Search results for: repository

Integrating static analysis security testing into the developer workflow is hard. We discuss the challenges and how to overcome them

You can now set the default branch name for newly-created repositories under your username. This setting does not impact any of your existing repositories. Existing repositories will continue to have…

Starting today, August 7, 2020, the code search exact match beta will be sunset. If your repository was opted into the beta, it has already been indexed on the current…

GitHub provides the security capabilities to achieve Level 1 of the OWASP DevSecOps Maturity Model. In this post, we explore the principles of DSOMM Level 1 and how you can implement secret scanning, SCA, SAST and DAST using native tooling on GitHub.

GitHub Actions hosted virtual environments are a turn-key option for running your workflows. But if you need fine-grained control and customization of your environment, then self-hosted runners give you full…

GitHub’s dependency graph identifies all upstream dependencies and public downstream dependents of a repository or package by parsing manifest files, so that you can better manage the security and compliance of your dependencies.

Learn about patterns for configuring and maintaining GitHub Actions self-hosted runners on Google Cloud.

The Semantic Code team shipped a massive improvement to the language support system that powers code navigation. Code navigation features only scratch the surface of possibilities that start to open up when we combine Semantic‘s program analysis potential with GitHub’s scale.

Today GitHub Actions shipped a series of features designed to improve your workflows when working with PRs from repository forks. New settings for private repository forks Many GitHub customers choose…

We are happy to announce that GitHub is joining the Open Source Security Foundation (OpenSSF) as a founding member, alongside Google, IBM, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation, Red Hat, and others.

Repositories that use GitHub Pages can now build and deploy from any branch. Publishing to the special gh-pages branch will still work the same as it always has, but you…

For customers of GitHub Advanced Security running LGTM Enterprise, we have released LGTM Enterprise v1.24.1. This release includes a number of bug fixes including: Fixed private repository support for GitHub…

In this post, hear from @stevemar, a Senior Technical Staff Member at IBM, about a new GitHub Starter Workflow for developers deploying containerized applications to IBM Cloud Kubernetes Service.  Here…

The GitHub public roadmap is a new public repository hosted on GitHub, designed to give you and your team the information you need to plan ahead. You can learn about many of…

The public roadmap is designed to give your team more information about what features and functionality you can expect from GitHub over the coming quarters.

GitHub Enterprise accounts on github.com now enjoy higher hourly API rate limits for both GitHub Apps and OAuth Apps. OAuth Apps were increased to 15,000 API calls per hour from…

GitHub published a full description of its REST API in OpenAPI 3.0 specification compliant documents. The GitHub OpenAPI description contains more than 600 operations exposed in our API. For visual…

The open source Git project just released Git 2.28 with features and bug fixes from over 58 contributors, 13 of them new. We last caught up with you on the…

The GitHub REST API has been through three major revisions since it was first released, only a month after the site was launched. We often receive feedback that our REST…

Protect your team’s code with secure software development best practices like setting up SAML/SCIM integrations, enforcing policies to avoid code leakage, and more.

Keep dependencies up to date, to make sure you can quickly apply a patch when it really matters – when there’s a critical security vulnerability.