Introducing the Rally + GitHub integration
GitHub's Professional Services Engineering team has decided to open source another project: Rally + GitHub. You may have seen our most recent open source project, Super Linter. Well, the team has done…
GitHub Blog Search
Search Results for: Issues
Secure at every step: A guide to DevSecOps, shifting left, and GitOps
When developers share the responsibility of security, perform security testing earlier in your development lifecycle, and use Git as a source of truth, you can help your development teams find and remediate security issues faster.
Achieving DevSecOps maturity with a developer-first, community-driven approach
GitHub provides the security capabilities to achieve Level 1 of the OWASP DevSecOps Maturity Model. In this post, we explore the principles of DSOMM Level 1 and how you can implement secret scanning, SCA, SAST and DAST using native tooling on GitHub.
GitHub Actions: Enterprise runners and fine-grained access settings with runner groups
GitHub Actions hosted virtual environments are a turn-key option for running your workflows. But if you need fine-grained control and customization of your environment, then self-hosted runners give you full…
Secure at every step: How GitHub’s dependency graph is generated
GitHub’s dependency graph identifies all upstream dependencies and public downstream dependents of a repository or package by parsing manifest files, so that you can better manage the security and compliance of your dependencies.
Maintainer spotlight: How to secure your project with one of the world’s top open source tools
Simon Bennetts is the OWASP Zed Attack Proxy (ZAP) Project Leader and a Distinguished Engineer at StackHawk, a company that uses ZAP to help users fix application security bugs before they hit production. Prior to making the move into security, he was a developer for 25 years and strongly believes that you can’t build secure web applications without knowing how to attack them.
Plan ahead using the GitHub public roadmap
The GitHub public roadmap is a new public repository hosted on GitHub, designed to give you and your team the information you need to plan ahead. You can learn about many of…
Announcing the GitHub public roadmap
The public roadmap is designed to give your team more information about what features and functionality you can expect from GitHub over the coming quarters.
Increase to API Limits in GitHub Enterprise subscriptions
GitHub Enterprise accounts on github.com now enjoy higher hourly API rate limits for both GitHub Apps and OAuth Apps. OAuth Apps were increased to 15,000 API calls per hour from…
Highlights from Git 2.28
The open source Git project just released Git 2.28 with features and bug fixes from over 58 contributors, 13 of them new. We last caught up with you on the…
Secure at every step: Show your dependencies some love with updates
Keep dependencies up to date, to make sure you can quickly apply a patch when it really matters - when there’s a critical security vulnerability.
Hardening your GitHub Enterprise Server
GitHub stores your source code, releases, and a vast amount of invaluable information in issues and pull requests. While GitHub Enterprise Server (GHES), our self hosted solution, provides great security by default, administrators can take additional steps to further harden their appliance. This post will guide you through the most important settings.
GitHub Archive Program: the journey of the world’s open source code to the Arctic
At GitHub Universe 2019, we introduced the GitHub Archive Program along with the GitHub Arctic Code Vault. Our mission is to preserve open source software for future generations by storing your code in an archive built to last a thousand years.
How organizations can tackle securing the world’s code
We all play a role in securing the world’s code. No one company can solve things alone, including GitHub, which is why it is critical to combine the energies of…
GitHub Action Hero: Jeremy Shore
The GitHub community is capable of incredible things! GitHub Actions is just one of the amazing tools made available for developers. Actions is here to help you automate your workflows,…
Git Credential Manager Core: Building a universal authentication experience
Authentication is a critical component to your daily development. When working in open source, you need to prove that you have rights to update a branch with git push. Additionally…
GitHub Enterprise Server 2.21 is here
GitHub Enterprise Server 2.21 is now available with updates to simplify collaboration, increase reliability and improve security.
Welcome to the inaugural class of MLH Fellows
Student developers are the future of software. Their taste in tools, habits around code, what they are learning--all of these drivers will shape tech, and culture in general, for years…
Introducing GitHub Super Linter: one linter to rule them all
Setting up a new repository with all the right linters for the different types of code can be time consuming and tedious. So many tools and configurations to choose from…