Search results for: repository

A behind-the-scenes peek into the machine learning framework powering new code scanning security alerts.

GitHub Advanced Security customers can now enable secret scanning for their archived repositories via the UI and API. For more information: About secret scanning About archived repositories

This release adds support for viewing fixed alerts to the GraphQL API. This update also adds the ability to access and filter by state, as well as access unique numeric…

GitHub Enterprise Server 3.4 is now generally available for all customers. This release makes software development faster and more secure with new features like reusable workflows, Dependabot security updates, and GitHub Advanced Security enhancements.

As you may or may not know, gists are actually Git repositories. New gists are now created with a default branch name of either main or the alternative default branch…

Reusable workflows offer a simple and powerful way to avoid copying and pasting workflows across your repositories.

A comprehensive guide for vulnerability reporters.

Today, we’re shipping improvements to Dependabot alerts that make them easier to understand and remediate.

Users can now retrieve all their code scanning alerts at the GitHub organization level via the REST API. This new API endpoint supplements the existing repository level endpoint. This API…

Here’s January’s top staff picks on projects that shipped major version releases.

The Update branch button on the pull request page lets you update your pull request’s branch with the latest changes from the base branch. This is useful for verifying your…

Implementation of the Primer NavigationList component and design upgrade to our user, organization, repository and teams settings pages has shipped to all github.com users. The new NavigationList component groups similar…

A quick guide on the advantages of using GitHub Actions as your preferred CI/CD tool—and how to build a CI/CD pipeline with it.

You can now offer private repository access linked to a sponsor tier. GitHub will keep the list of collaborators in sync with your sponsors. You could use this for early…

Along with the release of sponsors-only repositories, here’s a look at what’s new and what’s next for Sponsors.

Since our last update, we have a number of exciting updates to share with you for the new projects experience. Including improvements which shorten the gap between the original projects…

Starting today, we are rolling out mandatory 2FA to all maintainers of top-100 npm packages by dependents.

The dependency graph now supports detecting GitHub Actions workflow YAML files. These will be displayed within the dependency graph section in the Insights tab. Repositories that publish actions will also…

The dependency graph helps developers and maintainers understand the code they depend on, and now includes GitHub Actions!

In GitHub’s latest transparency report, we’re giving you a by-the-numbers look at how we responded to requests for user info and content removal.

You can now reference local reusable workflows more easily. With this release, reusable workflows that are in the same repository as the calling repository can be referenced with just the…