How to define security requirements for your OSS project
Defining your security requirements is the most important proactive control you can implement for your project. Here’s how.
Home / Open source / Page 9
Open source
The vast majority of businesses today rely on open source, making it an essential part of the software industry. And millions of those projects are on GitHub. Learn about documentation, maintainers, gaming Git, licenses, and how open source positively impacts the world. We are committed to helping to build a more open, collaborative, and sustainable future for open source everywhere. You can also find information in our documentation about how to build and foster sustainable open source communities.
Introducing stack graphs
Precise code navigation is powered by stack graphs, a new open source framework that lets you define the name binding rules for a programming language.
Enrolling all npm publishers in enhanced login verification and next steps for two-factor authentication enforcement
Today we’re introducing enhanced login verification to the npm registry, and we will begin a staged rollout to maintainers beginning Dec 7.
Write more secure code with the OWASP Top 10 Proactive Controls
This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place.
Release Radar · November 2021 Edition
The end of the year is getting closer, and our communities are busy working away on their projects. While you’ve all been busy maintaining open source projects and shipping releases,…
Blue-teaming for Exiv2: how to squash bugs by enrolling in OSS-Fuzz
OSS-Fuzz is Google’s awesome fuzzing service for open source projects. GitHub Security Lab’s @kevinbackhouse describes enrolling a project.
GitHub’s commitment to npm ecosystem security
We’re sharing details of recent incidents on the npm registry, our investigations, and how we’re continuing to invest in the security of npm.
Highlights from Git 2.34
To celebrate this most recent release, here’s GitHub’s look at some of the most interesting features and changes introduced since last time.
Release Radar · October 2021 Edition
What an incredible month it’s been for GitHub and our communities. Whilst we’ve been busy with GitHub Universe, our communities have been busy coding. It’s been a successful year for…
Make your monorepo feel small with Git’s sparse index
The new sparse index feature makes it feel like you are working in a small repository when working in a focused portion of a monorepo.
Blue-teaming for Exiv2: three rules of bug fixing for better OSS security
When you’re fixing a bug, especially a security vulnerability, you should add a regression test, fix the bug, and find & fix variants.
Game Off 2021 theme announcement
The theme for this year’s Game Off is… …BUG! Your challenge, should you choose to accept it, is to create a game between now and December 1 incorporating the theme…
Cybersecurity spotlight on bug bounty researcher @yvvdwf
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program: @yvvdwf
GitHub keeps getting better for open source maintainers
Maintainers can now limit who can approve and request changes on pull requests. You can also close issues and block users via your phone.
13 short and scary games plus source to play (or hack) this Halloween 🎃
It’s that time of year again where I like to share seasonally spooktacular games plus source code—a goldmine of material for (a) those looking for coffee-break entertainment, (b) those interested…
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
GitHub Universe 2024
Get tickets to the 10th anniversary of our global developer event on AI, DevEx, and security.