Search results for: community

Looking to avoid security vulnerabilities, buttons that don’t work, slow site speeds, or manually writing release notes? This one’s for you.

Defining your security requirements is the most important proactive control you can implement for your project. Here’s how.

On Thursday, December 9, 2021, GitHub was made aware of a vulnerability in the Log4j logging framework, CVE-2021-44228.

We shipped a ton of updates in November, from the push notification for PR review activities on the go, to an easy way to create Markdown links.

Last week, GitHub joined the Internet Governance Forum to spread awareness of developers’ initiatives and public policy interests.

In the latest update to our GitHub-hosted runners virtual environments, Node.js 16 has become the default version of node and npm 8 has become the default version of npm. To…

Starting 12-09-2021, GitHub Actions workflows triggered by Dependabot for the create, deployment, and deployment_status events will always receive a read-only token and no secrets. Starting 12-09-2021, GitHub Actions workflows triggered…

Precise code navigation is powered by stack graphs, a new open source framework that lets you define the name binding rules for a programming language.

This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place.

The end of the year is getting closer, and our communities are busy working away on their projects. While you’ve all been busy maintaining open source projects and shipping releases,…

Are you a student in India? Applications are open for the GitHub Externships Winter Cohort!

GitHub Actions workflows triggered by Dependabot will now be sent the Dependabot secrets. This change will enable you to pull from private package registries in your CI using the same…

DRY your Actions configuration with reusable workflows (and more!)

Reusable workflows are now generally available. Reusable workflows help you reduce duplication by enabling you to reuse an entire workflow as if it were an action. A number of improvements…

A light high contrast theme, with greater contrast between foreground and background elements, is now available to all github.com users in a public beta. Navigate to the “Appearance” page in…

You can now enjoy a higher per-repository cache size. The cache storage for each repository has doubled to 10GB. This enables Actions users on github.com to run workflows faster by caching…

A recap of all the GitHub Education news from Universe 2021, including the new Intro to Web Dev Experience.

A public beta of the new GitHub Issues, a “security manager” role for organizations, a command palette beta, and lots more.

In this post, I’ll use three bugs that I reported to Qualcomm in the NPU (neural processing unit) driver to gain arbitrary kernel code execution as root user and disable SELinux from the untrusted app sandbox in an Android phone.

GitHub puts the needs of developers at the core of our content moderation policies. Learn more about our approach and how you can contribute.

The State of the Octoverse analyzes data from millions of developers & repos to share trends across working habits, productivity, and career satisfaction.