Today GitHub Actions shipped a series of features designed to improve your workflows when working with PRs from repository forks. New settings for private repository forks Many GitHub customers choose…
We are happy to announce that GitHub is joining the Open Source Security Foundation (OpenSSF) as a founding member, alongside Google, IBM, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation, Red Hat, and others.
Simon Bennetts is the OWASP Zed Attack Proxy (ZAP) Project Leader and a Distinguished Engineer at StackHawk, a company that uses ZAP to help users fix application security bugs before they hit production. Prior to making the move into security, he was a developer for 25 years and strongly believes that you can’t build secure web applications without knowing how to attack them.
GitHub Enterprise accounts on github.com now enjoy higher hourly API rate limits for both GitHub Apps and OAuth Apps. OAuth Apps were increased to 15,000 API calls per hour from…
GitHub stores your source code, releases, and a vast amount of invaluable information in issues and pull requests. While GitHub Enterprise Server (GHES), our self hosted solution, provides great security by default, administrators can take additional steps to further harden their appliance. This post will guide you through the most important settings.
GitHub dependency insights helps both developers and security teams manage their open source security with confidence—automatically compiling relevant CVE information, aiding in OSS license compliance, and helping them better understand their OSS dependency versions.
Securing the open source supply chain is critically important for developer communities and the entire software ecosystem. In recent years, the industry has seen an uptick in the adoption of…
What is the Availability Report? Historically, GitHub has published post-incident reviews for major incidents that impact service availability. Whether we're sharing new investments to infrastructure or detailing site downtimes, our…
The GitHub community is capable of incredible things and GitHub Actions is the tool. Do you want to automate your workflow, increase your productivity, and empower your developer experience? Then…
ICYMI: docs.github.com is the new place to discover all of GitHub's product documentation! We recently completed a major overhaul of GitHub's documentation websites. When you visit docs.github.com today, you'll see…
Last week, GitHub joined over 500 organizations signing a letter to the U.S. Congress seeking continued support for the Open Technology Fund (OTF) and its mission of funding open source…
One year ago, the security research team at Semmle launched its first Capture the Flag (CTF), as part of the Hack In The Box (HITB) Amsterdam conference. We wanted to…
GitHub Actions allows you to automate your workflow. With GitHub Actions, you can deploy to any cloud, build containers, automate messages, and do so much more. Use any tool you…