With push protection now enabled by default, GitHub helps open source developers safeguard their secrets, and their reputations.
The post Keeping secrets out of public repositories appeared first on The GitHub Blog. ⌘ Read more
With push protection now enabled by default, GitHub helps open source developers safeguard their secrets, and their reputations.
The post Keeping secrets out of public repositories appeared first on The GitHub Blog. ⌘ Read more
Learn how your organization can customize its LLM-based solution through retrieval augmented generation and fine-tuning.
The post Customizing and fine-tuning LLMs: What you need to know appeared first on The GitHub Blog. ⌘ Read more
Learn how we’re managing feature releases and establishing best practices within and across teams at GitHub using GitHub Projects.
The post How we’re using GitHub Projects to standardize our workflows and stay aligned appeared first on [The GitHub Blog](https://github.blog ... ⌘ Read more
Our most advanced AI offering to date is customized to your organization’s knowledge and codebase, infusing GitHub Copilot throughout the software development lifecycle.
The post GitHub Copilot Enterprise is now generally available appeared first on The GitHub Blog. ⌘ Read more
The first Git release of 2024 is here! Take a look at some of our highlights on what's new in Git 2.44.
The post Highlights from Git 2.44 appeared first on The GitHub Blog. ⌘ Read more
Explore the capabilities and benefits of AI code generation, and how it can improve the developer experience for your enterprise.
The post How AI code generation works appeared first on The GitHub Blog. ⌘ Read more
Whether you're coding up a storm or cooking up code, building a controller function with AI is your secret sauce to a flavorful app.
The post Insider newsletter digest: Cook up a controller with GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.
The post How to stay safe from repo-jacking appeared first on The GitHub Blog. ⌘ Read more
GitHub has been awarded the 2024 Axe Accessibility at Scale Award from Deque Systems. Read more about how we’ve implemented accessibility at scale.
The post Empowering all developers to build without barriers appeared first on The GitHub Blog. ⌘ Read more
Learn to find and fix security issues while having fun with Secure Code Game, now with new challenges focusing on JavaScript, Python, Go, and GitHub Actions!
The post Build code security skills with the GitHub Secure Code Game appeared first on The GitHub Blog. ⌘ Read more
In January, we experienced three incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: January 2024 appeared first on The GitHub Blog. ⌘ Read more
A peek under the hood of GitHub Advanced Security code scanning autofix.
The post Fixing security vulnerabilities with AI appeared first on The GitHub Blog. ⌘ Read more
The npm engineering team recently transitioned to using GitHub Codespaces for local development for npm registry services. This shift to Codespaces has substantially reduced the friction of our inner development loop and boosted developer productivity.
The post Bringing npm registry services to GitHub Codespaces appeared first on [The GitHub Blog] ... ⌘ Read more
Funding AI advancements in the open, and opening applications for second Accelerator cohort.
The post Powering advancements of AI in the open: Apply now to GitHub Accelerator appeared first on The GitHub Blog. ⌘ Read more
We listened to your feedback and released new versions (v4) of actions/upload-artifact and actions/download-artifact. While this version of the actions to upload and download artifacts includes up to 10x performance improvements and several new features, there are also key differences from previous versions that may require updates to your workflows.
The post [Get started with v4 of GitHub Actions Artifacts](https://github.blog/2024-02-12-g ... ⌘ Read more
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.
The post The architecture of SAST tools: An explainer for developers appeared first on The GitHub Blog. ⌘ Read more
Experience AI-powered assistance for queries related to GitHub topics.
The post Copilot in GitHub Support is now available! appeared first on The GitHub Blog. ⌘ Read more
The Fundamentals program has helped us address tech debt, improve reliability, and enhance observability of our engineering systems.
The post [GitHub’s Engineering Fundamentals program: How we deliver on availability, security, and accessibility](https://github.blog/2024-02-08-githubs-engineering-fundamentals-program-how-we-delive ... ⌘ Read more
In practice, shifting left has been more about shifting the burden rather than the ability. But AI is bringing its promise closer to reality. Here’s how.
