Search results for: Pull Request

Reusable workflows offer a simple and powerful way to avoid copying and pasting workflows across your repositories.

Instead of allowing all or no users to force push, admins can now be selective about who can force push to a repository. The image below shows how in the…

Now, only admins can rename branches that are protected by branch protection rules. GitHub allows repository collaborators to rename every branch in a repository, with the exception of the default…

Defining your security requirements is the most important proactive control you can implement for your project. Here’s how.

Precise code navigation is powered by stack graphs, a new open source framework that lets you define the name binding rules for a programming language.

You can now control which GitHub App a required status check is provided by. If status is then provided by a different app or by a user via a commit…

DRY your Actions configuration with reusable workflows (and more!)

We’re changing which keys are supported in SSH and removing unencrypted Git protocol. Only users connecting via SSH or git:// will be affected. If your Git remotes start with https://, nothing in this post will affect you. If you’re an SSH user, read on for the details and timeline.

Linux is celebrating its 30-year anniversary today, so I’m taking the opportunity to highlight 30 of my favorite free and open source Linux games, their communities, and their stories! If…

The open source Git project just released Git 2.33, with features and bug fixes from over 74 contributors. Here’s a look at some of the most interesting features and changes.

Issues submitted to open source projects often lack important information. Markdown issue templates can help by providing text that contributors can remove and replace with their own input – but…

In May, we experienced two incidents resulting in significant impact to multiple GitHub services.

GitHub has been at the forefront of security key adoption for many years. We were an early adopter of Universal 2nd Factor (“U2F”) and were also one of the first…

In April, we experienced two incidents resulting in significant impact and degraded state of availability for API requests and the GitHub Packages service, specifically the GitHub Packages Container registry service.…

The open source community is always hard at work. February’s projects were super hard to pick since there are so many amazing releases. These are exciting new releases from some…

Last month, a member of the CodeQL security community contributed multiple CodeQL queries for C# codebases that can help organizations assess whether they are affected by the SolarWinds nation-state attack on various parts of critical network infrastructure around the world.

Starting March 1st, 2021 workflow runs that are triggered by Dependabot from push, pull_request, pull_request_review, or pull_request_review_comment events will be treated as if they were opened from a repository fork.…

Not everyone takes a break over the festive season. Some people in the community have been busy shipping releases. So we’re here to bring you the latest and greatest releases…

As your Git repositories grow, it becomes harder and harder for new developers to clone and start working on them. Git is designed as a distributed version control system. This means that…

This blog describes a security vulnerability in the infrastructure that supports Germany’s COVID-19 contact tracing efforts. The mobile (Android/iOS) apps are not affected by the vulnerability and do not collect and/or transmit any personal data other than the device’s IP address. The infrastructure takes active measures to disassociate true positives from client IP addresses.

We’re releasing v7.0.0 of the npm CLI, which includes exciting new features such as Workspaces, automatically installed peer deps, and more!