Search results for: repository

In March we made a change in GitHub Actions that forced workflows triggered by Dependabot to run with a read-only token. This change was made to protect your repositories from…

The Codes of Conduct API preview, which was accessible with the scarlet-witch-preview header, is being deprecated. On December 6th, 2021, the fields behind this API preview will no longer be…

Now available in public beta, you can reuse entire workflows as if they were an action. Instead of copying and pasting workflow definitions across repositories, you can now reference an…

The Explore tab on GitHub Mobile has been redesigned to make it easier to find the best projects on GitHub! Find personalized repository recommendations based on your past contributions and…

macOS Big Sur (11) became generally available on GitHub-hosted runners in August 2021. Over the next 8 weeks, jobs using the macos-latest runner label will migrate from Catalina (10.15) to…

Filtered files on the Pull Request Files Changed tab are now completely hidden from view (not just collapsed). This helps decrease distractions and lets you focus on just the files…

Code scanning runs analysis tools that scan your code on the triggers defined in your .yml Actions workflow file. The default CodeQL workflow analyzes your code each time you push…

In 2019, to meet GitHub’s growth and availability challenges, we set a plan in motion to improve our tooling and ability to partition relational databases.

During an audit of Apache Dubbo v2.7.8 source code, I found multiple vulnerabilities enabling attackers to compromise and run arbitrary system commands on both Dubbo consumers and providers. In this blog post I detailed how I leveraged CodeQL as an audit oracle to help me find these issues.

You can now copy the full, raw contents of a file in your repository to the clipboard with just one click. Previously, you would need to open the raw file,…

GitHub Actions now has an updated management experience for your self-hosted runners that makes it easier to manage runner groups and see the status of your runners. New Runners and…

GitHub Advanced Security customers can now edit their custom patterns defined at the repository, organization, and enterprise levels. After a user edits and saves a pattern, secret scanning searches for…

GitHub Secret Scanning scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally. This protects users from fraud and data leaks. Contributed Systems…

Organizations can now display a README.md on their profile Overview. Start with creating a .github repository for the desired organization. Make sure it’s public. Add a profile folder to your…

GitHub releases now have an avatar list at the bottom of the release showing the avatars of all GitHub accounts mentioned in the release notes. This is a great way…

What did we ship in August? Codespaces, Discussions, and lots of other updates, from the general availability of the dark high contrast theme to an auto-generated table of contents for wikis.

The new GraphQL mutation createCommitOnBranch makes it easier to add, update, and delete files in a branch of a repository. This new API offers a simpler way to commit changes…

GitHub Enterprise Server 3.2 is available today as a release candidate.

You can now use setup-node action to cache dependencies for projects with monorepo and pnpm package manager. Use the optional cache-dependency-path field to specify the path to dependency file(s). steps:…

How GitHub uses code scanning to increase developer happiness, and how you can too.

Forked repositories can now be synced with their upstream using the merge upstream API. For more info, see the documentation here. You can also sync forks through the web UI,…