We strive to understand how developers collaborate and work on GitHub, and we sometimes partner with academics to better understand how we can improve our products. Here’s how we did that to build and evolve GitHub Discussions.
New Octokit.js release with support for 91 new APIs
Secret scanning push protection bypasses are now shown in the audit log and API
Practical tips on how to apply OWASP Top 10 Proactive Control C4.
GitHub’s SSH host keys are now published in the API
API support for managing labels of Actions self-hosted runners
Expiration dates of SAML-authorized PATs available via API
In this post, I’ll exploit a use-after-free (CVE-2021-30528) in the Chrome browser process that I reported to escape the Chrome sandbox. This is a fairly interesting bug that shows some of the subtleties involved in the interactions between C++ and Java in the Android version of Chrome.
Allow Enterprise owners to toggle LFS per repository via API
Improvements to the code scanning and GitHub Advanced Security APIs
GitHub Actions: Beta API to approve Actions from forks
About a year ago, we migrated an old rate limiter in order to serve more traffic and accommodate a more resilient platform architecture. We adopted a replicated Redis backend with…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
