How the community powers GitHub Advanced Security with CodeQL queries
The GitHub Security Lab’s CodeQL bounty program fuels GitHub Advanced Security with queries written by the open source community.
The GitHub Security Lab’s CodeQL bounty program fuels GitHub Advanced Security with queries written by the open source community.
Previously, when running a job that requires a self-hosted runner, GitHub Actions would look for self-hosted runners in the repository, organization, and enterprise, in that order. We are changing that…
When you want to create a workflow in the Actions tab of your repository, the recommendations are now based on an analysis of repo content.
Following our last update, we have a number of exciting updates and improvements being released today for the new projects experience. 🔗 Stay in sync with linked pull requests One…
This blog post tells the story of why we built a new search engine optimized for code.
Use GitHub’s security features to assess Apache Log4j exposure and, where possible, mitigate this vulnerability within your GitHub repositories.
Defining your security requirements is the most important proactive control you can implement for your project. Here’s how.
GitHub Enterprise Cloud users can now configure two new permissions when managing custom repository roles: View secret scanning results Dismiss or reopen secret scanning results You can learn more about…
We shipped a ton of updates in November, from the push notification for PR review activities on the go, to an easy way to create Markdown links.
Last week, GitHub joined the Internet Governance Forum to spread awareness of developers’ initiatives and public policy interests.
GitHub Enterprise Cloud customers participating in the audit log streaming public beta may now use Google Cloud Storage when configuring a stream. This will allow tools that support Google Cloud…
GitHub Enterprise Server is now generally available for all customers. This release improves performance for CI/CD and for customers with large repositories.
GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow.
We’re consistently expanding the capabilities of projects (boards & tables) on GitHub, and we’ve got a handful of exciting updates and improvements launching today. 💫 View your boards by any…
Are you a student in India? Applications are open for the GitHub Externships Winter Cohort!
Team sync support for Okta is now generally available for GitHub Enterprise Cloud customers. Team sync allows GitHub.com organizations to sync an identity provider’s groups’ members to teams in GitHub.…
Organization owners can now unsubscribe from email notifications when new deploy keys are added to repositories belonging to their organizations. For more info, see our docs.
It is now possible to list, add, and remove runner labels for Actions self-hosted runners via API. For more info on using the new APIs at a repository, organization, or…
A public beta of the new GitHub Issues, a “security manager” role for organizations, a command palette beta, and lots more.
After our GitHub Issues public beta announcement at GitHub Universe, we’ve seen teams start to engage with and adopt project tables, boards and all of our recently released features. Now that we’re…
GitHub puts the needs of developers at the core of our content moderation policies. Learn more about our approach and how you can contribute.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Join us October 28-29 in San Francisco or online for GitHub Universe, our flagship developer event uniting people, agents, and the world’s code.