Search results for: repository

Earlier this month, we challenged you to a Call to Hacktion—a CTF (Capture the Flag) competition to put your GitHub Workflow security skills to the test. Participants were invited to…

Submodules defined with relative paths are now clickable in the web UI, making it easy to navigate to linked repositories. Previously, only submodules with absolute URLs were clickable. Only relative…

We now group multiple Dependabot alerts together if they’re discovered at the same time. This significantly reduces the volume of Dependabot alert notifications that users receive. A user with admin…

Last month, a member of the CodeQL security community contributed multiple CodeQL queries for C# codebases that can help organizations assess whether they are affected by the SolarWinds nation-state attack on various parts of critical network infrastructure around the world.

The latest version of GitHub Mobile includes native support of GitHub Releases: View your repository’s releases on the go. Read release notes to keep up with everything new in the…

Every day, GitHub serves the needs of over 56M developers, working on over 200M code repositories. All but a tiny fraction of those repositories are served with amazing performance, for…

The open source Git project just released Git 2.31 with features and bug fixes from 85 contributors, 23 of them new. Last time we caught up with you, Git 2.29…

Dependabot’s mission is to keep all of your dependencies free of vulnerabilities and up-to-date, but until now, it hasn’t been able to update all of your private dependencies. That meant…

Dependabot can now access dependencies from authenticated private registries, such as GitHub Packages, Azure Artifacts, and Artifactory. These private registries are similar to their public equivalents, but they require authentication…

It has been a year since we’ve launched the first public release of GitHub CLI. Since, we have added functionality to manage your repositories, comment on issues, enable auto-merge for…

This post features a guest interview with Diego M. Oppenheimer, CEO at Algorithmia Over the past few years, machine learning has grown in adoption within the enterprise. More organizations are…

GitHub Advanced Security customers can now view their active committer count and the remaining number of unused committer seats on their organization or enterprise account’s Billing page. If Advanced Security…

In a recent paper written by Nicole Forsgren and her colleagues, “The SPACE of developer productivity: There’s more to it than you think,” there is an irony that is hard…

GitHub Discussions is now available for private repositories. To get started, maintainers and admins of private repositories can now enable Discussions under Features in the repository settings. For more information,…

In December 2020, we launched the public beta of GitHub Discussions, a collaborative communication forum that allows community members to ask and answer questions, share updates, and have open-ended conversations.…

Today, the Git project released new versions to address CVE-2021-21300: a security vulnerability in the delayed checkout mechanism used by Git LFS during git clone operations affecting versions 2.15 and…

Secret scanning on private repositories now notifies commit authors when they push a change that includes a potential secret. The commit author can view the associated alert and mark it…

You can now attach files, including images, to markdown files while you’re editing them in the web. This works just like file attachments in issues and pull requests and supports…

​We changed the REST API authorization logic for maintainer fork collaborators to address an improper write access control bug identified by an independent bug bounty researcher. Under certain circumstances, this…

Software security doesn’t end at the boundaries of your own code. The moment a library dependency is introduced, you’re adopting other people’s code and any bugs that come with it.…

At GitHub, we put developers first, and we work hard to provide a safe, open, and inclusive platform for code collaboration. This means we are committed to minimizing the disruption…