Search results for: Account

Learn about tools and processes the GitHub Accessibility leadership team uses for retrospectives that fully engage every team member.

Consider the typical software development practices in an organization. Projects are commonly closed, and causes friction across engineering teams. But open source communities work asynchronously, openly, remotely and at global-scale. What if our internal teams could reuse those same practices?

Codespaces now supports two-way Settings Sync with VS Code for the Web Visual Studio Code enables users to Sync Settings between VS Code environments. Codespaces exposes this capability as a…

Starting today, Dependabot will be able to auto-dismiss npm alerts that have limited impact (e.g. long-running tests) or are unlikely to be exploitable. With this ship, Dependabot will cut false…

A new alert rules engine for Dependabot leverages alert metadata to identify and auto-dismiss up to 15% of alerts as false positives.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub Enterprises and Organzations can now join a private beta to try our new expandable event payload view in their audit log. We have gotten a lot of feedback that…

Fine-grained PATs can now call the GitHub GraphQL API. This was a limitation at the start of the public beta, and is now supported. Like with the REST API, the…

A new set of Git releases were published to address a variety of security vulnerabilities. All users are encouraged to upgrade. Take a look at GitHub’s view of the latest round of releases.

How GitHub Enterprise ensures secure and compliant developer workflows for highly regulated industries.

Explore how generative AI may soon help enable optimizing some of the foundational components of compliance.

Explore how creating a great developer experience can help provide a more inclusive financial services environment.

Many of us are aware of the benefits that a strong focus on automation can bring, particularly in our development workflow and DevOps lifecycle. But silos across businesses can lead to duplication of effort, and potential to lose out on best practices. In this post, we’ll explore how CI/CD can be shared across your entire organization alongside policies, for a well-governed experience with GitHub Actions.

Choosing who to sponsor and sponsoring many of your dependencies is now a lot easier! Starting today you can export your list of sponsorable dependencies from the Sponsors Explore page,…

GitHub Sponsors is now generally available for organizations. Also, new tooling for bulk sponsorships and an update on how we’re ensuring sustainability for GitHub Sponsors.

A high-quality audit log is an essential tool for enterprises to ensure compliance, maintain security, investigate issues, and promote accountability.

Learn more about static analysis and how to use it for security research!
In this blog post series, we will take a closer look at static analysis concepts, present GitHub’s static analysis tool CodeQL, and teach you how to leverage static analysis for security research by writing custom CodeQL queries.

GitHub enterprise and organization owners can now use a REST API to delete their organizations and all corresponding repositories. Organization names will be locked for 90 days following the organization…

These changes will improve the experience for custom query authors and enable better precision in some of our standard queries. Learn how to enable them for your custom queries.

At approximately 05:00 UTC on March 24, out of an abundance of caution, we replaced our RSA SSH host key used to secure Git operations for GitHub.com.

Today we are making the granular access token feature on npm generally available. Granular access token, allows you to: Restrict token access to specific packages and/or scopes Grant tokens access…