Code scanning API to enable default setup with CodeQL on a repository
Code scanning API to enable default setup with CodeQL on a repository
GitHub Blog Search
Search Results for: GitHub Actions
Security advisories now have multiple types of credits
Security advisories now have multiple types of credits
Why Python keeps growing, explained
A deep dive into why more people are using Python than ever, its key use cases, and why it’s still so popular 30-plus years after it was first released.
Secret scanning alerts are now available (and free) for all public repositories
Secret scanning alerts are now generally available for all public repositories. Admins can now turn on the alert experience with one click.
2022 Transparency Report
Looking back over a year’s worth of developer-first content moderation and, new in this report, making our data more accessible to researchers.
Bypassing OGNL sandboxes for fun and charities
Object Graph Notation Language (OGNL) is a popular, Java-based, expression language used in popular frameworks and applications, such as Apache Struts and Atlassian Confluence. Learn more about bypassing certain OGNL injection protection mechanisms including those used by Struts and Atlassian Confluence, as well as different approaches to analyzing this form of protection so you can harden similar systems.
3 common DevOps antipatterns and cloud native strategies that can help
Explore how GitHub and cloud native strategies can help you address common DevOps pipeline and team antipatterns.
Secret scanning emits audit log events for custom pattern push protection enablement
Secret scanning emits audit log events for custom pattern push protection enablement
Creating an accessible search experience with the QueryBuilder component
GitHub’s search inputs have several complex accessibility considerations. Let’s dive into what those are, how we addressed them, and talk about the standalone, reusable component that was ultimately built.
Release Radar · October 2022 Edition
Before you say it, yes, the October Release Radar was supposed to be shared in November. But with Hackatoberfest, GitHub Universe, Turkey Day, and in real life (IRL) conferences returning…
An enterprise account is coming to all Enterprise customers
Administrators, or enterprise owners, have the increased responsibility of managing their account and keeping it secure. We are excited to introduce what is new with enterprise accounts and what is coming soon.
Dependency review API is generally available with updates to dependency review enforcement
Dependency review API is generally available with updates to dependency review enforcement
CodeQL code scanning now supports customizing build configurations for Go analysis
CodeQL code scanning now supports customizing build configurations for Go analysis
Secret scanning enterprise-level enablement events now in the audit log
Secret scanning enterprise-level enablement events now in the audit log
5 tips for embedding security into your workflows
Having a robust security plan is key to innovation. These tips will empower you to gain the upper hand on cyberattacks, so you can ship quickly and innovate with ease.