The latest blogs from GitHub

Today we launched new code scanning analysis features powered by machine learning. The experimental analysis finds more of the most common types of vulnerabilities.

A behind-the-scenes peek into the machine learning framework powering new code scanning security alerts.

Tips from our developer advocates on how and why to find a mentor.

Practical tips on how to apply OWASP Top 10 Proactive Control C4.

GitHub Enterprise Server 3.4 is now generally available for all customers. This release makes software development faster and more secure with new features like reusable workflows, Dependabot security updates, and GitHub Advanced Security enhancements.

Over the past year, the GitHub Stars have made a tremendous impact in the community with their influence, inspiring and building communities and creating content to help everyone.

The MLH Fellowship, powered by GitHub, is a 12-week internship alternative for aspiring software engineers. Meet the 2022 cohort!

A picture tells a thousand words. Now you can quickly create and edit diagrams in markdown using words with Mermaid support in your Markdown files.

Stop context switching. Keep your team’s project planning next to your code.

Reusable workflows offer a simple and powerful way to avoid copying and pasting workflows across your repositories.

A comprehensive guide for vulnerability reporters.

Today, we’re shipping improvements to Dependabot alerts that make them easier to understand and remediate.

Here’s January’s top staff picks on projects that shipped major version releases.

In January, we experienced no incidents resulting in service downtime to our core services.

A quick guide on the advantages of using GitHub Actions as your preferred CI/CD tool—and how to build a CI/CD pipeline with it.

Along with the release of sponsors-only repositories, here’s a look at what’s new and what’s next for Sponsors.

A deep dive into how GitHub adds support for new languages to CodeQL.

Starting today, we are rolling out mandatory 2FA to all maintainers of top-100 npm packages by dependents.

The dependency graph helps developers and maintainers understand the code they depend on, and now includes GitHub Actions!

In GitHub’s latest transparency report, we’re giving you a by-the-numbers look at how we responded to requests for user info and content removal.

When it comes to secure database access, there’s more to consider than SQL injections. OWASP Top 10 Proactive Control C3 offers guidance.