Code scanning now supports using CodeQL packs on GitHub.com and GHES
Code scanning now supports using CodeQL packs on GitHub.com and GHES
GitHub Blog Search
Code scanning now supports using CodeQL packs on GitHub.com and GHES
Dependabot now updates comments in GitHub Actions workflows referencing action versions
Some seriously spooktacular open source games for the web, Windows, macOS, and Linux with all sorts of fun hacks for infinite lives, invulnerability, and playing with time.
You can now build your agenda on GitHubUniverse.com! Whether you’re just getting started or you’re a seasoned industry professional, there’s a session for you.
Chief Tools is now a GitHub secret scanning partner
Explore how GitHub Enterprise can help you transform your software engineering organization and practices.
You may know that GitHub encrypts your source code at rest, but you may not have known that we encrypt sensitive database columns as well. Read about our column encryption strategy and our decision to adopt the Rails column encryption standard.
CodeQL code scanning now supports customizing build configurations for Go analysis
The GitHub Enterprise Server 3.7 Release Candidate is available
The Sigstore GA means you can protect your software supply chain today with GitHub Actions, and will power new npm security capabilities in the near future.
Dependabot updates support for the Python PEP 621 standard
Reduce Dependabot version updates in your Python projects with the increase-if-necessary strategy
Secret scanning enterprise-level enablement events now in the audit log
We’re always trying to improve the GitHub developer experience in meaningful ways, and we love learning from our customers. In the last several months we released several new fork capabilities, and we’re publishing revised fork documentation that gives more details with clearer explanations to make fork concepts easier to understand.
GitHub Actions:OpenID Connect support enhanced to enable secure cloud deployments at scale
Fine-grained personal access tokens offer enhanced security to developers and organization owners, to reduce the risk to your data of compromised tokens.
Secret scanning now runs a historical scan to detect newly added secret types
GitHub is sponsoring Open Source Initiative’s Deep Dive: AI because we think it’s important for the community to unpack how open source software, process, and principles can help best deliver on the promise of AI.