Search results for: community

You can now create a custom role to bypass branch protections without having to grant the Admin role. Previously, to bypass branch protections you had to be an Admin which…

As part of GitHub Enterprise Server 3.6, enterprise customers will now be able to use GitHub Discussions.

We’re reporting on a six-month period rather than annually to increase our level of transparency. For this report, we’ve continued with the more granular reporting we began in our 2021 reports.

Today, GitHub code scanning has all of LGTM.com’s key features—and more! The time has therefore come to announce the plan for the gradual deprecation of LGTM.com.

As GitHub Pages, home to 16 million websites, approaches its 15th anniversary, we’re excited to announce that all sites now build and deploy with GitHub Actions.

GitHub Actions gives teams access to powerful, native CI/CD capabilities right next to their code hosted in GitHub. Starting today, GitHub will send a Dependabot alert for vulnerable GitHub Actions, making it even easier to stay up to date and fix security vulnerabilities in your actions workflows.

We’ve expanded access to GitHub’s security overview pages in two ways: All GitHub Enterprise accounts now have access to the security overview, not just those with GitHub Advanced Security All…

Supply chain attacks exploit our implicit trust of open source to hurt developers and our customers. Read our proposal for how npm will significantly reduce supply chain attacks by signing packages with Sigstore.

While some of us have been wrapping up the financial year, and enjoying vacation time, others have been hard at work shipping open source projects and releases. These projects include…

From hosting private packages in a private repository to tightening your security profile with GITHUB_TOKEN, here are five simple ways you can streamline your workflow with GitHub Packages.

Code review on GitHub has evolved a lot since we introduced the ability to comment on an individual commit in 2008. Users today can propose a change using a pull…

Previously we retained self-hosted GitHub Action runners in the GitHub Actions UI for 30 days after they were last seen to connect. With the growth in the use of ephemeral…

[August 2, 2022] Update: In order to better reach and improve the web experience for enterprise users, we are adding non-essential web cookies to certain subdomains that specifically market our…

Attention all students! Make managing your virtual hackathon events even easier with the new Hackathon in the Cloud Experience.

Organizations participating in the security manager role public beta may now manage security manager teams via the GitHub REST API. In addition, legacy organizations can now participate in the public…

GitHub Enterprise Cloud (GHEC) customers can now participate in a private beta enabling audit log streaming to a Datadog endpoint. Audit log streaming to Datadog not only allows enterprises to…

Marketing your open source project can be intimidating, but three experts share their insider tips and tricks for how to get your hard work on the right people’s radars.

The new “For you” feed (Public Beta) is now sorted in chronological order. For questions or feedback, visit the GitHub Feed feedback.

It’s been a crazy couple of months with the end of financial year and lots of products shipping. Our community has been hard at work shipping projects too. These projects…

In this post I’ll exploit CVE-2022-20186, a vulnerability in the Arm Mali GPU kernel driver and use it to gain arbitrary kernel memory access from an untrusted app on a Pixel 6. This then allows me to gain root and disable SELinux. This vulnerability highlights the strong primitives that an attacker may gain by exploiting errors in the memory management code of GPU drivers.

Today, we are announcing the general availability of the new and improved Projects powered by GitHub Issues. GitHub Projects connects your planning directly to the work your teams are doing in GitHub and flexibly adapts to whatever your team needs at any point.