Search results for: Security

GitHub Enterprise Cloud administrators who have IP allow lists set up for their enterprises, organizations, or GitHub Apps can now check whether an IP address is permitted within the IP…

GitHub Advanced Security customers using secret scanning can now specify a custom link that will show in the error message when push protection detects and blocks a potential secret. Admins…

OpenID Connect (OIDC) support in GitHub Actions is now enhanced to support secure cloud deployments at scale. Org & repo admins can use the new OIDC API support to: enable…

Today we are deprecating the theme picker we introduced in 2012 for GitHub Pages. While this experience allowed users to preview a theme in the user interface, we are doing…

Dependabot alerts users can now add an optional comment when dismissing an alert. These comments (maximum 280 characters) are viewable in the alert timeline and via the new dismissComment field…

We’ve made a series of improvements to the GitHub Connect license sync feature in addition to the “Sync now” button we recently added in GHES: Enterprise administrators can now access…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub Discussions and Audit Log Streaming, new automation features, and security enhancements are available now in GitHub Enterprise Server 3.6.

We’re reporting on a six-month period rather than annually to increase our level of transparency. For this report, we’ve continued with the more granular reporting we began in our 2021 reports.

GitHub Enterprise Server 3.6 is now generally available. With a host of improvements for developers, security and administration teams, this update makes developing secure software easier for everyone. It brings…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

Dependabot alerts listed at the organization level are now easier to prioritize with the new “Most Important” sort, which released recently for the repository list view of Dependabot alerts. Learn…

Today, GitHub code scanning has all of LGTM.com’s key features—and more! The time has therefore come to announce the plan for the gradual deprecation of LGTM.com.

GitHub Advanced Security customers can now dry run their secret scanning custom patterns on all repositories within an organization. Previously, admins could only dry run on a maximum of 10…

As GitHub Pages, home to 16 million websites, approaches its 15th anniversary, we’re excited to announce that all sites now build and deploy with GitHub Actions.

The GitHub Advisory Database now includes curated security advisories for vulnerabilities on GitHub Actions. This brings the Advisory Database to ten supported ecosystems, including: Composer, Go, Hex, Maven, npm, NuGet,…

GitHub Actions gives teams access to powerful, native CI/CD capabilities right next to their code hosted in GitHub. Starting today, GitHub will send a Dependabot alert for vulnerable GitHub Actions, making it even easier to stay up to date and fix security vulnerabilities in your actions workflows.

From hosting private packages in a private repository to tightening your security profile with GITHUB_TOKEN, here are five simple ways you can streamline your workflow with GitHub Packages.

It’s now easier to debug CodeQL analysis problems in code scanning: click Re-run jobs from the GitHub Actions workflow run page, check the Enable debug logging box, and hit the…

The GitHub Enterprise Server 3.6 Release Candidate is available and contains exciting updates and additions across the board. Release Candidates are a way for you to try the latest features…