Code scanning default setup on the security coverage page (public beta)
Code scanning default setup on the security coverage page
Home / You searched for Security / Blog Search
Search results for: Security
Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use `git apply` or `git clone` against untrusted patches or repositories.
Unlocking security updates for transitive dependencies with npm
How Dependabot integrated with npm to address security vulnerabilities on transitive dependencies and increase the likelihood of success for JavaScript security updates by 40%.
Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use `git archive`, work in untrusted repositories, or use Git GUI on Windows.
Security overview’s team filter now includes repositories with write privileges
Security overview’s team filter now includes repositories with write privileges
Code security enablement settings on the list organization repositories REST API
Code security enablement settings on the list organization repositories REST API
GitHub Advanced Security customers can now push protect their custom patterns
With just one click, admins in GitHub Advanced Security organizations can protect their custom patterns on push.
Raising the bar for software security: next steps for GitHub.com 2FA
GitHub will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. Learn more about our approach, when we’ll begin our rollout, and what you can expect as we begin requiring 2FA.
Improvements to GitHub Advanced Security billing pages
Improvements to GitHub Advanced Security billing pages
Organization-level security risk and coverage pages replace overview page
Organization-level security risk and coverage pages replace overview page
Incremental improvements on security advisory form
Incremental improvements on security advisory form
Dependabot now supports security updates for Dart and Flutter apps that use Pub packages
Dependabot now supports security updates for Dart and Flutter apps that use Pub packages
Dependabot security updates now supports GitHub Actions
Dependabot security updates now supports GitHub Actions
Feature enablement from the organization-level security coverage page
Feature enablement from the organization-level security coverage page
Risk and coverage views on the Security tab for organizations (public beta)
Risk and coverage views on the Security tab for organizations (public beta)
The importance of improving supply chain security in open source
We think a lot about a high-profile supply chain attack that might cause developers, teams, and organizations to lose trust in open source. That’s why we’re investing in new ways to protect the open source ecosystem.
Security policy highlighted on repository overview
Security policy highlighted on repository overview
Creating a more inclusive security research field
A glimpse into the backgrounds and day-to-day work of several GitHub employees in cybersecurity roles.
Yellow security vulnerability repository banner is being removed
Yellow security vulnerability repository banner is being removed
Cybersecurity spotlight on bug bounty researcher @ahacker1
As we wrap up Cybersecurity Awareness Month, the GitHub bug bounty team is excited to spotlight one of the security researchers who participates in the GitHub Security Bug Bounty Program.
What we learned from the Security Lab’s Community Office Hours
The GitHub Security Lab provided office hours for open source projects looking to improve their security posture and reduce the risk of breach. Here’s what we learned and how you can also participate.
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
