Search results for: Ecosystem

Open source is aging. We can better support Gen Z contributors through purpose, flexibility, and pathways to leadership.

GitHub Actions is powered by a diverse ecosystem of first-party and community contributed actions. If one of these actions has a vulnerability or is compromised by a malicious actor, it…

How GitHub’s new MCP server and GPT-5 are revolutionizing developer workflows — with live build examples.

Learn how the International Telecommunication Union made the switch to open source, and how you can too!

Learn how the GitHub Secure Open Source Fund helped 71 open source projects significantly improve their security posture through direct funding, expert guidance, and actionable playbooks.

Upgrade from a local MCP Docker image to GitHub’s hosted server and automate pull requests, continuous integration, and security triage in minutes — no tokens required.

We’re investing in keeping Dependabot relevant for modern development teams, whether you’re experimenting with a new language or relying on the latest version of your favorite package manager. We’ve expanded…

Introducing the brand new GitHub Podcast: A show dedicated to the topics, trends, stories, and culture in and around the open source developer community on GitHub.

More context can mean more attack surfaces for your projects. Be prepared for what lies ahead with this guide.

Open source software is critical infrastructure, but it’s underfunded. With a new feasibility study, GitHub’s developer policy team is building a coalition of policymakers and industry to close the maintenance funding gap.

Organization administrators can now centrally configure private registries for Dependabot at the organization level, streamlining dependency management across all repositories. What’s new Previously, organizations had to individually configure private registry…

Automatic dependency submission now supports the pip package manager for Python. This release completes the cohort of package managers that now have auto-submission support, adding to the previously-released Maven, Gradle,…

Learn how to streamline your development workflow with five different MCP use cases.

Dependency auto-submission now supports the .NET package manager NuGet. This feature continues to expand the supported range of package manager ecosystems, adding to the existing Maven and Gradle support. Dependency…

The GitHub dependency graph maps every direct and transitive dependency in your project, so you can identify risks, prioritize fixes, and keep your code secure.

The cooldown feature is now generally available for Dependabot version updates! This feature gives you control over when version update pull requests are created to bump your dependencies. What’s new…

Use these insights to automate software security (where possible) to keep your projects safe.

The open source Git project just released Git 2.50. Here is GitHub’s look at some of the most interesting features and changes introduced since last time.

Get insights on the latest trends from GitHub experts while catching up on these exciting new projects.

A full look at agent mode in GitHub Copilot, including what it can do, when to use it, and best practices.

Implementing features has never been easier: Just assign a task or issue to Copilot. It runs in the background with GitHub Actions and submits its work as a pull request.