Search results for: GitHub Actions

At GitHub we use GitHub to build our own products, and the new projects experience is no different. Check out how our team uses projects to build powerful project planning for developers.

Introduction Open Sauced, GitHub’s Explore page, Hacktoberfest, and First Timers Only help folks discover open source projects. This monthly series–Open Source Monthly—will add to these efforts by helping: First-time contributors…

On March 30, 2022, we released CodeQL Action v2, which runs on the Node.js 16 runtime. The CodeQL Action v1 will be deprecated at the same time as GHES 3.3,…

From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account.

Introducing CodeQL packs to help you codify and share your knowledge of vulnerabilities.

The CodeQL runner has been deprecated in favor of the CodeQL CLI. As previously announced, starting March 14th, the CodeQL bundle now no longer includes the CodeQL runner. This deprecation…

The code scanning alert page now shows the analysis origin for an alert. Code scanning alerts can originate from different analysis configurations on a repository. These may be using different…

Over the past few weeks, we have experienced multiple incidents due to the health of our database. We wanted to share what we know about these incidents while our team continues to address them.

Dependency caching is one of the most effective ways to make jobs faster on GitHub Actions. You can now monitor the storage usage of your existing caches and get greater…

Today, we’re announcing that the ability to prebuild codespaces is entering public beta. Prebuilding a codespace enables fast environment creation times, regardless of the size or complexity of your repositories.…

The ability to prebuild codespaces is entering public beta. Enable fast environment creation times, regardless of the size and complexity of your repositories.

Our community has been hard at work through December shipping updates. Here’s our staff picks for open source projects with major version releases.

When digital infrastructure is overlooked by governments, it isn’t just a missed opportunity: policies may inadvertently endanger open source collaboration.

GitHub is updating the retention policy as it pertains to Checks data. Checks created by GitHub Actions and third-party GitHub Apps will be affected by the new retention policy. Starting…

Looking to avoid security vulnerabilities, buttons that don’t work, slow site speeds, or manually writing release notes? This one’s for you.

From learning YAML to scripting with Bash, here are a few simple tips for developers who want to speed up their workflows.

The latest release of the CodeQL CLI supports including markdown-rendered query help in SARIF files so that the help text can be viewed in the code scanning UI. This functionality…

The GitHub Services Engineers have released the Advanced Security Enforcer GitHub Action to enable organizations to utilize code scanning in a consistent and automated way.

The Exiv2 team tightened our security by enabling GitHub’s code scanning feature and adding custom queries tailored to the Exiv2 code base.

This blog post is the first in a series about hardening the security of the Exiv2 project. My goal is to share tips that will help you harden the security of your own project.

Since last year’s GitHub Universe, we’ve shipped more than 20,000 improvements to GitHub for developers, open source communities, and enterprise teams. Here’s a comprehensive overview of what we’re announcing at Universe this week.