Using open source static analysis tools with code scanning
Using open source static analysis tools with code scanning
GitHub Blog Search
Search Results for: Security
Git Credential Manager Core: Building a universal authentication experience
Authentication is a critical component to your daily development. When working in open source, you need to prove that you have rights to update a branch with git push. Additionally…
GitHub Supports the Open Technology Fund
Last week, GitHub joined over 500 organizations signing a letter to the U.S. Congress seeking continued support for the Open Technology Fund (OTF) and its mission of funding open source…
Remote work: Reshaping the workplace experience
The GitHub Workplace Experience team weighs in on how to get creative during COVID-19 and what the future holds.
GitHub Action Hero: Victoria Drake
GitHub Actions allows you to automate your workflow. With GitHub Actions, you can deploy to any cloud, build containers, automate messages, and do so much more. Use any tool you…
GitHub Enterprise Server 2.21 is here
GitHub Enterprise Server 2.21 is now available with updates to simplify collaboration, increase reliability and improve security.
Keep all your packages up to date with Dependabot
Keeping your dependencies updated is one of the easiest ways to keep the software you build secure. However, while it’s critically important to keep your dependencies updated, in a recent…
Keep your secrets synced across multiple repositories with organization secrets
Now you can define secrets for an organization, making it easier to keep secrets synced across multiple repositories.
Capture the Flag 4—CodeQL and chill
Join our Capture the Flag challenge to use your CodeQL skills or learn new ones.
New from Satellite 2020: GitHub Discussions, Codespaces, securing code in private repositories, and more
See what we announced at our first virtual GitHub Satellite including a full dev environment on GitHub powered by VS Code, a new way to have discussions with your communities, new ways to secure projects with code scanning and secret scanning, and more.
GitHub Protips: Tips, tricks, hacks, and secrets from Brian Douglas
Make better contributions, triage your issues efficiently, save time with saved replies, and more with @bdougie’s protips.
How to build an effective DevSecOps culture
By prioritizing secure development alongside speed, DevSecOps helps you ship safer applications by making security part of your current DevOps pipeline.
GitHub Actions: Community momentum, enterprise capabilities, and developer improvements
GitHub Actions continues its community momentum and ships new features for enterprises and developers.
Meet some of this year’s GitHub Satellite speakers
GitHub Satellite is back, and this year it’s virtual. Tune in at githubsatellite.com on May 6 at 9 am PT / 12 pm ET to hear from CEO Nat Friedman and developers around the world.
Git credential helper vulnerability announced (Update)
Learn more about the security vulnerabilities affecting Git 2.26.1 and older.
Sawfish phishing campaign targets GitHub users
A phishing campaign targeting our customers lures GitHub users into providing their credentials (including two-factor authentication codes). Learn more about the threat and what you can do to protect yourself.
Git credential helper vulnerability announced
Learn more about the security vulnerabilities affecting Git 2.26 and older.
Databricks and HubSpot join our token scanning program
Databricks and HubSpot join our token scanning program
Adafruit and Samsara join our token scanning program
Adafruit and Samsara join our token scanning program