Secret scanning and push protection are enabled by default on new public repositories
Secret scanning and push protection are enabled by default on new public repositories
GitHub Blog Search
Secret scanning and push protection are enabled by default on new public repositories
Sponsor your dependencies for recurring sponsorships in one checkout
Discover how keeping repository maintainer information accurate through CODEOWNERS files and automating maintenance with tools like cleanowners fosters efficient collaboration and sustainable software projects.
Push protection is enabled for free users on GitHub
With push protection now enabled by default, GitHub helps open source developers safeguard their secrets, and their reputations.
Secret scanning supports user namespace repositories for Enterprise Managed Users
Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.
The npm engineering team recently transitioned to using GitHub Codespaces for local development for npm registry services. This shift to Codespaces has substantially reduced the friction of our inner development loop and boosted developer productivity.
Experience AI-powered assistance for queries related to GitHub topics.
The Fundamentals program has helped us address tech debt, improve reliability, and enhance observability of our engineering systems.
Calling all nonprofits! Do you want to implement open source software but don’t know where to start? We’ve got good news; you can easily get started by consulting our new guide.
Migrating GitHub Classroom Assignment Repository Creation from “Create from Template” to Forks [Public Beta]
GitHub Actions - Repository Actions Runners List is now generally available
In December, we experienced three incidents that resulted in degraded performance across GitHub services.
As we look to empower developers with AI tools, we inadvertently integrate AI deeper into the way developers work. How do developers feel about that? And what are the most impactful ways to introduce more AI into workflows? We recently conducted 25 in-depth interviews with developers to understand exactly that.
GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.
Read a round-up of the exciting, new innovation coming from GitHub Enterprise.
Learn about how we run a scalable vulnerability management program built on top of GitHub.
GitHub uses MySQL to store vast amounts of relational data. This is the story of how we seamlessly upgraded our production fleet to MySQL 8.0.