Search results for: organization

Along with the release of sponsors-only repositories, here’s a look at what’s new and what’s next for Sponsors.

Since our last update, we have a number of exciting updates to share with you for the new projects experience. Including improvements which shorten the gap between the original projects…

Starting today, we are rolling out mandatory 2FA to all maintainers of top-100 npm packages by dependents.

Are you on Slack Enterprise Grid? Do you have multiple Slack workspaces in your organization where you need to use our GitHub app?If yes, this is a feature for you!…

If your GitHub organization is owned by an enterprise account, you can now innersource automation by sharing Actions only within your enterprise without publishing them publicly. You can store the…

Organization owners on GitHub.com and GitHub Enterprise Cloud can now export the date of last activity for members, as well as their SAML NameID, and details on whether the member…

GitHub audit log streaming is now out of beta and generally available. Your experience using audit log streaming will not change, but we expanded the number of options you have…

When digital infrastructure is overlooked by governments, it isn’t just a missed opportunity: policies may inadvertently endanger open source collaboration.

GitHub Advanced Security customers can now retrieve private repository secret scanning results at the enterprise level via the GitHub REST API. This new endpoint supplements the existing repository-level and organization-level…

We have introduced a new policy setting that controls whether GitHub Actions can approve pull requests. This protects against a user using Actions to satisfy the “Required approvals” branch protection…

My colleague Stormy Peters and I are proud to represent GitHub at the White House’s Open Source Software Security Summit.

As part of our ongoing commitment to npm ecosystem security, and in advance of enforcing two-factor authentication for top packages maintainers, the npm team has been hard at work improving…

The GitHub Security Lab’s CodeQL bounty program fuels GitHub Advanced Security with queries written by the open source community.

Previously, when running a job that requires a self-hosted runner, GitHub Actions would look for self-hosted runners in the repository, organization, and enterprise, in that order. We are changing that…

When you want to create a workflow in the Actions tab of your repository, the recommendations are now based on an analysis of repo content.

Following our last update, we have a number of exciting updates and improvements being released today for the new projects experience. 🔗 Stay in sync with linked pull requests One…

This blog post tells the story of why we built a new search engine optimized for code.

Use GitHub’s security features to assess Apache Log4j exposure and, where possible, mitigate this vulnerability within your GitHub repositories.

Defining your security requirements is the most important proactive control you can implement for your project. Here’s how.

GitHub Enterprise Cloud users can now configure two new permissions when managing custom repository roles: View secret scanning results Dismiss or reopen secret scanning results You can learn more about…

We shipped a ton of updates in November, from the push notification for PR review activities on the go, to an easy way to create Markdown links.