Search results for: repository

Our full year of 2023 transparency reporting data is now available and we’re taking a deep dive into how a form change caused an abrupt increase in circumvention claims.

Dependabot security updates help you keep your dependencies secure by opening pull requests when a Dependabot alert is raised. With today’s release, you can now use flexible grouping options in…

Here’s how merge queue transformed the way GitHub deploys changes to production at scale, so you can do the same for your organization.

With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.

GitHub Enterprise Server 3.12 is generally available GitHub Enterprise Server 3.12 is now generally available and gives customers more fine-grained control over deployment requirements, as well as enhanced security controls.…

We’ve started the rollout for enabling push protection on all free user accounts on GitHub. This automatically protects you from accidentally committing secrets to public repositories, regardless of whether the…

With push protection now enabled by default, GitHub helps open source developers safeguard their secrets, and their reputations.

Learn how your organization can customize its LLM-based solution through retrieval augmented generation and fine-tuning.

GitHub Copilot Enterprise, our most advanced AI offering to date, is now generally available. With GitHub Copilot Enterprise, you can: Gain a deeper understanding of your organization’s unique codebase: Copilot…

Enterprise Managed Users can now enable secret scanning on their user namespace repositories. Owners of user repositories will receive secret scanning alerts when a supported secret is detected in their…

The first Git release of 2024 is here! Take a look at some of our highlights on what’s new in Git 2.44.

Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.

Secret scanning is extending validity check support to Mailgun (mailgun_api_key) and Mailchimp (mailchimp_api_key) API keys. Validity checks indicate if the leaked credentials are active and could still be exploited. If…

The GitHub Enterprise Server 3.12 release candidate is here GitHub Enterprise Server 3.12 gives customers more fine-grained control over deployment requirements, enhanced security controls, and some . Here are a…

Developers with free accounts on GitHub could enable secret scanning’s push protection at the user level since last August. This automatically protects you from accidentally committing secrets to public repositories,…

A peek under the hood of GitHub Advanced Security code scanning autofix.

If you use private hosted pub repositories or registries to manage your Dart dependencies, Dependabot can now automatically update those dependencies. By adding the details of the private repository or…

The npm engineering team recently transitioned to using GitHub Codespaces for local development for npm registry services. This shift to Codespaces has substantially reduced the friction of our inner development loop and boosted developer productivity.

Funding AI advancements in the open, and opening applications for second Accelerator cohort.

The secret_scanning_alert webhook is sent for activity related to secret scanning alerts. Secret scanning webhooks now support validity checks, so you can keep track of changes to validity status. Changes…

We listened to your feedback and released new versions (v4) of actions/upload-artifact and actions/download-artifact. While this version of the actions to upload and download artifacts includes up to 10x performance improvements and several new features, there are also key differences from previous versions that may require updates to your workflows.