Extend your dependency information in the GitHub Dependency Graph with new GitHub Actions
New Actions from Anchore, NowSecure, SBT, and Trivy are now available to create a more comprehensive GitHub Dependency Graph.
GitHub Blog Search
New Actions from Anchore, NowSecure, SBT, and Trivy are now available to create a more comprehensive GitHub Dependency Graph.
GitHub Actions: Inputs unified across manual and reusable workflows
The Rust community can now discover, report, and prevent security vulnerabilities.
CI/CD and workflow automation are native capabilities on GitHub platform. Here’s how to start using them and speed up your workflows.
Read about all the features you may not have known come on the GitHub Free plan, and how to choose the right plan for you.
In May, we experienced three distinct incidents resulting in significant impact to multiple services across GitHub.com. This report also sheds light into the billing incident that impacted Actions and Codespaces users in April.
GitHub Enterprise Server 3.5 is available now, including access to the Container registry, the addition of Dependabot, enhanced administrator capabilities, and features for GitHub Advanced Security.
GitHub Sponsors is now available to all developers in India – no more waitlist, you can sign up right away!
GitHub’s Information Security Management System (ISMS) has been certified against ISO 27001:2013, an internationally recognized standard for security program best practices.
Dependabot keeps `@types` dependencies in sync with updated packages
In April, we experienced three distinct incidents resulting in significant impact and degraded state of availability for Codespaces and GitHub Packages.
These days software is subject to an ever-changing threat landscape. Check out the many ways you can keep your projects secure on GitHub today.
Learn how to build packages with SLSA 3 provenance using GitHub Actions.
It is now possible to re-run only failed jobs or a single job in GitHub Actions workflows.
Anyone can now provide additional information to further the community’s understanding and awareness of security advisories.
A quick guide on the advantages of using GitHub Actions as your preferred CI/CD tool—and how to build a CI/CD pipeline with it.
The dependency graph helps developers and maintainers understand the code they depend on, and now includes GitHub Actions!
We shipped a ton of updates in November, from the push notification for PR review activities on the go, to an easy way to create Markdown links.
GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow.
In November, we experienced one incident resulting in significant impact and degraded state of availability for multiple services.
GitHub Actions: setup-python now supports dependency caching