You can now change the maximum retention days for artifacts and logs in GitHub Actions, allowing you to better manage your storage space and to comply with your organizational retention…
Last week we launched code scanning out of beta and have since announced integrations with static analysis and developer security training solutions. By expanding our GitHub security ecosystem, developers can…
Limit use of external actions within Actions workflow for enterprises, organizations, and repositories.
Last week, we launched code scanning for all open source and enterprise developers, and we promised we’d share more on our extensibility capabilities and the GitHub security ecosystem. Today, we’re…
Temporary interaction limits give you control over who interacts with your public repositories. You can use them to force a cool-down period during heated discussions, or to prevent spam or…
The default branch name for new repositories is now main. To set a different default: For users, on the https://github.com/settings/repositories page For organization owners, on the https://github.com/organizations/YOUR-ORGANIZATION/settings/repository-defaults page For enterprise…
You can now fine-tune access to external actions. These updated settings make it easier to achieve your security and compliance goals with GitHub Actions. You can limit external actions to…
This post is the second in our series on using GitHub for MLOps and data science. Just joining in? Get started with part one. Most continuous integration (CI) tools only…
GitHub code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production. Today we’re excited to announce that code scanning is generally available on GitHub.com.…
Now available, code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production.
You can now use images from private registries in job and service containers. Job and Service containers in GitHub Actions allow you to containerize your CI environment and make databases,…
GitHub Enterprise Server 2.22 is now here with GitHub Actions, Packages and Advanced Security Code Scanning available for the very first time.
Dependabot can now update repositories that use RubyGems, use bundler, and vendor their gems by committing the vendor/cache folder to the repo. In your Dependabot configuration file, add a vendor:…
GitHub Actions gives you the power to automate your workflow. Connect with the tools you know and love. Have more freedom to innovate and be creative. Deploy to any cloud,…
GitHub CLI brings GitHub to your terminal. It reduces context switching, helps you focus, and enables you to more easily script and create your own workflows. Earlier this year, we…
The Checks API now has a limit of 1,000 check runs with the same name per check suite. Using checks, you can run checks against code changes in a repository,…
Announcing the public beta of our new integration between GitHub and Microsoft Teams.
Secret leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub Secret Scanning looks for leaked secrets in all public repositories, and enrolled private…
If you are enrolled in the GitHub Advanced Security code scanning beta, we are releasing new APIs for you to start using. This release also includes some breaking changes to…
Repositories that use GitHub Pages can now build and deploy from any branch. Publishing to the special gh-pages branch will still work the same as it always has, but you…
The most important way to protect supply chain threats? Scan code for security vulnerabilities, learn how to find vulnerabilities in code, and quickly patch them with dynamic code analysis tools.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Catch up on the GitHub podcast, a show dedicated to the topics, trends, stories and culture in and around the open source developer community on GitHub.
