Automatic rebases on Dependabot pull requests stop after 30 days of inactivity
Automatic rebases on Dependabot pull requests stop after 30 days of inactivity
GitHub Blog Search
Search Results for: GitHub Actions
Ensuring compliance in developer workflows
How GitHub Enterprise ensures secure and compliant developer workflows for highly regulated industries.
We updated our RSA SSH host key
At approximately 05:00 UTC on March 24, out of an abundance of caution, we replaced our RSA SSH host key used to secure Git operations for GitHub.com.
Enable code scanning default setup with CodeQL at the organization level (public beta)
Enable code scanning default setup with CodeQL at the organization level (public beta)
See you at SCaLE! 🐧
SCaLE is the largest community-run open-source and free software conference in North America. It takes place next week in Pasadena, CA from March 9-12, 2023 and we’ll be there!
Code scanning default setup on the security coverage page (public beta)
Code scanning default setup on the security coverage page
How to build a consistent workflow for development and operations teams
Explore how using GitHub and HashiCorp together enables enterprises to develop and ship to their customers faster and more secure with consistent workflows and actions.
3 ways to meet compliance needs without slowing down agility
Learn how to enable developer productivity and collaboration while staying secure and compliant. Stay compliant without slowing down your business. From security to CI/CD, automate every step of your software workflow—so your developers can stay focused on what matters most: building.
Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use `git apply` or `git clone` against untrusted patches or repositories.
Release Radar, Festive Edition · December 2022 – January 2023
Welcome to our special edition of the Release Radar 🎄. Between Christmas festivities, end of the year parties, Chinese New Year, or simply enjoying some time off, almost everyone has…
Dependency submission suggestions on Gradle, Maven, Scala and Mill repositories
Dependency submission suggestions on Gradle, Maven, Scala and Mill repositories
Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use `git archive`, work in untrusted repositories, or use Git GUI on Windows.
A smarter, quieter Dependabot
Dependabot is getting a little smarter—and, a little quieter—by reducing bot-based noise from repositories based on your interaction with Dependabot.
Passwordless deployments to the cloud
Discovering passwords in our codebase is probably one of our worst fears. But what if you didn’t need passwords at all, and could deploy to your cloud provider another way? In this post, we explore how you can use OpenID Connect to trust your cloud provider, enabling you to deploy easily, securely and safely, while minimizing the operational overhead associated with secrets (for example, key rotations).
Code scanning can be set up more easily without committing a workflow file to the repository
Code scanning can be set up more easily without committing a workflow file to the repository
Increase developer productivity, save time on developer onboarding, and drive ROI in 2023
Forrester's Total Economic Impact™ study dives into how GitHub Enterprise Cloud and GitHub Advanced Security help businesses drive ROI, increase developer productivity, and save time on developer onboarding.
![[Video] How has open source changed in the last 10 years?](https://github.blog/wp-content/uploads/2022/12/CMT011-Octoverse2022.001-1.jpeg?resize=800%2C425)
[Video] How has open source changed in the last 10 years?
What’s the state of open source and how has it changed over the last decade? GitHub’s VP of Developer Relations, Martin Woodward, tackles that question and more in a 2022 keynote.
Release Radar · November 2022 Edition
We promised we'd be back soon and here we are! There has been an incredible amount of open source projects shipping major version releases before the year wraps up. I…