Search results for: Search

Last year at GitHub Universe, we introduced the GitHub Security Lab, which is committed to contributing resources, tooling, bounties, and security research to secure the open source ecosystem. We know…

Git has a reputation for being confusing. Users stumble over terminology and phrasing that misguides their expectations. This is most apparent in commands that “rewrite history” such as git cherry-pick or git rebase. In my experience,…

The developer community remains the heart of GitHub, and we’re committed to respecting the privacy of developers using our product.

You can now include multiple words after the # in an issue, discussion, or pull request comment to further narrow your search. Not trying to reference anything? Dismiss issue and…

During the last year alone, over 56 million developers created more than 60 million new repos and made more than 1.9 billion contributions on GitHub. These developers are building the…

Aimed at developers, in this series we introduce and explore the memory unsafe attack surface of interpreted languages.

GitHub Universe is almost here. For more on what to expect from this year’s stream, we sat down with virtual host, Brian Douglas, for a quick Q&A on GitHub Actions,…

Learn about nbdev, a new literate programming environment for Python.

The Digital Millennium Copyright Act (DMCA) is a 22-year old United States law meant to strike a complicated balance between art, code, and speech on the net — impacting users…

This blog describes a security vulnerability in the infrastructure that supports Germany’s COVID-19 contact tracing efforts. The mobile (Android/iOS) apps are not affected by the vulnerability and do not collect and/or transmit any personal data other than the device’s IP address. The infrastructure takes active measures to disassociate true positives from client IP addresses.

The GitHub Archive Program announces its latest milestone: storing collections of the most popular and depended upon open source repositories in beautiful art cases featuring 3D-printed and AI-generated artwork in significant libraries around the world.

GitHub will recommend you unwatch repositories that you are no longer interacting with. You will see these recommendations when: You check your notifications on GitHub You search for notifications on…

Ubuntu 20.04 local privilege escalation using vulnerabilities in gdm3 and accountsservice (CVE-2020-16125, CVE-2020-16126, CVE-2020-16127)

Along with the release of version 7 of the npm CLI, we have updated the npm documentation site to add the documentation for the new release. In addition, we’ve made…

An introduction to our blog series on GitHub’s investments in technical excellence.

In this post I’ll give details about how to exploit CVE-2020-6449, a use-after-free (UAF) in the WebAudio module of Chrome that I discovered in March 2020. I’ll give an outline of the general strategy to exploit this type of UAF to achieve a sandboxed RCE in Chrome by a single click (and perhaps a 2 minute wait) on a malicious website.

November 3 is election day in the U.S. Early voting is available in most states. If you haven’t yet, make a plan to vote. If you’re an employer in the…

Outubro é um mês especial no mundo do desenvolvimento de software. Há 7 anos a Hacktoberfest — um festival que celebra a comunidade open source — incentiva pessoas desenvolvedoras a…

The open source Git project just released Git 2.29 with features and bug fixes from over 89 contributors, 24 of them new. Last time we caught up with you, Git 2.28 had just been…

The ninth annual js13kGames competition wrapped up last weekend with over 220 games submitted. All created in a month and in less than 13kB of JavaScript. For anyone not in…

We’re here to bring you the latest and greatest releases for October 2020. These are exciting new releases from some of the coolest projects around. There’s everything from world-changing tech,…