Search results for: repository

npm will now check the linked source commit and repository when you view a package’s provenance information on npmjs.com. If the linked source commit or repository cannot be found, an…

With GHES 3.9, you and your organization can better manage your Dependabot alerts thanks to more granular enablement controls. You can now enable Dependabot alerts at the repository, organization, and…

We are introducing a number of enhancements, bug fixes and a breaking API change to repository rules. 1. UI Updates * Added a repository picker to target select repositories for…

Code scanning default setup now automatically updates when the languages in a repository change. If a repository that uses default setup changes to include the languages JavaScript/TypeScript, Ruby, Python, or…

The latest release of CodeQL for VS Code includes new functionality for creating lists of target repositories for multi-repository variant analysis with GitHub code search. Multi-repository variant analysis (MRVA) allows…

Code scanning now has the option to enable default setup for a subset of languages in a repository. This lets you customize the configuration to suit your repository’s needs, for…

We’ve now made it easier to understand changes to your repositories with the new activity view. Historically viewing pushes to a repository required contacting GitHub support. This new activity view…

Actions are coming to your Repositories on GitHub Mobile! Find all your repository’s workflows in one convenient place. Tapping on the new “Actions” row on a Repository now shows you…

On March 30, 2023, we fixed a bug that allowed a dependency graph hovercard URL to be used to retrieve the name, description, and star count of any repository on…

We’ve gotten great feedback on default setup, a simple way to set up code scanning on your repository. Now, you have the ability to use default setup across your organization’s repositories, in just one click.

Today we are announcing the public beta of repository rules! 🎉 Repository rules are GitHub’s next evolution of branch protections to help make your repositories more secure and compliant at…

You can now filter by repository topic or team on the enterprise-level Dependabot, code scanning, and secret scanning pages in security overview. These improvements have shipped to GitHub.com and will…

After recently adding the archive date of repositories to the GitHub UI, the timestamp is now also available in GraphQL API responses. Users can now query the archivedAt timestamp of…

You can now filter by repository topic or team on the organization-level Dependabot, code scanning, and secret scanning pages in security overview. These improvements have shipped to GitHub.com and will…

You can now programmatically view and act on repository advisories via a new REST API. New endpoints to create, view, list, and update advisories are available to all. Additionally, new…

The dependency graph shows a summary of the manifest and lock files stored in a repository. The repository view has an updated user experience that includes: Search by package name…

The new code scanning tool status page allows users to view the status of CodeQL and other code scanning tools. The page shows all the tools that are enabled on…

Code scanning have shipped an API for repositories to programmatically enable code scanning default setup with CodeQL. The API can be used to: Onboard a repository to default setup: gh…

Today we have released multi-repository variant analysis for CodeQL in public beta to help the OSS security community power up their research with CodeQL. CodeQL is the static code analysis…

Multi-repository variant analysis lets you scale security research across thousands of repositories, giving you a powerful tool to find and respond to newly discovered vulnerabilities.

The Custom Repository Roles REST API has moved to general availability, with a breaking change to the path used. Previously, the API was found at /orgs/{org}/custom_roles – it has been…