Search results for: organization

npm’s impact analysis of the attack campaign using stolen OAuth tokens and additional findings.

A two-part story about how GitHub’s Product Security Engineering team rolled out Dependabot internally to track vulnerable dependencies, and how GitHub tracks and prioritizes technical debt.

The enterprise and organization level audit logs now record an event when a secret scanning alert is created, closed, or reopened. This data helps GitHub Advanced Security customers understand actions…

We’re excited to announce some big improvements to our REST API documentation. We know developers rely on this documentation to integrate with GitHub, and we are committed to making it trustworthy, easy to find, and easy to use.

GitHub Sponsors is now available to all developers in India – no more waitlist, you can sign up right away!

It was another record year for our Security Bug Bounty program. We’re excited to highlight some achievements we’ve made together with the bounty community from 2021!

Each month, we highlight open source projects that have shipped major updates. These include everything from world-changing technology to developer tooling, and weekend projects. Here are our top staff picks…

With innersource, it’s important to measure both the amount of innersource activity and the quality of the code being created. Here’s how.

Our newly available ISO/IEC 27001:2013 Certification report can be downloaded now. For enterprises, administrators may download this report by navigating to the Compliance tab of the enterprise account: https://github.com/enterprises/”your-enterprise”/settings/compliance. For…

At GitHub we use GitHub to build our own products, and the new projects experience is no different. Check out how our team uses projects to build powerful project planning for developers.

GitHub’s Information Security Management System (ISMS) has been certified against ISO 27001:2013, an internationally recognized standard for security program best practices.

GitHub Advanced Security customers can now dry run custom secret scanning patterns at the enterprise level (in addition to the organization and repository levels previously available). Dry runs allow admins…

Introduction Open Sauced, GitHub’s Explore page, Hacktoberfest, and First Timers Only help folks discover open source projects. This monthly series–Open Source Monthly—will add to these efforts by helping: First-time contributors…

Big news for computer science teachers! Today, we invite teachers to join GitHub Global Campus, the new home for all computer science teachers at GitHub! On Global Campus, teachers can…

Teachers, it is now your turn to join GitHub Global Campus with our student community! Get access to exclusive benefits, programs, and the Power of Codespaces at no cost in GitHub Classroom!

GitHub will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023.

To further reduce the risk of a user using Actions to merge a change into a protected branch that was not reviewed by another person, the organization setting to disallow…

This is the second and final post in a series describing friendly forks and alternative strategies for managing them.

Now organization admins can pin a repository to their public or member-facing organization profiles directly from the repository page with the new pin repository dropdown. Public repositories will be pinned…

Organizations with GitHub Advanced Security can now prevent secrets leaked in code committed via the command line and the GitHub web editor with secret scanning’s push protection feature. For repositories…

This is the first post in a two-part series describing friendly forks and alternative strategies for managing them. Stay tuned for part two coming in May!