GitHub Blog Search
Search Results for: Security
Dependency graph adds vulnerability alerting support for Rust
Dependency graph adds vulnerability alerting support for Rust
A beginner’s guide to CI/CD and automation on GitHub
CI/CD and workflow automation are native capabilities on GitHub platform. Here’s how to start using them and speed up your workflows.
Enable Dependabot version updates from the repository settings page
Enable Dependabot version updates from the repository settings page
Users can view and comment on code scanning alerts on the Conversation tab in a pull request
Users can view and comment on code scanning alerts on the Conversation tab in a pull request
GitHub Team or Free? How to choose the right plan
Read about all the features you may not have known come on the GitHub Free plan, and how to choose the right plan for you.
Connecting to a private network from GitHub-hosted Actions runners
Several ways for GitHub-hosted Actions runners to connect to resources on your private network.
GitHub Sponsors launches in Brazil
GitHub Sponsors is now available in Brazil—an exciting expansion for one of our fastest growing developer communities.
GitHub Enterprise Server 3.5 is now generally available
GitHub Enterprise Server 3.5 is now generally available
Improved verification of historic Git commit signatures
Improved verification of historic Git commit signatures
GitHub Enterprise Server 3.5 is now generally available
GitHub Enterprise Server 3.5 is available now, including access to the Container registry, the addition of Dependabot, enhanced administrator capabilities, and features for GitHub Advanced Security.
How we use Dependabot to secure GitHub
A two-part story about how GitHub’s Product Security Engineering team rolled out Dependabot internally to track vulnerable dependencies, and how GitHub tracks and prioritizes technical debt.
Release Radar · April 2022 Edition
Each month, we highlight open source projects that have shipped major updates. These include everything from world-changing technology to developer tooling, and weekend projects. Here are our top staff picks…
Securing and delivering high-quality code with innersource metrics
With innersource, it’s important to measure both the amount of innersource activity and the quality of the code being created. Here’s how.
How to measure innersource across your organization
The innersource contribution percentage is the rate of contributions from people outside the team that originally authored the software. Let’s dive into what it can look like for your organization.
Dependabot alerts show all affected files for vulnerable function calls (Python Beta)
Dependabot alerts show all affected files for vulnerable function calls (Python Beta)
GitHub Achieves ISO/IEC 27001:2013 Certification!
GitHub’s Information Security Management System (ISMS) has been certified against ISO 27001:2013, an internationally recognized standard for security program best practices.