Search results for: Security

We have partnered with our sister team at Microsoft to bring some improvements to the NuGet ecosystem for Dependabot updates: Updater logic re-written in C#, making it easier for users…

You can now use the REST API to create a temporary private fork within a draft security advisory or private vulnerability report. Learn more about the repository security advisories REST…

CodeQL 2.15.3 is rolling out to users of GitHub code scanning on github.com this week, and all new functionality will also be included in GHES 3.12. Users of GHES 3.11…

The last Git release of 2023 is here! Take a look at some of our highlights on what’s new in Git 2.43.

Auto-triage rules are a powerful tool to help you reduce false positives and alert fatigue substantially, while better managing your alerts at scale. We’ve heard your feedback, which is helping…

Organization owners can now create and assign custom organization roles, which grant members and teams specific sets of privileges within the organization. Like custom repository roles, organization roles are made…

Discover new AI-powered features and tools to help developers stay in the flow and organizations innovate at scale.

The GitHub Enterprise Server 3.11 release candidate is here GitHub Enterprise Server 3.11 gives customers more visibility of their instance. Here are some highlights: Code scanning’s default setup now does…

We’re simplifying how Dependabot operates! Previously, if Dependabot encountered errors in its last run, it would automatically re-run the job when there were changes in the package manifest (like adding…

The GitHub Awards recognizes and celebrates the outstanding contributions and achievements in the developer community, honoring individuals, projects, and organizations for their impactful work, innovation, thought leadership, and creating an outsized positive impact on the community.

Secret scanning will now use AI to detect unstructured passwords in git content and generate an alert. Alerts for passwords appear in a separated tab from regular secret scanning alerts.…

Secret scanning has a new, AI-powered regular expression generator for custom patterns. Within the existing custom patterns page, GitHub Advanced Security users can launch a generative AI experience where you…

GitHub is announcing general availability of GitHub Copilot Chat and previews of the new GitHub Copilot Enterprise offering, new AI-powered security features, and the GitHub Copilot Partner Program.

In this year’s Octoverse report, we study how open source activity around AI, the cloud, and Git are changing the developer experience.

Secret scanning will now detect the following non-provider patterns: HTTP basic authentication header HTTP bearer authentication header MongoDB connection string MySQL connection string Postgres connection string OpenSSH private key PGP…

GitHub Advanced Security users can now filter their secret scanning alerts by validity in the UI at the repository, organization, and enterprise level. Valid statuses are active, inactive, or unknown.…

Celebrate the maintainers of the first GitHub Accelerator cohort, learn what they have been up to since, and hear what’s next for GitHub Accelerator.

Today we’re announcing that Private Networking for GitHub-hosted runners with Azure Virtual Networks (VNET) is now in public beta. This feature allows GitHub Enterprise customers using Azure to integrate their…

Users who are not part of the mandatory 2FA program will now be added to it within 24 hours of creating their first release. In August we expanded the 2FA…

GitHub secret scanning protects users by searching repositories for known types of secrets such as tokens and private keys. By identifying and flagging these secrets, our scans help prevent data…

As Hacktoberfest comes to a close, you still have a day or so left to complete and submit your pull requests. If you’re struggling to think of projects to contribute…