Search results for: GitHub Actions
Introducing npm package provenance
How to verifiably link npm packages to their source repository and build instructions.
How generative AI is changing the way developers work
Rapid advancements in generative AI coding tools like GitHub Copilot are accelerating the next wave of software development. Here’s what you need to know.
Automatic rebases on Dependabot pull requests stop after 30 days of inactivity
Automatic rebases on Dependabot pull requests stop after 30 days of inactivity
Ensuring compliance in developer workflows
How GitHub Enterprise ensures secure and compliant developer workflows for highly regulated industries.
We updated our RSA SSH host key
At approximately 05:00 UTC on March 24, out of an abundance of caution, we replaced our RSA SSH host key used to secure Git operations for GitHub.com.
Enable code scanning default setup with CodeQL at the organization level (public beta)
Enable code scanning default setup with CodeQL at the organization level (public beta)
See you at SCaLE! 🐧
SCaLE is the largest community-run open-source and free software conference in North America. It takes place next week in Pasadena, CA from March 9-12, 2023 and we’ll be there!
Code scanning default setup on the security coverage page (public beta)
Code scanning default setup on the security coverage page
How to build a consistent workflow for development and operations teams
Explore how using GitHub and HashiCorp together enables enterprises to develop and ship to their customers faster and more secure with consistent workflows and actions.
3 ways to meet compliance needs without slowing down agility
Learn how to enable developer productivity and collaboration while staying secure and compliant. Stay compliant without slowing down your business. From security to CI/CD, automate every step of your software workflow—so your developers can stay focused on what matters most: building.
Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use `git apply` or `git clone` against untrusted patches or repositories.
Release Radar, Festive Edition · December 2022 – January 2023
Welcome to our special edition of the Release Radar 🎄. Between Christmas festivities, end of the year parties, Chinese New Year, or simply enjoying some time off, almost everyone has…
Dependency submission suggestions on Gradle, Maven, Scala and Mill repositories
Dependency submission suggestions on Gradle, Maven, Scala and Mill repositories
Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use `git archive`, work in untrusted repositories, or use Git GUI on Windows.
A smarter, quieter Dependabot
Dependabot is getting a little smarter—and, a little quieter—by reducing bot-based noise from repositories based on your interaction with Dependabot.
Passwordless deployments to the cloud
Discovering passwords in our codebase is probably one of our worst fears. But what if you didn’t need passwords at all, and could deploy to your cloud provider another way? In this post, we explore how you can use OpenID Connect to trust your cloud provider, enabling you to deploy easily, securely and safely, while minimizing the operational overhead associated with secrets (for example, key rotations).
Code scanning can be set up more easily without committing a workflow file to the repository
Code scanning can be set up more easily without committing a workflow file to the repository
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
GitHub Universe 2024
Get tickets to the 10th anniversary of our global developer event on AI, DevEx, and security.