Search results for: repository

The world runs on software, and a large portion of it, especially the open source software that’s part of everything we experience, is built by millions of developers on GitHub…

Starting March 1st, 2021 workflow runs that are triggered by Dependabot from push, pull_request, pull_request_review, or pull_request_review_comment events will be treated as if they were opened from a repository fork.…

You can now limit which branches can deploy to an environment using Environment protection rules. When a job tries to deploy to an environment with Deployment branches configured Actions will…

Security Advisories and GitHub Advisory Database now include Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS) information for advisories. When you create a Security Advisory to disclose a…

Security vulnerabilities can be unpleasant to address, and that only gets worse the more you have. When you’re dealing with a large volume of vulnerabilities, you need to be able…

Dependabot version updates now support npm v7. Note that npm v7 uses the new lockfile format (“lockfileVersion”: 2). Dependabot will now respect this new format if you have installed with…

This is a partner post by Leonid Belkind, the Co-Founder and CTO at StackPulse Over the past decade, engineering-led practices have replaced traditional IT operations across the software development lifecycle.…

Pull request auto-merge is now generally available on GitHub and through GitHub Mobile. With auto-merge, pull requests can be set to merge automatically when all merge requirements are met. No…

After much anticipation, the npm CLI version 7 is now generally available!

Starting today, users with Dependabot alerts enabled can see which of their repositories are impacted by a given vulnerability by navigating to its entry in the GitHub Advisory Database. This…

Beginning March 1, 2021, we will remove .NET Core 3.0 from macOS 10.15, Ubuntu 16.04, and Ubuntu 18.04 virtual environments for GitHub-hosted runners. We follow a general guideline of removing…

GitHub Pages now gives you the option to limit access, making the site visible only to users with access to the repository that published the Page. With access control, you…

On February 15th, GitHub Actions will remove support for referencing actions using the shortened version of a git commit SHA. This may cause some workflows in your repository to break.…

If you haven’t seen it, the GitHub Changelog helps you keep up-to-date with all the latest features and updates to GitHub. We shipped a tonne of changes last year, and…

Dependabot version updates now support pip-compile 5.5.0. Note that with the version update of pip-compile from 5.4.0 to 5.5.0, the formatting of “via” annotations has changed to one dependency per…

You can now rename any branch, including the default branch, from the web. If you’ve been waiting to rename your default branch from master to main, we now recommend doing…

Today, we’re making GitHub Enterprise Server 3.0 available as a release candidate. Announced in the GitHub Universe Keynote, it’s the biggest ever change to Enterprise Server, bringing customers: Actions –…

You can now delete an entire directory of files including subdirectories from your web browser: Browse to the directory in the repository and branch that you want to delete In…

We’ve made huge advances in our security features at GitHub in 2020, with launches for code scanning, secret scanning, Dependabot version updates, dependency review, and more.

@derrickstolee recently discussed several different git clone options, but how do those options actually affect your Git performance? Which option is fastest for your client experience? Which option is fastest for your build machines?…

As your Git repositories grow, it becomes harder and harder for new developers to clone and start working on them. Git is designed as a distributed version control system. This means that…