Search results for: actions

Starting next week, workflow re-runs in GitHub Actions will use the initial run’s actor for privilege evaluation. The actor who triggered the re-run will continue to be displayed in the…

From incorporating accessibility testing to implementing blue-green deployment models, here are six practical and strategic ways to improve your CI/CD pipeline.

In June, we experienced four incidents resulting in significant impact to multiple GitHub.com services. This report also sheds light into an incident that impacted several GitHub.com services in May.

High-quality Git commits are the key to a maintainable and collaborative open- or closed-source project. Learn strategies to improve and use commits to streamline your development process.

Meet the 2022 MLH Fellowship cohort! This 12-week internship alternative is for aspiring software engineers, and powered by GitHub.

In this post I’ll exploit CVE-2022-1134, a type confusion in Chrome that I reported in March 2022, which allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site. I’ll also look at some past vulnerabilities of this type and some implementation details of inline cache in V8, the JavaScript engine of Chrome.

The open source Git project just released Git 2.37. Take a look at some of our highlights from the latest release.

Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities

Dependency graph now supports submissions through the dependency submission API (beta). This enables you to add dependencies, such as those resolved when software is compiled or built, to the dependency…

GitHub Advanced Security customers can now view bypasses of secret scanning’s push protection in the enterprise and organization audit logs. The GitHub REST API and webhooks now also contain bypass…

Today’s Changelog brings you tooling to migrate projects from the classic version to beta and accessibility improvements! 🚀 Migrate from Projects (classic) to Projects (beta) (feature preview) We’ve made it…

Today, we’re announcing that the ability to prebuild codespaces is entering general availability. A prebuilt codespace serves as a “ready-to-go” template where your source code, editor extensions, project dependencies, commands,…

Teams and GHEC customers can now create blazing fast codespaces, even for your largest and most complex projects.

The Dependency Review GitHub Action, which checks if pull requests introduce a dependency with a known vulnerability, now supports configuration based on vulnerability severity and license type. The following configuration…

Discover how GitHub thinks about browser support, look at usage patterns, and learn about the tools we use to make sure our customers are getting the best experience.

Dependabot is generally available in GitHub Enterprise Server 3.5. Here is how to set up Dependabot on your instance.

Achievements celebrate specific events and actions that happen on GitHub. They will appear as small badges listed in the sidebar of your profile and are in Public Beta starting today.…

We’re excited to announce that we’re open sourcing our Identity and Access Management solution: Entitlements.

A personal story about building the feature you want and sharing it with the world.

Today, we’re announcing GitHub Skills, a new learning experience to help you throughout your GitHub journey.

The Rust community can now discover, report, and prevent security vulnerabilities.