The Dependency Review GitHub Action, which checks if pull requests introduce a dependency with a known vulnerability, now supports configuration based on vulnerability severity and license type. The following configuration…
Back in March, we introduced a new “For you” feed in Public Beta, to help you discover interesting projects across GitHub. Today, we are sharing a few updates to this…
Discover how GitHub thinks about browser support, look at usage patterns, and learn about the tools we use to make sure our customers are getting the best experience.
Dependabot is generally available in GitHub Enterprise Server 3.5. Here is how to set up Dependabot on your instance.
We’re excited to announce that we’re open sourcing our Identity and Access Management solution: Entitlements.
Available in public beta today, we’re announcing Achievements as a new way to commemorate milestones on GitHub.
Organization owners and repository admins can now require developers to sign off on commits made through GitHub’s web interface. Also, it is now easier for developers to complete a signoff…
A personal story about building the feature you want and sharing it with the world.
Custom repository roles are now GA for GitHub.com and Enterprise Server 3.5. Organization admins can create custom repository roles available to all repositories in their organization. Roles can be configured…
The Rust community can now discover, report, and prevent security vulnerabilities.
CI/CD and workflow automation are native capabilities on GitHub platform. Here’s how to start using them and speed up your workflows.
Dependabot version updates help you keep your dependencies up-to-date by opening pull requests automatically when new versions are available. With this release, you can now more easily enable and configure…
Read about all the features you may not have known come on the GitHub Free plan, and how to choose the right plan for you.
During the month of June, we’re holding space for open source maintainers to gather, share, and be celebrated.
In May, we experienced three distinct incidents resulting in significant impact to multiple services across GitHub.com. This report also sheds light into the billing incident that impacted Actions and Codespaces users in April.
GitHub Enterprise Server 3.5 is available now, including access to the Container registry, the addition of Dependabot, enhanced administrator capabilities, and features for GitHub Advanced Security.
We’ve made some updates to how paste formatting works in Markdown-enabled fields on GitHub. For example, in code editors and on gists, you’ll now be able to paste URLs on…
Previously, some branch protections only allowed exceptions to be granted to users and teams. Now, GitHub Apps can also be granted exceptions to any branch protection that supports exceptions. Admins…
At GitHub we use GitHub to build our own products, and the new projects experience is no different. Check out how our team uses projects to build powerful project planning for developers.
GitHub’s Information Security Management System (ISMS) has been certified against ISO 27001:2013, an internationally recognized standard for security program best practices.
You can now default to using PR titles for all squash merge commit messages. Navigate to ‘Settings’ in your repository and scroll down to the Pull Requests section. Select Allow…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Catch up on the GitHub podcast, a show dedicated to the topics, trends, stories and culture in and around the open source developer community on GitHub.
