Introducing the CodeQL package manager (public beta)
Introducing the CodeQL package manager (public beta)
Home / You searched for Security / Blog Search
Search results for: Security
What’s new from GitHub Changelog? June 2021 Recap
This month, we have some exciting updates to share. A lot of you have welcomed the improvements to your ability to sync a forked repo with upstream from the web…
Linear and Ionic are now GitHub secret scanning integrators
Linear and Ionic are now GitHub secret scanning integrators
CodeQL code scanning now recognizes more sources and uses of untrusted user data
CodeQL code scanning now recognizes more sources and uses of untrusted user data
Code scanning: Diagnostic information is available!
Code scanning: Diagnostic information is available!
CodeQL Code Scanning: It’s now easier to analyze multiple languages on 3rd party CI/CD systems with the CodeQL CLI
CodeQL Code Scanning: It’s now easier to analyze multiple languages on 3rd party CI/CD systems with the CodeQL CLI
Dependabot now schedules version updates uniformly
Dependabot now schedules version updates uniformly
What’s new from GitHub Changelog? May 2021 Recap
In May, GitHub shipped a total of 20 new features. We love what we do, but we know it’s a lot to keep up with. So we’re trying something new on the GitHub Blog—a monthly recap of everything that shipped to Changelog in the past month. Check out some of the updates you might have missed.
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug
polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit.
Dependabot updated `pip`, `pip-tools`, and `pipenv` support
Dependabot updated `pip`, `pip-tools`, and `pipenv` support
RubyGems, Adobe and OpenAI are now GitHub secret scanning integrators
RubyGems, Adobe and OpenAI are now GitHub secret scanning integrators
Securing the open source supply chain by scanning for package registry credentials
GitHub secret scanning has been securing our users’ code by scanning for and revoking secrets since 2015. Recently, we’ve focused on scanning for package registry credentials as well—a significant and…
Secret scanning now supports user defined patterns on private repositories
Secret scanning now supports user defined patterns on private repositories
Updates to our policies regarding exploits, malware, and vulnerability research
One month ago, we started a discussion with the community about proposed revisions to clarify GitHub’s policies on security research, malware, and exploits with the goal to enable, welcome, and…
GitHub Enterprise Server 3.1 is now generally available
GitHub Enterprise Server 3.1 is now generally available for all customers. It helps customers work with large, busy repositories, while enabling developers to develop and deploy with less effort than…
Control which code scanning alerts cause a pull request check to fail
Control which code scanning alerts cause a pull request check to fail
Dependabot version updates can now ignore major/minor/patch releases
Dependabot version updates can now ignore major/minor/patch releases
GitHub Advisory Database now includes Go advisories
GitHub Advisory Database now includes Go advisories
GitHub Enterprise Cloud self-service compliance reports have moved
GitHub Enterprise Cloud self-service compliance reports have moved
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
