Search results for: Security

Here’s what you need to know to write a compelling session proposal and get on stage.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub Codespaces is reliable, accessible, and always-ready. Try it out during Maintainer Month and take your projects to new heights!

Explore how generative AI coding tools are changing the way developers and companies build software.

Secret scanning’s push protection feature is now generally available for all free public repositories on GitHub.com. You can enable push protection for any public repository on GitHub.com from your repository’s…

Code scanning detects ReDoS vulnerabilities automatically, but fixing them isn’t always easy. This blog post describes a 4-step strategy for fixing ReDoS bugs.

Announcing the general availability of push protection–a feature that proactively prevents secret leaks in your public and private repositories.

The world’s code is now at your fingertips.

Consider the typical software development practices in an organization. Projects are commonly closed, and causes friction across engineering teams. But open source communities work asynchronously, openly, remotely and at global-scale. What if our internal teams could reuse those same practices?

If you are an organization or enterprise owner, you will now receive a secret scanning summary email when the historical scan completes. The email notification will tell you how many,…

Codespaces now supports two-way Settings Sync with VS Code for the Web Visual Studio Code enables users to Sync Settings between VS Code environments. Codespaces exposes this capability as a…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

Starting today, Dependabot will be able to auto-dismiss npm alerts that have limited impact (e.g. long-running tests) or are unlikely to be exploitable. With this ship, Dependabot will cut false…

A new alert rules engine for Dependabot leverages alert metadata to identify and auto-dismiss up to 15% of alerts as false positives.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub Advanced Security customers can now enable validity checks for supported partner patterns in their repository, organization, or enterprise level code security settings. When you enable the checkbox in your…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub today announced public beta support for custom deployment protection rules for safely rolling out deployments using GitHub Actions. Custom deployment protection rules are powered by GitHub Apps and can…

Create and share your own deployment protection rules, or use the rules from our great partners, like Datadog, Honeycomb, New Relic, NodeSource, Sentry, and ServiceNow, to control your deployments with more confidence. And the API is open for the community to build their own rules to make GitHub Enterprise Cloud even better.

Open source maintainers and security researchers embrace a new best practice to report and fix vulnerabilities.