Search results for: Search

Open source AI models are in widespread use, enabling developers around the world to build custom AI solutions and host them where they choose.

This month, we’re highlighting two major updates to GitHub Mobile: repository forking and create a pull request! Repository forking Fork repositories directly from your devices, making it easier than ever…

Discover the latest trends and insights on public software development activity on GitHub with the release of Q2 & Q3 2024 data for the Innovation Graph.

Learn how specially crafted artifacts can be used to attack Maven repository managers. This post describes PoC exploits that can lead to pre-auth remote code execution and poisoning of the local artifacts in Sonatype Nexus and JFrog Artifactory.

Learn how to modernize legacy code with GitHub Copilot with real-world examples.

The ability to ask Copilot about Actions job failures is now Generally Available. Simply press “Explain Error” from the pull request merge box or the Actions job page to chat…

GitHub uses GitHub to build GitHub, and our CLI extensions are no exception. Read on to find out how we built the GitHub Skyline CLI extension using GitHub!

Following our opt-in preview last year, we are excited to release sub-issues, issue types and advanced search for issues to everyone! 🎉 Thank you to everyone who opted-in and gave…

Secrets spilled, discovered, and hidden again—Game Off 2024 brought over 500 jaw-dropping submissions that redefined creativity in gaming. From cult quests for free furniture to spellbinding mysteries, these games will have you hooked. Ready to uncover the winners?!?

In the last few months, we secured 75+ GitHub Actions workflows in open source projects, disclosing 90+ different vulnerabilities. Out of this research we produced new support for workflows in CodeQL, empowering you to secure yours.

How Copilot can generate unit tests, refactor code, create documentation, perform multi-file edits, and much more.

Git Commit 2024 and our new AI course in Spanish

We are excited to introduce the new CodeQL Community Packs, a comprehensive set of queries and models designed to enhance your code analysis capabilities. These packs are tailored to augment…

Learn how GitHub Artifact Attestations can enhance your build security and help your organization achieve SLSA Level 3. This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing your build process.

We’re open sourcing Annotated Logger, a Python package that helps make logs searchable with consistent metadata.

In this post, I’ll walk you through the vulnerabilities I uncovered in the GStreamer library and how I built a custom fuzzing generator to target MP4 files.

Following our “Evolving GitHub Issues” announcement we’ve continued to improve the experience based on your feedback, including closing an issue as a duplicate, a REST API for sub-issues, and expanding…

In the latest Visual Studio Code release, you will find a suite of enhancements to GitHub Copilot, designed to make your coding and debugging experience in VS Code more productive…

We released a new open source byte-pair tokenizer that is faster and more flexible than popular alternatives.

Learn how I discovered 11 new vulnerabilities by writing CodeQL models for Gradio framework and how you can do it, too.

Whether you’re hunting for the perfect gift for your significant other, the colleague you drew in the office gift exchange, or maybe (just maybe) even for yourself, we’ve got you covered with our top 10 gifts that any developer would love.