Search results for: community

With the successful liftoff of the James Webb Space Telescope, we ask our very own Arfon Smith about the history of open source and space science.

From answering questions about a new release to fielding feature requests, here’s how five open source communities use GitHub Discussions.

My colleague Stormy Peters and I are proud to represent GitHub at the White House’s Open Source Software Security Summit.

Learn how the GitHub Mobile Team automates their release process with GitHub Actions.

The GitHub Classroom team is excited to announce our new experience for viewing information about your assignments! These changes will be gradually rolling out over the next week. The revamped…

GitHub was honored to contribute to the Santa Clara Principles on Transparency and Accountability in Content Moderation 2.0.

In this post, I’ll discuss how to apply OWASP Proactive Control C2: Leverage security frameworks and libraries.

Looking to avoid security vulnerabilities, buttons that don’t work, slow site speeds, or manually writing release notes? This one’s for you.

Defining your security requirements is the most important proactive control you can implement for your project. Here’s how.

On Thursday, December 9, 2021, GitHub was made aware of a vulnerability in the Log4j logging framework, CVE-2021-44228.

We shipped a ton of updates in November, from the push notification for PR review activities on the go, to an easy way to create Markdown links.

Last week, GitHub joined the Internet Governance Forum to spread awareness of developers’ initiatives and public policy interests.

In the latest update to our GitHub-hosted runners virtual environments, Node.js 16 has become the default version of node and npm 8 has become the default version of npm. To…

Starting 12-09-2021, GitHub Actions workflows triggered by Dependabot for the create, deployment, and deployment_status events will always receive a read-only token and no secrets. Starting 12-09-2021, GitHub Actions workflows triggered…

Precise code navigation is powered by stack graphs, a new open source framework that lets you define the name binding rules for a programming language.

This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place.

The end of the year is getting closer, and our communities are busy working away on their projects. While you’ve all been busy maintaining open source projects and shipping releases,…

Are you a student in India? Applications are open for the GitHub Externships Winter Cohort!

GitHub Actions workflows triggered by Dependabot will now be sent the Dependabot secrets. This change will enable you to pull from private package registries in your CI using the same…

DRY your Actions configuration with reusable workflows (and more!)

Reusable workflows are now generally available. Reusable workflows help you reduce duplication by enabling you to reuse an entire workflow as if it were an action. A number of improvements…