Search results for: GitHub Actions
The architecture of SAST tools: An explainer for developers
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.
Gradle starter workflows now automatically submit transitive dependencies
Gradle starter workflows now automatically submit transitive dependencies
Do you know if all your repositories have up-to-date dependencies?
Consider deploying the GitHub Action: Evergreen so that you know each of your repositories are leveraging active dependency management with Dependabot.
Yes, good DevEx increases productivity. Here is the data.
Explore how DevEx boosts productivity and innovation according to new research.
How to get in the flow while coding (and why it’s important)
Explore what flow state entails, its benefits, and three tips for reaching it the next time you code.
A developer’s second brain: Reducing complexity through partnership with AI
As we look to empower developers with AI tools, we inadvertently integrate AI deeper into the way developers work. How do developers feel about that? And what are the most impactful ways to introduce more AI into workflows? We recently conducted 25 in-depth interviews with developers to understand exactly that.
Code scanning is now more adaptable to your codebase with CodeQL threat model settings for Java (beta)
Code scanning is now more adaptable to your codebase with CodeQL threat model settings for Java (beta)
New Markdown extension: Alerts provide distinctive styling for significant content
New Markdown extension: Alerts provide distinctive styling for significant content
Scaling vulnerability management across thousands of services and more than 150 million findings
Learn about how we run a scalable vulnerability management program built on top of GitHub.
Addressing post-quantum cryptography with CodeQL
Learn how researchers and security experts at GitHub, Microsoft, and Santander came together to address the challenges presented by the post-quantum cryptography world.
Copilot content exclusions – Temporary rollback and upcoming fix
Shortly after releasing Copilot content exclusions on November 8, 2023, our team observed that the feature was causing clients to be incorrectly blocked from using Copilot. This necessitated an immediate…
Requiring workflows with rulesets now supports the pull_request_target trigger
Requiring workflows with rulesets now supports the pull_request_target trigger
How to gain insight into your project contributors
We’re excited to share with you the contributors Action! At GitHub, we maintain several open source repositories and have developed this Action to empower maintainers to measure how many new and returning contributors and contributions have occurred over any given time period.
Requiring workflows with Repository Rules is generally available
Requiring workflows with Repository Rules is generally available
A developer’s guide to open source LLMs and generative AI
Open source generative AI projects are a great way to build new AI-powered features and apps.
Game Bytes · September 2023
Game Bytes is our monthly series taking a peek at the world of gamedev on GitHub—featuring game engine updates, game jam details, open source games, mods, maps, and more. Game on!
Getting RCE in Chrome with incorrect side effect in the JIT compiler
In this post, I’ll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
Dependency review support for dependency submission results
Dependency review support for dependency submission results
Why Rust is the most admired language among developers
Rust continues to top the charts as the most admired and desired language by developers, and in this post, we dive a little deeper into how (and why) Rust is stealing the hearts of developers around the world.
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
