Search results for: GitHub Actions
Securing and delivering high-quality code with innersource metrics
With innersource, it’s important to measure both the amount of innersource activity and the quality of the code being created. Here’s how.
Today’s most common security vulnerabilities explained
We’re taking a look at some of the most common security vulnerabilities and detailing how developers can best protect themselves.
Software security starts with the developer: Securing developer accounts with 2FA
GitHub will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023.
Git Credential Manager: authentication for everyone
Ensuring secure access to your source code is more important than ever. Git Credential Manager helps make that easy.
Secret scanning custom pattern events now in the audit log
Secret scanning custom pattern events now in the audit log
Prevent the introduction of known vulnerabilities into your code
The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code.
Our response to the war in Ukraine
As the global response to the tragedies in Ukraine and other impacted regions continues to evolve, I wanted to share with our community an expansion of the message that I shared earlier this week with our Hubbers.
CODEOWNERS improvements (syntax errors, preview of who will be requested, and more)
CODEOWNERS improvements (syntax errors, preview of who will be requested, and more)
Code scanning finds more vulnerabilities using machine learning
Today we launched new code scanning analysis features powered by machine learning. The experimental analysis finds more of the most common types of vulnerabilities.
Code scanning and Ruby: turning source code into a queryable database
A deep dive into how GitHub adds support for new languages to CodeQL.
Top-100 npm package maintainers now require 2FA, and additional security-focused improvements to npm
Starting today, we are rolling out mandatory 2FA to all maintainers of top-100 npm packages by dependents.
2021 Transparency Report
In GitHub’s latest transparency report, we’re giving you a by-the-numbers look at how we responded to requests for user info and content removal.
Thinking beyond SQL injection: OWASP tips for secure database access
When it comes to secure database access, there’s more to consider than SQL injections. OWASP Top 10 Proactive Control C3 offers guidance.
How to define security requirements for your OSS project
Defining your security requirements is the most important proactive control you can implement for your project. Here’s how.
Write more secure code with the OWASP Top 10 Proactive Controls
This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place.
The Copyright Office expands your security research rights
Recently, the Copyright Office responded to the calls to clarify the scope of protected security research.
Make your monorepo feel small with Git’s sparse index
The new sparse index feature makes it feel like you are working in a small repository when working in a focused portion of a monorepo.
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
