Search results for: repository

It has been a year since we’ve launched the first public release of GitHub CLI. Since, we have added functionality to manage your repositories, comment on issues, enable auto-merge for…

This post features a guest interview with Diego M. Oppenheimer, CEO at Algorithmia Over the past few years, machine learning has grown in adoption within the enterprise. More organizations are…

GitHub Advanced Security customers can now view their active committer count and the remaining number of unused committer seats on their organization or enterprise account’s Billing page. If Advanced Security…

In a recent paper written by Nicole Forsgren and her colleagues, “The SPACE of developer productivity: There’s more to it than you think,” there is an irony that is hard…

GitHub Discussions is now available for private repositories. To get started, maintainers and admins of private repositories can now enable Discussions under Features in the repository settings. For more information,…

In December 2020, we launched the public beta of GitHub Discussions, a collaborative communication forum that allows community members to ask and answer questions, share updates, and have open-ended conversations.…

Today, the Git project released new versions to address CVE-2021-21300: a security vulnerability in the delayed checkout mechanism used by Git LFS during git clone operations affecting versions 2.15 and…

Secret scanning on private repositories now notifies commit authors when they push a change that includes a potential secret. The commit author can view the associated alert and mark it…

You can now attach files, including images, to markdown files while you’re editing them in the web. This works just like file attachments in issues and pull requests and supports…

​We changed the REST API authorization logic for maintainer fork collaborators to address an improper write access control bug identified by an independent bug bounty researcher. Under certain circumstances, this…

Software security doesn’t end at the boundaries of your own code. The moment a library dependency is introduced, you’re adopting other people’s code and any bugs that come with it.…

At GitHub, we put developers first, and we work hard to provide a safe, open, and inclusive platform for code collaboration. This means we are committed to minimizing the disruption…

The world runs on software, and a large portion of it, especially the open source software that’s part of everything we experience, is built by millions of developers on GitHub…

Starting March 1st, 2021 workflow runs that are triggered by Dependabot from push, pull_request, pull_request_review, or pull_request_review_comment events will be treated as if they were opened from a repository fork.…

You can now limit which branches can deploy to an environment using Environment protection rules. When a job tries to deploy to an environment with Deployment branches configured Actions will…

Security Advisories and GitHub Advisory Database now include Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS) information for advisories. When you create a Security Advisory to disclose a…

Security vulnerabilities can be unpleasant to address, and that only gets worse the more you have. When you’re dealing with a large volume of vulnerabilities, you need to be able…

Dependabot version updates now support npm v7. Note that npm v7 uses the new lockfile format (“lockfileVersion”: 2). Dependabot will now respect this new format if you have installed with…

This is a partner post by Leonid Belkind, the Co-Founder and CTO at StackPulse Over the past decade, engineering-led practices have replaced traditional IT operations across the software development lifecycle.…

Pull request auto-merge is now generally available on GitHub and through GitHub Mobile. With auto-merge, pull requests can be set to merge automatically when all merge requirements are met. No…

After much anticipation, the npm CLI version 7 is now generally available!