The latest blogs from GitHub

This is the first post in a two-part series describing friendly forks and alternative strategies for managing them. Stay tuned for part two coming in May!

The ZX Spectrum, one of the best-selling microcomputers of all time, celebrates its 40 years anniversary today. Read more about how the community is still active – creating new content, archiving old content, and hacking on all sorts of hardware.

Do you worry that a CVE will hurt the reputation of your project? In reality, CVEs are a tracking number, and nothing more. Here’s how we think of them at GitHub.

From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account.

We’re kicking off InFocus, a global virtual event focused on accelerating, securing, and improving the way software development teams work.

The history of pre-receive hooks, how we discovered that the performance was problematic, and how we went about safely replacing them.

Organization profiles can now display custom content visible only to members of the organization. A new Member view can be tailored to show an alternative README and pinned private repositories.

We’re releasing exciting improvements that will streamline your Codespaces experience when working with multi-repository projects and monorepos.

Introducing CodeQL packs to help you codify and share your knowledge of vulnerabilities.

Another new release of Git is here! Take a look at some of our highlights on what’s new in Git 2.36.

On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the impact to GitHub, npm, and our users.

Upgrade your local installation of Git, especially if you are using Git for Windows, or you use Git on a multi-user machine.

Today, we’re excited to bring you a few new features that will help you communicate, collaborate, and connect seamlessly with teams and communities about the software you’re building with the help of GitHub Discussions.

How we sped up GitHub.com by moving slow, non-critical code into rack.after_reply.

Each month, we highlight open source projects that have shipped major updates. These include everything from world-changing technology to developer tooling, and weekend projects. Here are our top staff picks…

Ensuring secure access to your source code is more important than ever. Git Credential Manager helps make that easy.

Learn how to build packages with SLSA 3 provenance using GitHub Actions.

In March, we experienced several incidents resulting in significant impact to multiple GitHub services.

The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code.

We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure.

From automating builds and releases to taking care of large-scale regression testing, here are a few ways we use GitHub Actions to build GitHub.