Search results for: Security

Believe it or not, just over a year ago, GitHub Pages, the documentation hosting service that powers nearly three-quarters of a million sites, was little more than a 100-line shell…

Like most online services, GitHub occasionally receives legal requests relating to user accounts and content, such as subpoenas or takedown notices. You may wonder how often we receive such requests…

The Git developers have just released a major new version of the Git command-line utility, Git 2.3.0. As usual, this release contains many improvements, performance enhancements, and bug fixes. Full…

As a company grows, people and projects change. To continue to nurture the culture we want at GitHub, we’ve found it useful to remind ourselves what we aim for when…

Providing well-written documentation helps people understand, make use of, and contribute back to your project, but it’s only half of the documentation equation. The underlying system used to serve documentation…

To keep GitHub as secure as possible for every user, we will remove RC4 support in our SSL configuration on github.com and in the GitHub API on January 5th 2015.…

A critical Git security vulnerability has been announced today, affecting all versions of the official Git client and all related software that interacts with Git repositories, including GitHub for Windows…

Since we introduced the Status API, you’ve been able to improve the quality of your code by including the status of a pull request within the conversation timeline, for every…

Today, we’re releasing an all-new GitHub Enterprise designed to make it even easier for developers and businesses around the world to use GitHub at work. Now available on Amazon Web…

We’ve just released some major improvements to our organization audit logs. As an organization admin, you can now see a running list of events as they’re generated across your organization,…

We’ve changed the process for adding new GitHub users to your organization. Starting today, users you add will be sent an email invitation. Once they accept this invitation, they’ll become…

GitHub Enterprise releases are all about offering large companies more of GitHub to deploy in their own environments, and today’s release is no exception. We’ve added a number of features…

On Tuesday, March 11th, GitHub was largely unreachable for roughly 2 hours as the result of an evolving distributed denial of service (DDoS) attack. I know that you rely on…

As we announced previously we’ve improved our SSL setup by deploying forward secrecy and improving the list of supported ciphers. Deploying forward secrecy and up to date cipher lists comes…

Some GitHub user accounts with weak passwords were recently compromised due to a brute force password-guessing attack. I want to take this opportunity to talk about our response to this…

To follow up with our recent two-factor authentication security feature, we are giving users more insight into their active browser sessions. Under Account settings > Security History you will see…

Today we’re adding two-factor authentication to GitHub. When you enable this feature, it adds an additional layer of security to your account. When logging in to GitHub, after providing your…

In the ongoing effort to keep our users safe, we recently took inspiration from the Unix sudo command. We wanted to require password confirmation for dangerous actions on GitHub.com, but…

We work very hard to keep GitHub fast. Ruby is not the fastest programming language, so we go to great lengths benchmarking and optimizing our large codebase: our goal is…

Last Friday we announced and performed a migration of all GitHub Pages to their own github.io domain. This was a long-planned migration, with the specific goal of mitigating phishing attacks…

Beginning today, all GitHub Pages sites are moving to a new, dedicated domain: github.io. This is a security measure aimed at removing potential vectors for cross domain attacks targeting the…