Search results for: Security

A tool to help you keep your open source catalog organized and up to date.

You can now create single-use self-hosted runners without time-limited registration tokens using the REST API. When a runner registers using this API it will only be allowed to run a…

Today, we’re extending CodeQL code scanning support to Swift! Developers working on Swift libraries and apps on Apple platforms can now benefit from our best-in-class code security analysis. We currently…

GitHub Enterprise Cloud administrators can now download and view the updated Services Continuity and Incident Plan for 2023. To learn more, please review our documentation on how to access compliance…

In this blog, I’ll look at CVE-2022-46395, a variant of CVE-2022-36449 (Project Zero issue 2327), and use it to gain arbitrary kernel code execution and root privileges from the untrusted app domain on an Android phone that uses the Arm Mali GPU. I’ll also explain how root cause analysis of CVE-2022-36449 led to the discovery of CVE-2022-46395.

GitHub secret scanning protects users by searching repositories for known types of tokens. By identifying and flagging these tokens, our scans help prevent data leaks and fraud. We have partnered…

Low-code enables developers and non-developers to build custom applications and solutions with less effort. In this blog, we show you how to automate your low-code deployments using GitHub Actions.

In this special episode of The ReadME Podcast, dedicated to GitHub’s Maintainer Month, Kelsey Hightower joins hosts Martin Woodward and Neha Batra to discuss his philosophy on fostering thriving open source communities and the importance of empathy to a maintainer’s success.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

In the coming week, GitHub will upgrade the host operating system for the virtual machines that build and run the dev containers in GitHub Codespaces from Ubuntu 18.04 to Ubuntu…

Here’s what you need to know to write a compelling session proposal and get on stage.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub Codespaces is reliable, accessible, and always-ready. Try it out during Maintainer Month and take your projects to new heights!

Explore how generative AI coding tools are changing the way developers and companies build software.

Secret scanning’s push protection feature is now generally available for all free public repositories on GitHub.com. You can enable push protection for any public repository on GitHub.com from your repository’s…

Code scanning detects ReDoS vulnerabilities automatically, but fixing them isn’t always easy. This blog post describes a 4-step strategy for fixing ReDoS bugs.

Announcing the general availability of push protection–a feature that proactively prevents secret leaks in your public and private repositories.

The world’s code is now at your fingertips.

Consider the typical software development practices in an organization. Projects are commonly closed, and causes friction across engineering teams. But open source communities work asynchronously, openly, remotely and at global-scale. What if our internal teams could reuse those same practices?

If you are an organization or enterprise owner, you will now receive a secret scanning summary email when the historical scan completes. The email notification will tell you how many,…