Introducing the organization-level security manager role
Organizations can now grant teams permission to manage security alerts and settings on all their repositories. The “security manager” role can be applied to any team and grants the team’s…
Organizations can now grant teams permission to manage security alerts and settings on all their repositories. The “security manager” role can be applied to any team and grants the team’s…
Catch up on 44 ships, including a colorblind-accessible theme, a public README.md for organizations, and customization of code review settings.
As part of our ongoing efforts to keep GitHub-hosted runners updated and secure, the Windows 2016 virtual environment will be removed from GitHub Actions on March 15, 2022. We recommend…
GitHub secret scanning helps protect users by searching repositories for known types of secrets. By flagging leaked secrets, our scans can prevent data leaks and prevent the fraudulent use of…
We added support to receive notifications for updates from releases, branches, and repositories in the GitHub app in Microsoft Teams. You can now subscribe to your repository in your Microsoft…
Public repositories now have a public label next to their names like private and internal repositories do. Previously, repositories had a label next to their name that indicated if they…
GitHub Secret Scanning helps protect users by searching repositories for known types of secrets. By flagging leaked secrets, our scans can prevent data leaks and fraudulent uses of secrets that…
Giving back to open source projects is a great way to practice skills you don’t get to use in your day job. Check out ways to get involved!
In March we made a change in GitHub Actions that forced workflows triggered by Dependabot to run with a read-only token. This change was made to protect your repositories from…
The Codes of Conduct API preview, which was accessible with the scarlet-witch-preview header, is being deprecated. On December 6th, 2021, the fields behind this API preview will no longer be…
Now available in public beta, you can reuse entire workflows as if they were an action. Instead of copying and pasting workflow definitions across repositories, you can now reference an…
The Explore tab on GitHub Mobile has been redesigned to make it easier to find the best projects on GitHub! Find personalized repository recommendations based on your past contributions and…
macOS Big Sur (11) became generally available on GitHub-hosted runners in August 2021. Over the next 8 weeks, jobs using the macos-latest runner label will migrate from Catalina (10.15) to…
Filtered files on the Pull Request Files Changed tab are now completely hidden from view (not just collapsed). This helps decrease distractions and lets you focus on just the files…
Code scanning runs analysis tools that scan your code on the triggers defined in your .yml Actions workflow file. The default CodeQL workflow analyzes your code each time you push…
In 2019, to meet GitHub’s growth and availability challenges, we set a plan in motion to improve our tooling and ability to partition relational databases.
During an audit of Apache Dubbo v2.7.8 source code, I found multiple vulnerabilities enabling attackers to compromise and run arbitrary system commands on both Dubbo consumers and providers. In this blog post I detailed how I leveraged CodeQL as an audit oracle to help me find these issues.
You can now copy the full, raw contents of a file in your repository to the clipboard with just one click. Previously, you would need to open the raw file,…
GitHub Actions now has an updated management experience for your self-hosted runners that makes it easier to manage runner groups and see the status of your runners. New Runners and…
GitHub Advanced Security customers can now edit their custom patterns defined at the repository, organization, and enterprise levels. After a user edits and saves a pattern, secret scanning searches for…
GitHub Secret Scanning scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally. This protects users from fraud and data leaks. Contributed Systems…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Join us October 28-29 in San Francisco or online for GitHub Universe, our flagship developer event uniting people, agents, and the world’s code.