
Attacking browser extensions
Learn about browser extension security and secure your extensions with the help of CodeQL.
Learn about browser extension security and secure your extensions with the help of CodeQL.
August and September contained a number of improvements to GitHub Mobile, including Focused Notifications for those high-priority items in your Inbox, a contribution graph widget on Android, and a continued…
You can now restrict pushes into your private and internal repositories and their forks, with push rules – a new type of ruleset. Push rules enable you to limit updates…
Since last month’s upgrade to GPT-4o, we now increased the available Chat context, so you can reference larger files and have longer chat conversations with GitHub Copilot Chat in VS…
CodeQL code scanning can now analyze Java and C# code without having to observe a build. This makes it easier to roll out the security analysis on large numbers of…
In July, GitHub Mobile introduced three major improvements App Lock! Securely unlock the GitHub app with just a glance. Enable App Lock in Settings to use FaceID, TouchID or pass…
March 20, 2025 update To clarify the exact impact of this change, we’ve updated the title and the wording we used in this changelog. Previously it was titled “Enterprise Managed…
We’re excited to bring an updated repository list view experience and the ruleset merge queue rule to general availability, as well as an update to the status check and workflow…
Developers can now manually run workflows set with workflow_dispatch directly from the Workflow view (Repository -> Actions -> Workflows) on GitHub Mobile. This addition provides developers with greater flexibility and…
Today, we’re excited to announce the general availability of our new organization and enterprise-level security overview dashboards, alongside enhanced secret scanning metrics and the enablement trends reports. These features are…
The REST API now supports the following code security configuration actions for organizations: – Detach configurations from repositories – Enforce configurations – Enable validity checks for secret scanning in a…
Organization owners and security managers can now filter the table of repositories on the code security configurations settings page by configuration attachment failure reason. This is useful when you’ve attempted…
When rolling out code scanning default setup at scale (e.g., via code security configurations), GitHub checks if an advanced CodeQL setup already exists for each repository. If an advanced setup…
Drag-and-drop is a highly interactive and visual interface. We often use drag-and-drop to perform tasks like uploading files, reordering browser bookmarks, or even moving a card in solitaire.
You can now use the REST API to create and manage code security configurations, as well as attach them to repositories at scale. The API supports the following code security configuration actions…
Starting September 3, 2024 enterprise customers who currently have a single organization without an enterprise account will be automatically upgraded into an enterprise account at no additional cost. An enterprise…
GitHub Copilot Extensions is now in Limited Public Beta. With extensions, you can now extend the capabilities of GitHub Copilot Chat and enhance the experience to perform a wide range…
When uploading a SARIF file that contains multiple SARIF runs for the same tool and category, Code Scanning combines those runs into a single run. Combining multiple runs within the…
GitHub is working with the OSS community to bring new supply chain security capabilities to the platform.
Learn how to use CodeQL for security research and improve your security research workflow.
We’ve dramatically increased 2FA adoption on GitHub as part of our responsibility to make the software ecosystem more secure. Read on to learn how we secured millions of developers and why we’re urging more organizations to join us in these efforts.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Last chance: Save $700 on your IRL pass to Universe and join us on Oct. 28-29 in San Francisco.