The latest blogs from GitHub

It was another record year for our Security Bug Bounty program! We’re excited to highlight some achievements we’ve made together with the bounty community in 2022!

Introducing two new secret scanning push protection features that will enable individual developers to protect all their pushes and organizations to gain insights and trends across their repositories.

In July, we experienced one incident that resulted in degraded performance across GitHub services.

Researchers from Purdue and NCSU have found a large number of command injection vulnerabilities in the workflows of projects on GitHub. Follow these four tips to keep your GitHub Actions workflows secure.

GitHub’s design experts share 10 tips and lessons for designing magical user experiences for AI applications and AI coding tools.

In the world of software development, collaboration can make the difference between a brittle last-minute release and a reliable, maintainable, pain-free project. Whether you’ve been coding for a day or a decade, your colleagues are there to help strengthen your work. But they can only help if you’ve given them the tools to do so.

Today, we’re announcing a private beta of GitHub Copilot with code referencing that includes a filter to detect code suggestions matching public code on GitHub.

Learn how you can structure your enterprise to get the most value out of GitHub and provide the best experience for your developers!

Learn about how we build containerized services that power microservices on the GitHub.com platform and many internal tools.

We’re thrilled to announce two major updates to GitHub Copilot code Completion’s capabilities that will help developers work even more efficiently and effectively.

This blog post describes two security vulnerabilities in Decidim, a digital platform for citizen participation. Both vulnerabilities were addressed by the Decidim team with corresponding update releases for the supported versions in May 2023.

GitHub switched to performing merges and rebases using merge-ort. Come behind the scenes to see why and how we made this change.

Sharing our coalition paper to inform the final negotiation of the EU AI Act.

Game Bytes is our monthly series taking a peek at the world of gamedev on GitHub—featuring game engine updates, game jam details, open source games, mods, maps, and more. Game on!

In this step-by-step tutorial, you will learn how to use GitHub Copilot to build an application with OpenAI’s gpt-3.5-turbo model.

We’re launching the GitHub Copilot Trust Center to provide transparency about how GitHub Copilot works and help organizations innovate responsibly with generative AI.

Repository rules provide an easy, flexible way to define branch protections and ensure consistency in code across repositories.

All GitHub Copilot for Business users now have access to a limited GitHub Copilot Chat beta, bringing the power of conversational coding right to the IDE.

As a design organization, we have the opportunity to make a significant impact on designing the platform for all developers. How does the emergence of creative AI impact our work? How can we achieve an inclusive experience for a spectrum of all abilities? What does designing for developer happiness look like?

With the new Issue Metrics GitHub Action, you can now track and monitor important metrics related to issues, pull requests, and discussions, such as time to first response, time to close, and more!

GitHub has identified a low-volume social engineering campaign that targets the personal accounts of employees of technology firms. No GitHub or npm systems were compromised in this campaign. We’re publishing this blog post as a warning for our customers to prevent exploitation by this threat actor.