Search results for: actions

You can now build your agenda on GitHubUniverse.com! Whether you’re just getting started or you’re a seasoned industry professional, there’s a session for you.

The GitHub Security Lab provided office hours for open source projects looking to improve their security posture and reduce the risk of breach. Here’s what we learned and how you can also participate.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

Explore how GitHub Enterprise can help you transform your software engineering organization and practices.

CodeQL now officially supports customizing the build configuration for Go analysis in the Actions workflow file. This aligns the Go configuration experience with the C/C++, C#, and Java analysis. The…

The GitHub Enterprise Server 3.7 release candidate is here GitHub Enterprise Server 3.7 brings new capabilities to help companies build and deliver secure software, more quickly. With over 70 new…

The Sigstore GA means you can protect your software supply chain today with GitHub Actions, and will power new npm security capabilities in the near future.

The enterprise audit log now records changes to GitHub Advanced Security, secret scanning, and push protection enablement. See business_secret_scanning See business_secret_scanning_push_protection See business_secret_scanning_push_protection_custom_message The organization-level audit log now also records…

Upgrade your local installation of Git, especially when cloning with –recurse-submodules from untrusted repositories, or if you use git shell interactive mode.

Fine-grained personal access tokens offer enhanced security to developers and organization owners, to reduce the risk to your data of compromised tokens.

Having a robust security plan is key to innovation. These tips will empower you to gain the upper hand on cyberattacks, so you can ship quickly and innovate with ease.

New to Git v2.38, Scalar is a built-in repository manager for large repos. Here, we’ll tell the story of how Scalar went from a rough VFS for Git successor to a fully-integrated Git tool, with all of the engineering lessons learned in the process.

On September 5, 2022, we reverted a recent change to our indirect pull request merge logic that was causing some pull requests to be incorrectly marked as merged. This could…

Stay connected and up to date on your work with GitHub Projects on GitHub Mobile, now in public beta.

Now more than ever flexibility is not only needed for how we work, but where we work. Stay connected and up to date on your work with GitHub Projects on…

API users can now integrate with a new dependabot_alert webhook, which matches the naming and structure of the recently introduced Dependabot alerts REST API. You should use this webhook in…

Cross-platform apps built with the popular Flutter toolkit can now benefit from Dependabot alerts.

In September, we experienced one incident that resulted in degraded performance across GitHub services. We also experienced one incident resulting in significant impact to Codespaces. We are still investigating that incident and will include it in next month’s report. This report also sheds light into an incident that impacted Codespaces in August and an incident that impacted Actions in August.

GitHub’s audit log allows admins to quickly review the actions performed by members of their Enterprise. It includes details such as who performed the action, what the action was, and…

GitHub Advanced Security customers can now view a timeline of actions taken on a secret scanning alert, including when a contributor bypassed the push protection on a secret. Users can…

Learn best practices on how to roll out centrally managed, developer-centric application security with a third party CI/CD system like Jenkins or ADO.