Search results for: REST API

Copilot secret scanning is now generally available. Copilot secret scanning, which detects generic passwords using AI, offers greater precision for unstructured credentials that can cause security breaches if exposed. Over…

Git 2.47 is here, with features like incremental multi-pack indexes and more. Check out our coverage of some of the highlights here.

Let’s take a closer look at some of the stars of the Open Source Zone at GitHub Universe 2024 🔎

GitHub Enterprise Cloud’s open support for the System for Cross-domain Identity Management (SCIM) specification is now generally available for Enterprise Managed Users (EMUs). This allows administrators to mix and match…

You can now use GitHub Enterprise Cloud Team Sync for Microsoft Entra ID with a new lower permission, GroupMember.Read.All, to sync group state into GitHub. The new permission provides the…

How GitHub volunteers built an open source metrics dashboard for the World Health Organization and some best practices they picked up along the way.

Custom models for GitHub Copilot are now available in Limited Public Beta for Copilot Enterprise. This new capability lets you fine-tune Copilot to better understand and align with your organization’s…

AWS CodeCommit is discontinuing new customer access and will no longer introduce new features. Learn how to migrate to GitHub Enterprise and why it’s the best option for you.

We surveyed 2,000 people on software development teams at enterprises in the U.S., Brazil, India, and Germany about the use, experience, and expectations around generative AI tools in software development.

In July, we experienced four incidents that resulted in degraded performance across GitHub services.

With Copilot Autofix, developers and security teams can keep new vulnerabilities out of code and confidently remediate their backlog of security debt.

Five actionable tips and strategies to supercharge developer happiness—and a more innovative workplace.

In this post, I’ll exploit CVE-2024-5830, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.

Explore how AI coding tools like GitHub Copilot can accelerate your journey to learn new programming languages.

The enum field indicating a ‘detached’ status will be deprecated from the ‘Get repositories associated with a code security configuration’ endpoint. The endpoint itself will remain. We will replace the…

GitHub Staff Engineer Sarah Vessels discusses her philosophy of code review, what separates good code review from bad, her strategy for finding and reviewing code, and how to get the most from reviews of her own code.

In this blog post, we’ll explain how we discovered three critical vulnerabilities in Kafka UI and how they can be exploited.

An interview with economic researchers who are applying causal inference techniques to analyze the effect of generative AI tools on software development activity.

Organization owners can now grant a user or team access to all of the repositories in their org with a single click. Five new pre-defined roles have been added to…

Drag-and-drop is a highly interactive and visual interface. We often use drag-and-drop to perform tasks like uploading files, reordering browser bookmarks, or even moving a card in solitaire.

Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in Ruby projects.