GitHub Rebase #10
And we're back! Rebase went on a bit of hiatus, but it has returned in full force for 2009. Read on for the latest and greatest coming out of GitHub!…
GitHub Blog Search
Search Results for: GitHub Actions
Hardening repositories against credential theft
Some best practices and important defenses to prevent common attacks against GitHub Actions that are enabled by stolen personal access tokens, compromised accounts, or compromised GitHub sessions.
Bring your enterprise together with enterprise accounts for all
With enterprise accounts for all, your organization can take advantage of all that GitHub Enterprise has to offer, from GitHub Actions and GitHub Advanced Security, to Copilot.
Why we’re excited about the Sigstore general availability
The Sigstore GA means you can protect your software supply chain today with GitHub Actions, and will power new npm security capabilities in the near future.
Get started with ease using security workflows!
GitHub Actions workflows in the Security category will now appear among the workflow recommendations based on a repository's content.
Hard and soft skills for developers coding in the age of AI
While AI revolutionizes software development, it still relies on developers to pilot its use. In this blog, we’ll cover the skills that developers need to have for navigating this new AI-powered coding frontier.
How to stay safe from repo-jacking
Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.
Fixing security vulnerabilities with AI
A peek under the hood of GitHub Advanced Security code scanning autofix.
5 ways to make your DevSecOps strategy developer-friendly
Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.
Securing our home labs: Home Assistant code review
The GitHub Security Lab examined the most popular open source software running on our home labs, with the aim of enhancing its security. Here's what we found and what you can do to better protect your own smart home.
Universe’s key takeaway: Innovate better with AI-powered workflows on a single, unified platform
Discover new AI-powered features and tools to help developers stay in the flow and organizations innovate at scale.
Octoverse: The state of open source and rise of AI in 2023
In this year’s Octoverse report, we study how open source activity around AI, the cloud, and Git are changing the developer experience.
The clock is ticking: Atlassian’s support for Bitbucket Server ends on February 15, 2024
Atlassian is ending support for its Server products—including Bitbucket Server—in February 2024. In this post, you’ll learn what that means for you, your options, and how you can move to GitHub.
[Private Beta] Jenkins Scripted Pipeline Migrations
[Private Beta] Jenkins Scripted Pipeline Migrations
A checklist and guide to get your repository collaboration-ready
In the world of software development, collaboration can make the difference between a brittle last-minute release and a reliable, maintainable, pain-free project. Whether you’ve been coding for a day or a decade, your colleagues are there to help strengthen your work. But they can only help if you’ve given them the tools to do so.
Metrics for issues, pull requests, and discussions
With the new Issue Metrics GitHub Action, you can now track and monitor important metrics related to issues, pull requests, and discussions, such as time to first response, time to close, and more!
Demonstrating end-to-end traceability with pull requests
Reduce developer and auditor friction involved in demonstrating compliance and maintaining end-to-end traceability by focusing your efforts around the pull request.
Leading your platform migration with developer experience
Developer experience (DevEx) is a key theme when it comes to transforming businesses with GitHub.