Search results for: Security

Learn how researchers and security experts at GitHub, Microsoft, and Santander came together to address the challenges presented by the post-quantum cryptography world.

Users of secret scanning can now view any new secrets exposed in a discussion’s title, description, or comments within the UI or the REST API. This expanded coverage will also…

The GitHub Security Lab examined the most popular open source software running on our home labs, with the aim of enhancing its security. Here’s what we found and what you can do to better protect your own smart home.

A GitHub codespace is a development environment provided by a container that runs on a virtual machine (VM). The development environment that the developer works within is defined by the…

GitHub Advanced Security users can now use the REST API to enable or disable secret scanning validity checks for a repository, organization, or enterprise. Validity checks retrieve a status for…

We have partnered with our sister team at Microsoft to bring some improvements to the NuGet ecosystem for Dependabot updates: Updater logic re-written in C#, making it easier for users…

You can now use the REST API to create a temporary private fork within a draft security advisory or private vulnerability report. Learn more about the repository security advisories REST…

CodeQL 2.15.3 is rolling out to users of GitHub code scanning on github.com this week, and all new functionality will also be included in GHES 3.12. Users of GHES 3.11…

The last Git release of 2023 is here! Take a look at some of our highlights on what’s new in Git 2.43.

Auto-triage rules are a powerful tool to help you reduce false positives and alert fatigue substantially, while better managing your alerts at scale. We’ve heard your feedback, which is helping…

Organization owners can now create and assign custom organization roles, which grant members and teams specific sets of privileges within the organization. Like custom repository roles, organization roles are made…

Discover new AI-powered features and tools to help developers stay in the flow and organizations innovate at scale.

The GitHub Enterprise Server 3.11 release candidate is here GitHub Enterprise Server 3.11 gives customers more visibility of their instance. Here are some highlights: Code scanning’s default setup now does…

We’re simplifying how Dependabot operates! Previously, if Dependabot encountered errors in its last run, it would automatically re-run the job when there were changes in the package manifest (like adding…

The GitHub Awards recognizes and celebrates the outstanding contributions and achievements in the developer community, honoring individuals, projects, and organizations for their impactful work, innovation, thought leadership, and creating an outsized positive impact on the community.

Secret scanning will now use AI to detect unstructured passwords in git content and generate an alert. Alerts for passwords appear in a separated tab from regular secret scanning alerts.…

Secret scanning has a new, AI-powered regular expression generator for custom patterns. Within the existing custom patterns page, GitHub Advanced Security users can launch a generative AI experience where you…

GitHub is announcing general availability of GitHub Copilot Chat and previews of the new GitHub Copilot Enterprise offering, new AI-powered security features, and the GitHub Copilot Partner Program.

In this year’s Octoverse report, we study how open source activity around AI, the cloud, and Git are changing the developer experience.

Secret scanning will now detect the following non-provider patterns: HTTP basic authentication header HTTP bearer authentication header MongoDB connection string MySQL connection string Postgres connection string OpenSSH private key PGP…

GitHub Advanced Security users can now filter their secret scanning alerts by validity in the UI at the repository, organization, and enterprise level. Valid statuses are active, inactive, or unknown.…