Search results for: actions

This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place.

In November, we experienced one incident resulting in significant impact and degraded state of availability for multiple services.

From learning YAML to scripting with Bash, here are a few simple tips for developers who want to speed up their workflows.

Recently, the Copyright Office responded to the calls to clarify the scope of protected security research.

The latest release of the CodeQL CLI supports including markdown-rendered query help in SARIF files so that the help text can be viewed in the code scanning UI. This functionality…

The GitHub Services Engineers have released the Advanced Security Enforcer GitHub Action to enable organizations to utilize code scanning in a consistent and automated way.

A public beta of the new GitHub Issues, a “security manager” role for organizations, a command palette beta, and lots more.

GitHub puts the needs of developers at the core of our content moderation policies. Learn more about our approach and how you can contribute.

The Exiv2 team tightened our security by enabling GitHub’s code scanning feature and adding custom queries tailored to the Exiv2 code base.

Here are a few ways our teams use GitHub Discussions internally to build community, simplify workflows, and get key insights into our work.

The new sparse index feature makes it feel like you are working in a small repository when working in a focused portion of a monorepo.

The GitHub Enterprise Server 3.3 Release Candidate is available. This release contains a broad range of features and enhancements across the platform including GitHub Actions, Security, and a host of…

This latest release sees the introduction of a new role, a new webhook for GitHub Actions, and a bright edge to dark mode.

This morning, I sent the following post to the GitHub team. TL;DR: I’m moving on to my next adventure, and Thomas Dohmke (currently Chief Product Officer) will be GitHub’s next CEO.

This blog post is the first in a series about hardening the security of the Exiv2 project. My goal is to share tips that will help you harden the security of your own project.

Since we introduced the new GitHub Issues earlier this year in a private beta, we’ve been working hard to expand access to all developers in order to make GitHub the…

Since last year’s GitHub Universe, we’ve shipped more than 20,000 improvements to GitHub for developers, open source communities, and enterprise teams. Here’s a comprehensive overview of what we’re announcing at Universe this week.

GitHub Marketplace just passed 10,000 published actions! Learn about contributing to this growing open source ecosystem.

Catch up on 44 ships, including a colorblind-accessible theme, a public README.md for organizations, and customization of code review settings.

This post is a technical analysis of a recently disclosed Chrome vulnerability in the garbage collector of v8 (CVE-2021-37975) that was believed to be exploited in the wild. This vulnerability was reported by an anonymous researcher and was patched on September 30, 2021 in Chrome version 94.0.4606.71. I’ll cover the root cause analysis of the bug, as well as detailed exploitation.

We sat down with Universe hosts Lorena Mesa and Jarryd McCree for a quick Q&A to help you make the most out of your conference experience this year.