Search results for: community

We’ve got some exciting news to share! We’ve been closely listening to your feedback, and one common challenge many of you faced was reviewing, and submitting your pull request reviews…

Discover the latest trends and insights on public software development activity on GitHub with the release of Q4 2023 data for the Innovation Graph.

Today, we’re releasing security tool-specific filters for the security overview dashboard and secret scanning metrics page. Have you ever wondered, “How well is my organization handling SQL injections?” or “How…

This blog post is an in-depth walkthrough on how we perform security research leveraging GitHub features, including code scanning, CodeQL, and Codespaces.

Today we are announcing exciting updates for GitHub Actions hosted runners, the cloud-based service that provides powerful virtual machines to developers and teams to integrate their automation and CI/CD workflows…

GitHub-hosted runners now support Azure private networking. Plus, we’ve added 2 vCPU Linux, 4 vCPU Windows, macOS L, macOS XL, and GPU hosted runners to our runner fleet.

Code security configurations simplify the rollout of GitHub security products at scale by defining collections of security settings that can be applied to groups of repositories. Your organization can apply…

GitHub Education is excited to announce the launch of our redesigned experience for Learners! Our goal was to enhance the GitHub Education experience, with a focus on learning new skills,…

It’s been a little over a month since GitHub Copilot Enterprise became generally available. Check out what’s new below! Enhanced contextual understanding and more relevant suggestions in GitHub.com Copilot Chat…

Customers desire clear, relevant, and actionable insights about how Actions workflows are being used in their organization. Today, we are thrilled to announce that Actions Usage Metrics is available in…

A discussion about how tech is aiding organizations fighting for gender equality, what it means to be a woman in tech and the world today, and advice on how we all move forward.

With the 2.16.5 release of CodeQL, we’re introducing a new mechanism for creating a CodeQL database for Java codebases, without relying on a build. This enables organizations to more easily…

Today, we’re releasing a host of new insights to the security overview dashboard, as well as an enhanced secret scanning metrics page. New dashboard insights Third-party alerts integration: Beyond GitHub’s…

CodeQL, the static analysis engine that powers GitHub code scanning, can now analyze Java projects without needing a build. This enables organizations to more easily roll out CodeQL at scale.…

Starting today, you can take advantage of the new “age” grouping for the alert trends graph and explore enhanced filter options on the security overview dashboard, aimed at improving your…

Code scanning autofix is now available in public beta for all GitHub Advanced Security customers. Powered by GitHub Copilot, code scanning suggests fixes for Javascript, Typescript, Java, and Python alerts…

Now in public beta for GitHub Advanced Security customers, code scanning autofix helps developers remediate more than two-thirds of supported alerts with little or no editing.

You can now monitor enablement trends for all security products within your GitHub organization. This functionality is designed to give you a detailed overview of how your organization is implementing…

In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that allows a malicious app to gain arbitrary kernel code execution and root on an Android phone. I’ll show how this vulnerability can be exploited even when Memory Tagging Extension (MTE), a powerful mitigation, is enabled on the device.

GitHub Copilot Chat in JetBrains IDEs is now generally available Following our Private Beta, we are thrilled to announce Copilot Chat in JetBrains IDEs is now generally available (GA) for…

Sponsoring multiple projects for multiple months just got easier. You can set up sponsorships for your dependencies in a CSV, review and edit the recurring sponsorships, and checkout in one…