Open source creates value, but how do you measure it?
When digital infrastructure is overlooked by governments, it isn't just a missed opportunity: policies may inadvertently endanger open source collaboration.
GitHub Blog Search
When digital infrastructure is overlooked by governments, it isn't just a missed opportunity: policies may inadvertently endanger open source collaboration.
With the successful liftoff of the James Webb Space Telescope, we ask our very own Arfon Smith about the history of open source and space science.
Here are the top games created in our annual game jam as rated and reviewed by the developers that made them. Game On! 🤘🏻
Last week, GitHub joined the Internet Governance Forum to spread awareness of developers’ initiatives and public policy interests.
Code navigation is now available in PRs, and code navigation results for Python are now more precise.
Today we're introducing enhanced login verification to the npm registry, and we will begin a staged rollout to maintainers beginning Dec 7.
GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow.
Recently, the Copyright Office responded to the calls to clarify the scope of protected security research.
What an incredible month it's been for GitHub and our communities. Whilst we've been busy with GitHub Universe, our communities have been busy coding. It's been a successful year for…
GitHub Marketplace just passed 10,000 published actions! Learn about contributing to this growing open source ecosystem.
Repository Advisories Support Multiple Affected Products
Catch up on 44 ships, including a colorblind-accessible theme, a public README.md for organizations, and customization of code review settings.
Today, we’re adding a proxy on top of the GitHub Advisory Database that speaks the `npm audit` protocol. This means that every version of the npm CLI that supports security audits is now talking directly to the GitHub Advisory Database.
GitHub Actions: Jobs running on `macos-latest` are now running on macOS Big Sur (11).
GitHub Advisory Database now includes Rust advisories
We’re excited to announce that the GitHub Advisory Database now includes curated security advisories on the Rust ecosystem!
We put out a call to open source developers and security researchers to talk about the security vulnerability disclosure process. Here's what we found.
Between July 21, 2021 and August 13, 2021 we received reports through one of our private security bug bounty programs from researchers regarding vulnerabilities in tar and @npmcli/arborist.
Ensuring that software copyright allegations are specific and actionable benefits the entire developer ecosystem. That’s why GitHub submitted a “friend of the court” brief in the SAS Institute, Inc. v. World Programming Ltd. case before a Federal Court of Appeals.