
5 tips to supercharge your developer career in 2024
From mastering prompt engineering to leveraging AI for code security, here’s how you can excel in today’s competitive job market.
From mastering prompt engineering to leveraging AI for code security, here’s how you can excel in today’s competitive job market.
Repository Updates April 30th, 2024 Deploy keys are now supported as a bypass actor in repository rules, allowing additional granularity for your automations. Previously for deploy keys to bypass a…
While AI revolutionizes software development, it still relies on developers to pilot its use. In this blog, we’ll cover the skills that developers need to have for navigating this new AI-powered coding frontier.
Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.
A peek under the hood of GitHub Advanced Security code scanning autofix.
On December 13, 2023, we released CodeQL Action v3, which runs on the Node.js 20 runtime. CodeQL Action v2 will be deprecated at the same time as GHES 3.11, which…
Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.
The GitHub Security Lab examined the most popular open source software running on our home labs, with the aim of enhancing its security. Here’s what we found and what you can do to better protect your own smart home.
Discover new AI-powered features and tools to help developers stay in the flow and organizations innovate at scale.
In this year’s Octoverse report, we study how open source activity around AI, the cloud, and Git are changing the developer experience.
Atlassian is ending support for its Server products—including Bitbucket Server—in February 2024. In this post, you’ll learn what that means for you, your options, and how you can move to GitHub.
Announcing changes to permissions for packages. We are restricting the refs REST API endpoint from accepting POSTs from users and apps that only have the permission to read and write…
npm provenance is now generally available. npm packages built on a supported cloud CI/CD system can publish with provenance. Today this includes GitHub Actions and GitLab CI/CD. Publishing with provenance…
Support for migrating Jenkins Scripted Pipelines to GitHub Actions is now available as a private beta! If you use Scripted Pipelines in your Jenkins instances, you can now automate the…
In the world of software development, collaboration can make the difference between a brittle last-minute release and a reliable, maintainable, pain-free project. Whether you’ve been coding for a day or a decade, your colleagues are there to help strengthen your work. But they can only help if you’ve given them the tools to do so.
With the new Issue Metrics GitHub Action, you can now track and monitor important metrics related to issues, pull requests, and discussions, such as time to first response, time to close, and more!
Reduce developer and auditor friction involved in demonstrating compliance and maintaining end-to-end traceability by focusing your efforts around the pull request.
Developer experience (DevEx) is a key theme when it comes to transforming businesses with GitHub.
Enterprise users will now notice added functionality where Dependabot security and version updates may be paused for repositories. If you are an enterprise user that uses Dependabot updates and there…
Today we are announcing the general availability of code scanning default setup enablement at the organization level. You can use code scanning default setup to enable CodeQL analysis for pull…
Starting today, you will now receive Dependabot alerts for vulnerabilities associated with your Swift dependencies. The GitHub Advisory Database now includes curated Swift advisories. This brings the Advisory Database to…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Last chance: Save $700 on your IRL pass to Universe and join us on Oct. 28-29 in San Francisco.