GitHub Blog Search
Search Results for: GitHub Actions
Release Radar · March 2021 Edition
The open source community is always hard at work. February's projects were super hard to pick since there are so many amazing releases. These are exciting new releases from some…
How we found and fixed a rare race condition in our session handling
On March 8, we shared that, out of an abundance of caution, we logged all users out of GitHub.com due to a rare security vulnerability. We believe that transparency is…
Highlights from Git 2.31
The open source Git project just released Git 2.31 with features and bug fixes from 85 contributors, 23 of them new. Last time we caught up with you, Git 2.29…
Measuring enterprise developer productivity
In a recent paper written by Nicole Forsgren and her colleagues, “The SPACE of developer productivity: There’s more to it than you think,” there is an irony that is hard…
Release Radar · February 2021 Edition
The open source community is always hard at work. February's projects were super hard to pick since there are so many amazing releases. These are exciting new releases from some…
The little bug that couldn’t: Securing OpenSSL
Software security doesn't end at the boundaries of your own code. The moment a library dependency is introduced, you're adopting other people’s code and any bugs that come with it.…
2020 Transparency Report
At GitHub, we put developers first, and we work hard to provide a safe, open, and inclusive platform for code collaboration. This means we are committed to minimizing the disruption…
Pull request auto-merge is now generally available
Pull request auto-merge is now generally available
Let’s talk about securing open source projects
In celebrating GitHub Security Lab’s one-year anniversary, we explained that we’re expanding our research focus. Why did we make this decision? The decision stemmed from our work with the Open…
Commits are snapshots, not diffs
Git has a reputation for being confusing. Users stumble over terminology and phrasing that misguides their expectations. This is most apparent in commands that "rewrite history" such as git cherry-pick or git rebase. In my experience,…
Interaction Limits API : support for user accounts and longer interaction limits
Interaction Limits API : support for user accounts and longer interaction limits
Powerful updates to temporary interaction limits
Temporary interaction limits have new, powerful, and flexible updates. You can now enable interaction limits for up to six months. In addition, you can limit interactions across all your personal…
Applying DevSecOps to your software supply chain
To best apply DevSecOps principles to improve the security of your supply chain, you should ask your developers to declare your dependencies in code; and in turn provide your developers with maintained ‘golden’ artifacts and automated downstream actions so they can focus on code.
Standing up for developers: youtube-dl is back
Today we reinstated youtube-dl, a popular project on GitHub, after we received additional information about the project that enabled us to reverse a Digital Millennium Copyright Act (DMCA) takedown.
Temporary interaction limits can now be set for up to six months
Temporary interaction limits can now be set for up to six months
Remote Education: Creating community through shared experiences
Remote Education explores the challenges of organizing student communities and events online. We’ll be speaking with event organizers and community leaders in the industry and academics each week to help…
Remote Education: A series of best practices for online campus communities
Remote Education explores the challenges of organizing student communities and events online. We’ll be speaking with event organizers and community leaders in the industry and academics every week to help…
Adacats Mentorship Program: A growth journey
Last year, the Adacats (GitHub’s employee resource group for marginalized genders) started a mentorship program. We’re sharing insights and fun stories from this experience for anyone interested in starting a…
How organizations can tackle securing the world’s code
We all play a role in securing the world’s code. No one company can solve things alone, including GitHub, which is why it is critical to combine the energies of…