The latest blogs from GitHub

Each month, we highlight open source projects that have shipped major updates. These include everything from world-changing technology to developer tooling, and weekend projects. Here are our top staff picks…

Ensuring secure access to your source code is more important than ever. Git Credential Manager helps make that easy.

Learn how to build packages with SLSA 3 provenance using GitHub Actions.

In March, we experienced several incidents resulting in significant impact to multiple GitHub services.

The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code.

We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure.

From automating builds and releases to taking care of large-scale regression testing, here are a few ways we use GitHub Actions to build GitHub.

Organizations with GitHub Advanced Security can now proactively protect against secret leaks with secret scanning’s new push protection feature.

We believe our technical interviews should be as similar as possible to the way we work at GitHub.

GitHub Copilot is now available from Visual Studio 2022 for everyone in the technical preview.

Advice on fundamentals, picking languages to learn, social media presence, interviewing, and more

Securing your projects is no easy task, but end-to-end supply chain security is more top of mind than ever. We’ve seen bad actors expand their focus to taking over user…

GitHub Education is fired up for the return of .Tech Domains developer community competition: Break The Code 2. We’ve hacked in some new enigmas, cheat codes, and easter eggs for digital sleuths to uncover!

Over the past few weeks, we have experienced multiple incidents due to the health of our database. We wanted to share what we know about these incidents while our team continues to address them.

You can now enforce consistent usage of self-hosted runner groups across your organization and enterprise.

Today, we are rolling out a new beta version of GitHub’s home feed, making it easier to discover projects, developers and more across GitHub.

If you’re a GHES customer with heavy read traffic on your monorepo, check out the repository cache, especially if you have CI workloads distributed around the world.

You can now create a branch to work on an issue directly from the issue page so that it’s easier to get started right away.

If there’s one habit that can make software more secure, it’s probably input validation. Here’s how to apply OWASP Proactive Control C5 (Validate All Inputs) to your code.

Our community has shipped lots of open source project updates in the last month. Here’s a few of our staff picks.

It is now possible to re-run only failed jobs or a single job in GitHub Actions workflows.