The latest blogs from GitHub

Learn how to effectively prioritize alerts using severity (CVSS), exploitation likelihood (EPSS), and repository properties, so you can focus on the most critical vulnerabilities first.

See how you can use GitHub Copilot to build an API.

The GitHub CLI now supports common Git configurations for triangular workflows. Learn more about triangular workflows, how they work, and how to configure them for your Git workflows. Then, see how you can leverage these using the GitHub CLI.

What to look for with each model and how to test them in your workflows—with tips, tricks, and pointers.

Discover practical tips and tricks for forming effective GraphQL queries and mutations.

Discover the latest trends and insights on public software development activity on GitHub with the quarterly release of data for the Innovation Graph, updated through December 2024.

There are 60,000+ climate-focused projects on GitHub, explore one this Earth Day!

When you want your images to look good in Markdown on GitHub, you might have to adjust for the UI around them.

Want to speak at a tech conference? These four practical tips will help your session proposal stand out—and land you on the stage.

Ever wondered which AI model is the best fit for your GitHub Copilot project? Here are some things to consider.

In March, we experienced one incident that resulted in degraded performance across GitHub services.

Comparing GitHub-hosted vs self-hosted runners for your CI/CD workflows? This deep dive explores important factors to consider when making this critical infrastructure decision for your development team.

Learn how to leverage GitHub Copilot to make your code more secure.

Explore the iterative development journey of GitHub’s sub-issues feature. Learn how we leveraged sub-issues to build and refine sub-issues, breaking down larger tasks into smaller, manageable ones.

Everyone’s talking about MCP these days when it comes to large language models (LLMs)—here’s what you need to know.

Security should be native to your workflow, not a painful separate process.

Learn how to identify which CVE Numbering Authority is responsible for the record, how to contact them, and what to include with your suggestion.

Starting today, security campaigns are generally available for all GitHub Advanced Security and GitHub Code Security customers—helping organizations take control of their security debt and manage risk by unlocking collaboration between developers and security teams.

In celebration of MSFT’s 50th anniversary, we’re rolling out Agent Mode with MCP support to all VS Code users. We are also announcing the new GitHub Copilot Pro+ plan w/ premium requests, the general availability of models from Anthropic, Google, and OpenAI, next edit suggestions for code completions & the Copilot code review agent.