Search results for: Security

CodeQL now supports more libraries and frameworks for a variety of languages (C++, JavaScript, Python,Java, Go). The CodeQL engine can now detect more sources of untrusted user data, which improves…

Today, the Git project released new versions to address CVE-2021-21300: a security vulnerability in the delayed checkout mechanism used by Git LFS during git clone operations affecting versions 2.15 and…

In January 2020, the World Health Organization (WHO) declared a state of emergency. Even before the novel coronavirus had an official name, it set off global travel restrictions, widespread closures,…

In this first episode, I’ll do a brief introduction on how Apache HTTP works, and I’ll give you some insights into custom mutators and how they can be applied to the HTTP protocol effectively.

Last week we kicked off GitHub InFocus, a global virtual series just for software teams. We discussed the importance of developer experience and innersource—and how key collaboration really is. Next…

Software security doesn’t end at the boundaries of your own code. The moment a library dependency is introduced, you’re adopting other people’s code and any bugs that come with it.…

At GitHub, we put developers first, and we work hard to provide a safe, open, and inclusive platform for code collaboration. This means we are committed to minimizing the disruption…

The Audit Log now includes events associated with GitHub Actions workflow runs. This data provides enterprise customers with a greatly expanded data set for security and compliance audits. New events…

Developers know the value of openness, and increasingly policymakers are taking note. Open source and open standards approaches offer promising solutions to mounting policy problems related to digital sovereignty. One…

This year we hosted our first all-virtual GitHub Universe—and you tuned in to join us from 174 regions around the world! We knew there was even more to cover, so…

Starting March 1st, 2021 workflow runs that are triggered by Dependabot from push, pull_request, pull_request_review, or pull_request_review_comment events will be treated as if they were opened from a repository fork.…

GitHub Enterprise Server 3.0 is now generally available. Launched earlier this year as a release candidate, Enterprise Server 3.0 enables companies hosting GitHub themselves to securely take ideas from code…

Today we’re announcing general availability of GitHub Enterprise Server 3.0. Introduced during the GitHub Universe 2020 keynote, it’s the biggest ever change to Enterprise Server. Every company using GitHub can…

The code scanning API allows users to upload data about static analysis security testing results, or export data about alerts. We are releasing updates to the API including: When uploading…

Supply chain attacks are a reality in modern software development. Thankfully, you can reduce the attack surface by taking precautions and being thoughtful about how you manage your dependencies. We…

With the new process of publishing an application on GitHub Marketplace, you can now reach out to millions of GitHub users easier and faster. The simplified process enables you to…

Not everyone takes a break over the festive season. Some people in the community have been busy shipping releases. So we’re here to bring you the latest and greatest releases…

At GitHub, our community is at the heart of everything we do. We want to make it easier to build the things you love, with the tools you prefer to…

In the fourth installment of our five-part series on building GitHub’s new homepage, we’ll explore the artistic pipeline at GitHub to explain story, character and color, and to show how…

GitHub is committed to shaping public policies that support developers around the globe. Last year, we advised policymakers, supported legal action, and spoke directly to developers on policy in jurisdictions…

In the decade since the word “DevOps” was coined, its goal has stayed the same—but the way organizations implement DevOps is constantly changing. For a closer look , we sat…