GitHub Advanced Security helps you create secure applications with a community-driven, developer-first approach. Today, we are excited to announce two updates: Beta of the new security overview for organizations and…
The Python Package Index is now a GitHub secret scanning integrator
Last week, we launched code scanning for all open source and enterprise developers, and we promised we’d share more on our extensibility capabilities and the GitHub security ecosystem. Today, we’re…
GitHub has scanned public repositories for secrets (like API keys and tokens) for several years. Secret scanning protects our partners and our customers from unauthorized use of the services protected by those…
Learn about how GitHub Advanced Security’s new AI-powered features can help you secure your code more efficiently than ever.
Announcing the general availability of push protection–a feature that proactively prevents secret leaks in your public and private repositories.
GitHub now tells you whether GitHub tokens found by secret scanning are active so you can prioritize and escalate remediation efforts.
With just one click, admins in GitHub Advanced Security organizations can protect their custom patterns on push.
Today, we’re expanding access to the GitHub security overview! All GitHub Enterprise customers now have access to the security overview, not just those with GitHub Advanced Security. Additionally, all users within an enterprise can now access the security overview, not just admins and security managers.
We shipped a ton of updates in November, from the push notification for PR review activities on the go, to an easy way to create Markdown links.
A public beta of the new GitHub Issues, a “security manager” role for organizations, a command palette beta, and lots more.
Catch up on 44 ships, including a colorblind-accessible theme, a public README.md for organizations, and customization of code review settings.
What did we ship in August? Codespaces, Discussions, and lots of other updates, from the general availability of the dark high contrast theme to an auto-generated table of contents for wikis.
The partnership between GitHub and Endor Labs enables application security engineers and developers to drastically reduce time spent on open source vulnerabilities, and gives them the tools to go from finding to fixing.
GitHub uses GitHub to build GitHub, and our CLI extensions are no exception. Read on to find out how we built the GitHub Skyline CLI extension using GitHub!
Learn how GitHub Artifact Attestations can enhance your build security and help your organization achieve SLSA Level 3. This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing your build process.
Applications for the new GitHub Secure Open Source Fund are now open! Applications will be reviewed on a rolling basis until they close on January 7 at 11:59 pm PT. Programming and funding will begin in early 2025.
Find out how we’re evolving GitHub and GitHub Copilot—and get access to the latest previews and GA releases.
In this year’s Octoverse report, we study how public and open source activity on GitHub shows how AI is expanding as the global developer community surges in size.
Five actionable tips and strategies to supercharge developer happiness—and a more innovative workplace.
Advanced filtering capabilities for the security overview dashboard
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
