Search results for: GitHub Actions

The GitHub Services Engineers have released the Advanced Security Enforcer GitHub Action to enable organizations to utilize code scanning in a consistent and automated way.

The Exiv2 team tightened our security by enabling GitHub’s code scanning feature and adding custom queries tailored to the Exiv2 code base.

This blog post is the first in a series about hardening the security of the Exiv2 project. My goal is to share tips that will help you harden the security of your own project.

Since last year’s GitHub Universe, we’ve shipped more than 20,000 improvements to GitHub for developers, open source communities, and enterprise teams. Here’s a comprehensive overview of what we’re announcing at Universe this week.

Code scanning runs analysis tools that scan your code on the triggers defined in your .yml Actions workflow file. The default CodeQL workflow analyzes your code each time you push…

GitHub code scanning with CodeQL works seamlessly with GitHub Actions. For users of other CI/CD systems, we provided a way to run the code analysis using the CodeQL runner. The…

Deployment review notifications for your GitHub Actions environments can now be tracked end-to-end using the GitHub app for Microsoft Teams or Slack. You will be notified when a review is…

Today, we’re happy to announce more than 15 new integrations with open source security tools that broaden our language coverage to include PHP, Swift, Kotlin, Ruby, and more.

The latest release of the CodeQL CLI supports creating CodeQL databases for multiple languages in a single command. This makes it easier for customers using CI/CD systems other than GitHub…

Dependabot Preview has helped more than 30,000 organizations keep their packages updated with more than seven million pull requests merged since it launched. As a result of that success, the…

At GitHub, we’re continually working to improve existing features and shipping new ones all the time. From our launch of GitHub Discussions to the release of manual approvals for GitHub…

The latest release of the CodeQL CLI supports uploading analysis results to GitHub. This makes it easier to run code analysis for customers who wish to use CI/CD systems other…

This post features a guest interview with Diego M. Oppenheimer, CEO at Algorithmia Over the past few years, machine learning has grown in adoption within the enterprise. More organizations are…

This post is the fifth installment of our five-part series on building GitHub’s new homepage: How our globe is built How we collect and use the data behind the globe…

If you haven’t seen it, the GitHub Changelog helps you keep up-to-date with all the latest features and updates to GitHub. We shipped a tonne of changes last year, and…

As your Git repositories grow, it becomes harder and harder for new developers to clone and start working on them. Git is designed as a distributed version control system. This means that…

2020 has been a year of change, with shifts to the way organizations of every size connect, collaborate, and build together. From our 2020 State of the Octoverse report to…

GitHub’s team delves into answering the question “what are operations roles in the development and operations (DevOps) environments”. From automating the role of QA in DevOps and more for smaller, faster delivery cycles.

Learn about nbdev, a new literate programming environment for Python.

This is the second post in our series on DevOps fundamentals. For a guide to what DevOps is and answers to common DevOps myths check out part one. What role…

This is our second post on cloud deployment with containers. Looking for more? Join our upcoming GitHub Actions webcast with Sarah, Solutions Engineer Pavan Ravipati, and Senior Product Manager Kayla…