Secret scanning’s push protection feature is now generally available for all free public repositories on GitHub.com. You can enable push protection for any public repository on GitHub.com from your repository’s…
Secret scanning’s push protection feature is now generally available for GitHub Advanced Security customers. Customers can enable push protection for any private repository that has GitHub Advanced Security. Push protection…
Announcing the general availability of push protection–a feature that proactively prevents secret leaks in your public and private repositories.
Fine-grained PATs can now call the GitHub GraphQL API. This was a limitation at the start of the public beta, and is now supported. Like with the REST API, the…
GitHub Importer allows you to import repositories from other code hosting platforms to GitHub.com using a UI or REST API. Today, GitHub Importer supports Git, Mercurial, Subversion and Team Foundation…
GitHub Advanced Security customers using secret scanning can now view any secrets exposed historically in an issue’s title, description, or comments within the UI or the REST API. This expanded…
Meet the projects that make up the first GitHub Accelerator cohort and learn about how GitHub is helping bring their visions to reality.
Commenting on files (including deleted, binary, and renamed files) in a pull request is now generally available on the web and GitHub Mobile! A special thank you to everyone that…
A high-quality audit log is an essential tool for enterprises to ensure compliance, maintain security, investigate issues, and promote accountability.
A software bill of materials (SBOM) is a standardized inventory of a software project’s dependencies and associated metadata (versions, licenses, etc). You can now export your repository’s dependency graph as…
Developers and compliance teams get a new SBOM generation tool for cloud repositories.
Enabling CodeQL analysis with code scanning default setup for eligible repositories in your organization is now as easy as a single click from the organization’s settings page or a single…
GitHub Docs recently changed its site-search to Elasticsearch. Here’s how it was implemented.
With updates to GitHub Actions, repositories, and GitHub Advanced Security, this new version of GitHub Enterprise Server is focused on bringing the best developer experience to companies.
What’s new? This feature makes it easier to enable Dependabot alerts and check enablement status across all your repositories at an enterprise level, with updates across both enablement UI and…
A look at what happened on January 30, what measures we’re putting in place to prevent surprises, and how we’ll handle future changes.
GitHub Advanced Security customers using secret scanning can now view any new secrets exposed in an issue’s title, description, or comments within the UI or the REST API. This expanded…
Fine-grained personal access tokens offer enhanced security to developers and organization owners, to reduce the risk to your data of compromised tokens.
API users can now integrate with a new dependabot_alert webhook, which matches the naming and structure of the recently introduced Dependabot alerts REST API. You should use this webhook in…
GitHub’s audit log allows admins to quickly review the actions performed by members of their Enterprise. It includes details such as who performed the action, what the action was, and…
GitHub Advanced Security customers can now view a timeline of actions taken on a secret scanning alert, including when a contributor bypassed the push protection on a secret. Users can…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Catch up on the GitHub podcast, a show dedicated to the topics, trends, stories and culture in and around the open source developer community on GitHub.
