Search results for: Ecosystem

Dependabot version updates now proactively updates Docker image tags in Kubernetes manifests. When specifying the Docker ecosystem in dependabot.yml include an entry for each directory where a Kubernetes manifest which…

Investing in our open source future by supporting the maintainers of today.

We think a lot about a high-profile supply chain attack that might cause developers, teams, and organizations to lose trust in open source. That’s why we’re investing in new ways to protect the open source ecosystem.

We know that companies benefit from open source. That’s why we’re making it easier for companies to financially support projects.

How GitHub advocated for developer interests at the US Copyright Office technical measures consultations

Developers creating Internet of Things software use a complex stack of software that needs to be custom built into their CI/CD platform. Arm is leveraging the simplicity and scalability of GitHub Actions with a native integration that will revolutionize IoT software development.

A glimpse into the backgrounds and day-to-day work of several GitHub employees in cybersecurity roles.

You can now build your agenda on GitHubUniverse.com! Whether you’re just getting started or you’re a seasoned industry professional, there’s a session for you.

The GitHub Security Lab provided office hours for open source projects looking to improve their security posture and reduce the risk of breach. Here’s what we learned and how you can also participate.

As GitHub continues to grow, our vision of being the home for all developers continues to materialize, expanding our progress, perspectives, and responsibility to the world.

The Sigstore GA means you can protect your software supply chain today with GitHub Actions, and will power new npm security capabilities in the near future.

Dependabot now supports updates to Python dependencies for pyproject.toml files that follow the PEP 621 standard for our supported Python package managers. Learn more about Dependabot’s supported ecosystems and package…

Dependabot now supports now supports the increase-if-necessary versioning strategy for the Python ecosystem. This allows you to reduce Dependabot version updates when your current dependency requirement is already satisfied by…

Dependabot has added support for updating dependencies in Yarn v2 and Yarn v3 manifests (package.json, and yarn.lock files). This is in addition to the existing support for Yarn v1. There…

GitHub Actions changed how developers automate workflows with GitHub. Today, we’re introducing a new navigation to manage your GitHub Actions experience, improving discoverability and accessibility as well as opening up future feature opportunities.

GitHub is sponsoring Open Source Initiative’s Deep Dive: AI because we think it’s important for the community to unpack how open source software, process, and principles can help best deliver on the promise of AI.

New to Git v2.38, Scalar is a built-in repository manager for large repos. Here, we’ll tell the story of how Scalar went from a rough VFS for Git successor to a fully-integrated Git tool, with all of the engineering lessons learned in the process.

We’re excited that the World Intellectual Property Organization (WIPO) has launched the 2022 edition of its Global Innovation Index (GII) with an indicator of developer creative outputs based on GitHub commits.

Cross-platform apps built with the popular Flutter toolkit can now benefit from Dependabot alerts.

macOS 12 became generally available on GitHub-hosted runners in June 2022. Over the next 10 weeks, jobs using the macos-latest runner label will migrate from macOS 11 to 12. During…

We’re launching GitHub for Startups to give your startup the tools needed to go from idea to unicorn status on the world’s largest developer platform.