Search results for: Security

Another new release of Git is here! Take a look at some of our highlights on what’s new in Git 2.38.

GitHub’s audit log allows admins to quickly review the actions performed by members of their Enterprise. It includes details such as who performed the action, what the action was, and…

We’ve been responding to your feedback – here’s a recap of some changes recently made to Dependabot alerts. Dependabot Alerts details pages now auto-magically refresh after PR generation attempts are…

Access to the open internet is essential to defending human rights, and developers have an important role in promoting freedom of expression and transparency. GitHub is committed to keeping Iranians connected to the global developer community.

GitHub Advanced Security customers can now view a timeline of actions taken on a secret scanning alert, including when a contributor bypassed the push protection on a secret. Users can…

In February 2022, we launched a new feature called community contributions to security advisories. We’ve continued to iterate on this feature, and recently released more improvements: You’re now prompted to…

Learn best practices on how to roll out centrally managed, developer-centric application security with a third party CI/CD system like Jenkins or ADO.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

You can now programmatically view and act on Dependabot alerts via the REST API. New endpoints to view, list, and update Dependabot alerts are available in a public beta. For…

We’re launching GitHub for Startups to give your startup the tools needed to go from idea to unicorn status on the world’s largest developer platform.

We have started creating and storing CodeQL databases for the most popular open-source projects on GitHub.com. If you use CodeQL for security research, you can now obtain these databases easily…

Students have the opportunity to connect with GitHub employees at GitHub Universe 2022 through Micro-Mentoring sessions hosted by GitHub Social Impact.

As the home for developers, we understand the key role our communities play in steering digital transformation and maintaining societal infrastructure. That’s why we choose to drive and support policies and initiatives like the Copenhagen Pledge on Tech for Democracy. We’re committed to working with like-minded organizations, governments, and civil society to make digital technologies work for democracy and human rights, and we encourage you to join us in this pledge.

Go beyond knowing GitHub as the home of open source and explore how GitHub Enterprise can help you transform your software engineering organization and practices.

GitHub Mobile can no longer connect to GitHub Enterprise Server 3.1. To enable connections from GitHub Mobile to GitHub Enterprise Server, a site administrator must upgrade to GitHub Enterprise Server…

Enterprise administrators can now choose to redirect signed-out Enterprise Managed Users to their company’s single sign-on (SSO) page. This feature is available as a public beta. By default, enterprises with…

Here are some actionable tips on how to ask your manager to send you to GitHub Universe this year—with a free template included!

Dependabot alerts can give you the ability to secure your project by keeping dependency-based vulnerabilities out of your code. Here are some tips to more efficiently prioritize and take action on your alerts, so you can get back to building.

GitHub’s audit log allows admins to quickly review the actions performed by members of their Enterprise. It includes details such as who performed the action, what the action was, and…

We’re taking a look at two commonly-used security tools and detailing how they can help secure your projects.

Your GitHub repositories with Dependabot alerts enabled and Dependabot security updates enabled will automatically generate Dependabot pull requests for vulnerable npm transitive dependencies. Previously, Dependabot couldn’t generate a security update…