Search results for: repository

The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code.

We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure.

GitHub Advanced Security customers using secret scanning can now opt to receive a webhook each time a secret is detected in a new location. The secret_scanning_alert_location webhook event includes location…

From automating builds and releases to taking care of large-scale regression testing, here are a few ways we use GitHub Actions to build GitHub.

The CodeQL runner has been deprecated in favor of the CodeQL CLI. As previously announced, starting March 14th, the CodeQL bundle now no longer includes the CodeQL runner. This deprecation…

Organization members and teams can now be granted a moderator role. Organization moderators are able to: Block and unblock users from the organization Manage organization interaction limits Manage repository interaction…

Organizations with GitHub Advanced Security can now prevent secret leaks with secret scanning’s new push protection feature. For repositories with push protection enabled, GitHub will block any pushes where a…

Organizations with GitHub Advanced Security can now proactively protect against secret leaks with secret scanning’s new push protection feature.

The code scanning alert page now shows the analysis origin for an alert. Code scanning alerts can originate from different analysis configurations on a repository. These may be using different…

We believe our technical interviews should be as similar as possible to the way we work at GitHub.

Securing your projects is no easy task, but end-to-end supply chain security is more top of mind than ever. We’ve seen bad actors expand their focus to taking over user…

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, we help protect users from data leaks and fraud associated with…

GitHub Education is fired up for the return of .Tech Domains developer community competition: Break The Code 2. We’ve hacked in some new enigmas, cheat codes, and easter eggs for digital sleuths to uncover!

It’s now possible to ignore revisions in the blame view using a .git-blame-ignore-revs file in the root of your repository. For more information, see “Ignore commits in the blame view”.

You can now enforce consistent usage of self-hosted runner groups across your organization and enterprise.

You can now create a branch to work on an issue directly from the issue page so that it’s easier to get started right away.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets we help protect users from data leaks and fraud associated with…

Our community has shipped lots of open source project updates in the last month. Here’s a few of our staff picks.

Dependency caching is one of the most effective ways to make jobs faster on GitHub Actions. You can now monitor the storage usage of your existing caches and get greater…

It is now possible to re-run only failed jobs or a single job in GitHub Actions workflows.

Today, we are sharing new updates to the projects (Beta) experience, including updated repository filters and custom charts for project insights. We are also sharing a preview of issues closed…