Search results for: GitHub Actions

CodeQL code scanning can now analyze Java and C# code without having to observe a build. This makes it easier to roll out the security analysis on large numbers of…

In July, GitHub Mobile introduced three major improvements App Lock! Securely unlock the GitHub app with just a glance. Enable App Lock in Settings to use FaceID, TouchID or pass…

March 20, 2025 update To clarify the exact impact of this change, we’ve updated the title and the wording we used in this changelog. Previously it was titled “Enterprise Managed…

We’re excited to bring an updated repository list view experience and the ruleset merge queue rule to general availability, as well as an update to the status check and workflow…

Developers can now manually run workflows set with workflow_dispatch directly from the Workflow view (Repository -> Actions -> Workflows) on GitHub Mobile. This addition provides developers with greater flexibility and…

Today, we’re excited to announce the general availability of our new organization and enterprise-level security overview dashboards, alongside enhanced secret scanning metrics and the enablement trends reports. These features are…

The REST API now supports the following code security configuration actions for organizations: – Detach configurations from repositories – Enforce configurations – Enable validity checks for secret scanning in a…

Organization owners and security managers can now filter the table of repositories on the code security configurations settings page by configuration attachment failure reason. This is useful when you’ve attempted…

When rolling out code scanning default setup at scale (e.g., via code security configurations), GitHub checks if an advanced CodeQL setup already exists for each repository. If an advanced setup…

Drag-and-drop is a highly interactive and visual interface. We often use drag-and-drop to perform tasks like uploading files, reordering browser bookmarks, or even moving a card in solitaire.

You can now use the REST API to create and manage code security configurations, as well as attach them to repositories at scale. The API supports the following code security configuration actions…

Starting September 3, 2024 enterprise customers who currently have a single organization without an enterprise account will be automatically upgraded into an enterprise account at no additional cost. An enterprise…

GitHub Copilot Extensions is now in Limited Public Beta. With extensions, you can now extend the capabilities of GitHub Copilot Chat and enhance the experience to perform a wide range…

When uploading a SARIF file that contains multiple SARIF runs for the same tool and category, Code Scanning combines those runs into a single run. Combining multiple runs within the…

GitHub is working with the OSS community to bring new supply chain security capabilities to the platform.

Learn how to use CodeQL for security research and improve your security research workflow.

We’ve dramatically increased 2FA adoption on GitHub as part of our responsibility to make the software ecosystem more secure. Read on to learn how we secured millions of developers and why we’re urging more organizations to join us in these efforts.

Say goodbye to unwanted files cluttering your repos, like *.jar or *.so. And limit who can make updates to sensitive files like your Actions workflows with the public beta of…

From the 15th of May 2024 we will no longer support multiple labels on larger GitHub Hosted Runners. In February 2023 we announced that customers could no longer add or…

Today, we’re releasing security tool-specific filters for the security overview dashboard and secret scanning metrics page. Have you ever wondered, “How well is my organization handling SQL injections?” or “How…

macOS 14 (Sonoma) is now generally available. Over the next 12 weeks, jobs using the macos-latest runner label will migrate from macOS 12 (Monterey) to macOS 14 (Sonoma). During migration,…