Search results for: Security

Delegated bypass controls allow you to choose who can bypass push protection for secret scanning and designate reviewers for bypass requests. You can now manage your list of approvers and…

Dependabot now supports parsing and updating environment.yml Conda environment specification files. This release includes both security and version Dependabot updates for Conda-based Python projects. Why it matters Many Python projects…

This is your new home base for discovering MCP servers. Learn how we’re working with the broader community on MCP publication and discovery.

If you’ve tried connecting AI agents to your development tools, you know the pain — MCP servers are scattered across numerous registries, random repositories, and buried in community threads. Without…

Enterprise access restrictions via corporate proxies is now generally available for GitHub Enterprise Cloud accounts with Enterprise Managed Users (EMU). With this release, enterprise owners may allow only EMU enterprise…

The August 2025 update to GitHub Copilot in Visual Studio Code (v1.104) brings greater flexibility, security, and productivity to AI-powered development workflows. Highlights Auto model selection in Copilot Chat: Copilot…

Enterprise and organization administrators can now configure MCP registries and test allowlist enforcement in VS Code Insiders, preparing for the rollout across all Copilot environments. Understanding MCP registries and allowlists…

Hear about the personal tools we use to improve our workflows (and how to get started building your own) on this episode of the GitHub Podcast.

Delegate it a task, and coding agent can independently write, run, and test code. Here’s how you can make the most of it.

Expanded platform support GitHub Enterprise Cloud with data residency and Enterprise Server Enterprise Cloud with data residency: Starting today, validity checks are now available for GitHub Secret Protection and GitHub…

Create your own agenda of favorites, sign up for one-on-on mentoring sessions, and register if you haven’t already. We’ll see you there!

Dependabot alerts can now be filtered and prioritized using production context from external artifact registries, including JFrog Artifactory, and your own CI/CD workflows. This feature is available in public preview.…

Connect commits to artifacts without switching tools.

Dependabot can now update private Go modules hosted on enterprise registries and behind GOPROXY-compatible private proxies, as well as public modules, within the same workflow. This enables automated version and…

The remote GitHub MCP Server is now generally available. We’ve introduced OAuth-based authentication, expanded tooling, and improved security guardrails. Improvements & updates 🔐 Production authentication The GitHub MCP Server now…

Copilot code review is becoming even more customizable! You can now use your existing path-scoped instruction files to provide targeted guidance for specific parts of your repository. Plus we have…

This guide offers five essential tips for writing effective GitHub Copilot custom instructions, covering project overview, tech stack, coding guidelines, structure, and resources, to help developers get better code suggestions.

CodeQL is the static analysis engine behind GitHub code scanning, which finds and remediates security issues in your code. We’ve recently released CodeQL 2.22.4, which adds support for Go 1.25,…

Developers can use their AI tool of choice for spec-driven development with this open source toolkit.

Learn how GitHub Copilot’s evolving models and infrastructure center developer choice and power agentic workflows.

Learn how the Secret Protection engineering team collaborated with GitHub Copilot coding agent to expand validity check coverage.