Search results for: organization

More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.

The Fundamentals program has helped us address tech debt, improve reliability, and enhance observability of our engineering systems.

Secret scanning is extending validity check support to several additional token types. Validity checks indicate if the leaked credentials are active and could still be exploited. If you’ve previously enabled…

In practice, shifting left has been more about shifting the burden rather than the ability. But AI is bringing its promise closer to reality. Here’s how.

Code scanning can now be enabled on repositories even if they don’t contain any code written in the languages currently supported by CodeQL. Default setup will automatically trigger the first…

Consider deploying the GitHub Action: Evergreen so that you know each of your repositories are leveraging active dependency management with Dependabot.

Our latest solution to the ubiquitous engineering problem of integration testing in a distributed service ecosystem here at GitHub.

Calling all nonprofits! Do you want to implement open source software but don’t know where to start? We’ve got good news; you can easily get started by consulting our new guide.

Explore how DevEx boosts productivity and innovation according to new research.

Last month, we announced our plan to migrate from a strategy where student repositories are created from a template starter code repository to a strategy where student repositories are forked…

Discover the latest trends and insights on public software development activity on GitHub with the release of Q3 2023 data for the Innovation Graph.

Following our previous communication dated November 8, 2023, regarding the temporary rollback of the Copilot content exclusions feature, we are pleased to announce the re-deployment of this feature with significant…

The Repository Actions Runners List is now generally available. With the Repository Actions Runnners List you can view all available runners right within the Actions tab, without needing access to…

GitHub Actions continues its industry-leading support for the OSS community by doubling the Windows/Linux machine size to 4-vCPU runners at no cost for public repositories.

As we look to empower developers with AI tools, we inadvertently integrate AI deeper into the way developers work. How do developers feel about that? And what are the most impactful ways to introduce more AI into workflows? We recently conducted 25 in-depth interviews with developers to understand exactly that.

GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.

During the second cycle of Git Commit Uruguay, students learned the basics of AI and built their own AI-powered projects.

The new year brings new features and improvements for the Copilot Enterprise! 🎆 These changes are focused on streamlined onboarding and ease of use. As a reminder, Copilot Enterprise is…

Unlock your full potential with GitHub Certifications! Earning a GitHub certification will give you the competitive advantage of showing up as a GitHub expert.

The GitHub Security Lab teamed up with Ekoparty once again to create some challenges for its yearly Capture the Flag competition!

Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.