Search results for: Search

GitHub Discussions now supports the ability to close a Discussion. Discussions can be closed for one of three reasons: Resolved, Outdated, or Duplicate. Closing a Discussion is much like closing…

Developers are at the heart of our online world and at the forefront of creating solutions for global challenges, working to make the software that underpins our digital infrastructure more secure, reliable, and safe.

Today we have released multi-repository variant analysis for CodeQL in public beta to help the OSS security community power up their research with CodeQL. CodeQL is the static code analysis…

Learn how teams can leverage the power of GitHub Advanced Security’s code scanning and GitHub Actions to integrate the right security testing tools at the right time.

Our community—along with ourselves—took a much needed break over the festive season. Now everyone is back into the full swing of work, and the open source community is showing us…

The GitHub Security Lab audited DataHub, an open source metadata platform, and discovered several vulnerabilities in the platform’s authentication and authorization modules. These vulnerabilities could have enabled an attacker to bypass authentication and gain access to sensitive data stored on the platform.

A deep dive into why more people are using Python than ever, its key use cases, and why it’s still so popular 30-plus years after it was first released.

Secret scanning alerts are now generally available for all public repositories. Admins can now turn on the alert experience with one click.

Policymakers around the world are developing policies that impact how software gets built and who gets to build it, see the latest now.

Today’s Changelog brings you updates to workflows, roadmaps, our API and makes cross organization projects a breeze! ➕ Automatically add items from multiple repositories Last month, we shared the latest…

CVE-2022-25664, a vulnerability in the Qualcomm Adreno GPU, can be used to leak large amounts of information to a malicious Android application. Learn more about how the vulnerability can be used to leak information in both the user space and kernel space level of pages, and how the GitHub Security Lab used the kernel space information leak to construct a KASLR bypass.

GitHub Copilot boosts developer productivity, but using it responsibly still requires good developer and DevSecOps practices.

Learn about CodeQL’s improved user experience and enhancements that let you scan new languages, detect new types of CWEs, and perform deeper analyses of your applications.

Looking back over a year’s worth of developer-first content moderation and, new in this report, making our data more accessible to researchers.

GitHub Copilot is the world’s first at-scale AI developer tool and we’re now offering it to every developer, team, organization, and enterprise.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

CodeQL is the engine that powers GitHub code scanning, used by more than 100,000 repositories to catch security vulnerabilities before they cause issues in deployments. CodeQL is fully integrated into…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

Below are my prepared remarks delivered at the EU Open Source Policy Summit in Brussels on Feb 3rd.

The DEI Resource Hub is a vetted collection of resources, tools, and best practices designed to help open source maintainers create and maintain inclusive and diverse open source communities.

Today we are announcing the public beta of roadmaps in GitHub Projects! 🎉 Last November at GitHub Universe, we announced the private beta for roadmap. With your help and feedback…