CodeQL is the static analysis engine that powers GitHub code scanning. CodeQL version 2.16.4 has been released and has now been rolled out to code scanning users on GitHub.com. CodeQL…
Dependabot security updates help you keep your dependencies secure by opening pull requests when a Dependabot alert is raised. With today’s release, you can now use flexible grouping options in…
Here’s how merge queue transformed the way GitHub deploys changes to production at scale, so you can do the same for your organization.
With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.
GitHub Enterprise Server 3.12 is generally available GitHub Enterprise Server 3.12 is now generally available and gives customers more fine-grained control over deployment requirements, as well as enhanced security controls.…
Discover how keeping repository maintainer information accurate through CODEOWNERS files and automating maintenance with tools like cleanowners fosters efficient collaboration and sustainable software projects.
CodeQL is the static analysis engine that powers GitHub code scanning. CodeQL version 2.16.3 has been released and has now been rolled out to code scanning users on GitHub.com. Important…
Learn how your organization can customize its LLM-based solution through retrieval augmented generation and fine-tuning.
Learn how we’re managing feature releases and establishing best practices within and across teams at GitHub using GitHub Projects.
Configuring merge queue in your repo rulesets is now available in public beta! Merge queue & rule insights Until now, rule insights would only list one pull request as merged…
GitHub Copilot Enterprise, our most advanced AI offering to date, is now generally available. With GitHub Copilot Enterprise, you can: Gain a deeper understanding of your organization’s unique codebase: Copilot…
Our most advanced AI offering to date is customized to your organization’s knowledge and codebase, infusing GitHub Copilot throughout the software development lifecycle.
Explore the capabilities and benefits of AI code generation, and how it can improve the developer experience for your enterprise.
Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.
The GitHub Enterprise Server 3.12 release candidate is here GitHub Enterprise Server 3.12 gives customers more fine-grained control over deployment requirements, enhanced security controls, and some . Here are a…
A peek under the hood of GitHub Advanced Security code scanning autofix.
We listened to your feedback and released new versions (v4) of actions/upload-artifact and actions/download-artifact. While this version of the actions to upload and download artifacts includes up to 10x performance improvements and several new features, there are also key differences from previous versions that may require updates to your workflows.
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.
In practice, shifting left has been more about shifting the burden rather than the ability. But AI is bringing its promise closer to reality. Here’s how.
Get excited for this month’s Release Radar. Maintainers were hard at work this past month, shipping major updates for you all. Read on for our top staff picks.
Consider deploying the GitHub Action: Evergreen so that you know each of your repositories are leveraging active dependency management with Dependabot.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Last chance: Save $700 on your IRL pass to Universe and join us on Oct. 28-29 in San Francisco.
