Search results for: repository

On December 13, 2023, we released CodeQL Action v3, which runs on the Node.js 20 runtime. In January 2024, we announced that CodeQL Action v2 would be retired at the…

In the last few months, we secured 75+ GitHub Actions workflows in open source projects, disclosing 90+ different vulnerabilities. Out of this research we produced new support for workflows in CodeQL, empowering you to secure yours.

How Copilot can generate unit tests, refactor code, create documentation, perform multi-file edits, and much more.

Welcome to another week of Copilot Workspace updates! We have a bunch this week, so let’s jump right in! 🎉 Copilot Workspace Handling large files Workspace will now inform you…

To enhance auditing and troubleshooting, we’ve introduced new webhook and audit log events to track the completion of certain secret backfill scans on repositories. The events specify the type of…

An interview with economic researchers analyzing the causal effect of GitHub Copilot on how open source maintainers work.

Learn how GitHub Artifact Attestations can enhance your build security and help your organization achieve SLSA Level 3. This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing your build process.

The Windows 2025 server image for GitHub Actions hosted runners is now available in public preview. To start using this image in your Actions workflows, update your workflow file to…

You can now more easily filter secret scanning alerts, with new filter options and advanced filtering. Enterprise and organization level list views now include a new menu with commonly used…

Following our “Evolving GitHub Issues” announcement we’ve continued to improve the experience based on your feedback, including closing an issue as a duplicate, a REST API for sub-issues, and expanding…

We released a new open source byte-pair tokenizer that is faster and more flexible than popular alternatives.

You can now fork a public repository to your personal account directly from GitHub Mobile! This new feature allows you to easily create your own copy of a public repository…

Learn how I discovered 11 new vulnerabilities by writing CodeQL models for Gradio framework and how you can do it, too.

We’re excited to announce that persistent commit signature verification is now generally available! This powerful feature ensures that commit signatures are verified once at the time of the push and…

As you may have seen in Discord a few weeks ago, Copilot Workspace is graduating! It is a very exciting time, and also a time of change. So before getting…

Repository rules now allow you to enforce which merge methods are available when merging pull requests into a specified branch. The merge method rule is available for rulesets at the…

When configuring CodeQL security analysis using code scanning’s default setup, you can now specify whether to run the analysis on a standard GitHub-hosted runner, a larger GitHub-hosted runner, or a…

GitHub Enterprise Server 3.15 is now generally available GitHub Enterprise Server 3.15 is now available for download. Some key features & highlights you can find in this release include: Updated…

For organization owners, managing the security manager role is now easier and more flexible. These updates empower you to tailor security responsibilities and streamline role assignments to fit your needs:…

You can now export security data for offline analysis, reporting, and archival purposes on the enterprise-level security overview pages. This includes: Enterprise-level overview dashboard: Export alert-level data for all your…

This update includes several key improvements: Copilot Chat on Mobile now includes beta supports for Copilot Extensions, iOS users can enjoy three new app icons in celebration of Universe, and…