bounty program.

This partnership between GitHub and JFrog enables developers to manage code and binaries more efficiently on two of the most widely used developer platforms in the world.

We’re excited to announce that the dependabot-core project is being relicensed under the MIT License, making it easier for the community to contribute to Dependabot. Keeping dependencies updated is a…

Learn how to use CodeQL for security research and improve your security research workflow.

This blog post is an in-depth walkthrough on how we perform security research leveraging GitHub features, including code scanning, CodeQL, and Codespaces.

Our full year of 2023 transparency reporting data is now available and we’re taking a deep dive into how a form change caused an abrupt increase in circumvention claims.

With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.

GitHub Enterprise Server 3.12 is generally available GitHub Enterprise Server 3.12 is now generally available and gives customers more fine-grained control over deployment requirements, as well as enhanced security controls.…

Learn how we’re managing feature releases and establishing best practices within and across teams at GitHub using GitHub Projects.

The GitHub Enterprise Server 3.12 release candidate is here GitHub Enterprise Server 3.12 gives customers more fine-grained control over deployment requirements, enhanced security controls, and some . Here are a…

A peek under the hood of GitHub Advanced Security code scanning autofix.

More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.

Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.

Learn about how we run a scalable vulnerability management program built on top of GitHub.

For this year’s Cybersecurity Awareness Month, the GitHub bug bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@inspector-ambitious!

In this step-by-step tutorial, we’ll dive into how you can become the next open source contributor to the GitHub Classroom CLI, building commands that you can use to improve your workflow as an educator!

In the world of software development, collaboration can make the difference between a brittle last-minute release and a reliable, maintainable, pain-free project. Whether you’ve been coding for a day or a decade, your colleagues are there to help strengthen your work. But they can only help if you’ve given them the tools to do so.

Today’s Changelog includes updates to project templates, a pinned item side panel, and pull request support in tasklists! 🎨 Project template updates Since we announced the public beta of project…

Reduce developer and auditor friction involved in demonstrating compliance and maintaining end-to-end traceability by focusing your efforts around the pull request.