Search results for: Ecosystem

Improve your GitHub Action’s security posture by securing your source repository, protecting your maintainers, and making it easy to report security incidents.

The GitHub Awards recognizes and celebrates the outstanding contributions and achievements in the developer community, honoring individuals, projects, and organizations for their impactful work, innovation, thought leadership, and creating an outsized positive impact on the community.

GitHub is announcing general availability of GitHub Copilot Chat and previews of the new GitHub Copilot Enterprise offering, new AI-powered security features, and the GitHub Copilot Partner Program.

In this year’s Octoverse report, we study how open source activity around AI, the cloud, and Git are changing the developer experience.

We expanded diversity of our employee base, launched several new employee engagement programs, made investments to improve accessibility, and more.

Arm-based hosted runners are coming to GitHub Actions! Unlock the power of Arm in Actions By leveraging the power and efficiency of the Arm® architecture, GitHub is offering a new…

Auto-triage rules are a powerful tool to help you reduce alert and pull request fatigue substantially, while better managing your alerts at scale. What’s changing? Starting today, you can define…

We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program—@Ammar Askar!

We’re excited to share with you the contributors Action! At GitHub, we maintain several open source repositories and have developed this Action to empower maintainers to measure how many new and returning contributors and contributions have occurred over any given time period.

Use our new open source Trace2 receiver component and OpenTelemetry to capture and visualize telemetry from your Git commands.

All In Africa is a gateway to growth, learning, and meaningful connections within the African open source ecosystem and beyond.

GitHub Sponsors has partnered with Patreon. We’re also expanding to new regions.

How to get the security basics right at your organization.

For this year’s Cybersecurity Awareness Month, the GitHub bug bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@inspector-ambitious!

On September 27, 2023, we began blocking npm package publishes with differing name or version fields between the manifest and tarball package.json. This blocking protects against obfuscation. The different fields…

The GitHub Security Lab audits open source projects for security vulnerabilities and helps maintainers fix them. Recently, we passed the milestone of 500 CVEs disclosed. Let’s take a trip down memory lane with a review of some noteworthy CVEs!

All GitHub.com users can now register a passkey to sign in without a password.

With CodeQL model packs for Java, users can improve their code scanning results by ensuring that any custom Java libraries and frameworks used by their codebase are recognised by CodeQL.…

Make quick work of alerts with preset and custom rules.

Auto-triage rules are a powerful tool to help you reduce false positives and alert fatigue substantially, while better managing your alerts at scale. Starting today, you can now create your…

Dependency review now works with your dependencies from the dependency submission API. Dependency review enforces policies around vulnerabilities and acceptable licenses in the pull request. Previously, dependency review could not…