The post AppSec is harder than you think. Here’s how AI can help. appeared first on The GitHub Blog. ⌘ Read more
The new year has kicked off, and developers are hard at work. We hope all our open source community members had a lovely holiday break and, we’re looking forward to seeing what you ship this year. 2024 is already off to a great start with open source projects releasing major updates. There’s everything here from […]
The post Release Radar · January 2024 Edition appeared first on The GitHub Blog. ⌘ Read more
Consider deploying the GitHub Action: Evergreen so that you know each of your repositories are leveraging active dependency management with Dependabot.
The post Do you know if all your repositories have up-to-date dependencies? appeared first on The GitHub Blog. ⌘ Read more
Celebrate the first year of GitHub Fund, our first investments, and a brief look of where we’re going.
The post GitHub Fund 2024 and beyond: Looking to the future appeared first on The GitHub Blog. ⌘ Read more
Our latest solution to the ubiquitous engineering problem of integration testing in a distributed service ecosystem here at GitHub.
The post How GitHub’s Developer Experience team improved innerloop development appeared first on The GitHub Blog. ⌘ Read more
Calling all nonprofits! Do you want to implement open source software but don’t know where to start? We’ve got good news; you can easily get started by consulting our new guide.
The post A guide to open source for the social sector appeared first on The GitHub Blog. ⌘ Read more
Explore how DevEx boosts productivity and innovation according to new research.
The post Good DevEx increases productivity. Here is the data. appeared first on The GitHub Blog. ⌘ Read more
Explore what flow state entails, its benefits, and three tips for reaching it the next time you code.
The post [How to get in the flow while coding (and why it’s important)](https://github.blog/2024-01-22-how-to-get-in-the-flow-while-coding-and-why-its-important/) appeared first on The GitHub Blog. ⌘ Read more
GitHub Copilot is widely known for its code generation feature. Learn how the AI assistant’s abilities can extend beyond just code generation.
The post 10 unexpected ways to use GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
Game Bytes is our monthly series taking a peek at the world of gamedev on GitHub—featuring game engine updates, game jam details, open source games, mods, maps, and more. Game on!
The post Game Bytes · January 2024 appeared first on The GitHub Blog. ⌘ Read more
Explore the August 2023 edition, featuring easy tips and tricks for GitHub Mobile.
The post Insider newsletter digest: Build from anywhere appeared first on The GitHub Blog. ⌘ Read more
Discover the latest trends and insights on public software development activity on GitHub with the release of Q3 2023 data for the Innovation Graph.
The post [New data and visualizations highlight the resilience of international developer collaboration](https://github.blog/2024-01-18-new-data-and-visualizations-highlight-the-resilience-of-internation ... ⌘ Read more
In December, we experienced three incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: December 2023 appeared first on The GitHub Blog. ⌘ Read more
GitHub Actions continues its industry-leading support for the OSS community by doubling the Windows/Linux machine size to 4-vCPU runners at no cost for public repositories.
The post GitHub-hosted runners: Double the power for open source appeared first on The GitHub Blog. ⌘ Read more
As we look to empower developers with AI tools, we inadvertently integrate AI deeper into the way developers work. How do developers feel about that? And what are the most impactful ways to introduce more AI into workflows? We recently conducted 25 in-depth interviews with developers to understand exactly that.
The post [A developer’s second brain: Reducing complexity through partnership ... ⌘ [Read more](https://github.blog/2024-01-17-a-developers-second-brain-reducing-complexity-through-partnership-with-ai/)
GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.
The post [Rotating credentials for GitHub.com and new GHES patches](https://github.blog/2024-01-16-ro ... ⌘ Read more
During the second cycle of Git Commit Uruguay, students learned the basics of AI and built their own AI-powered projects.
The post Empowering Uruguay’s future workforce with AI appeared first on The GitHub Blog. ⌘ Read more
The GitHub Game Off results are in! All games have been rated, ranked, and reviewed. Read on for a look at the ten highest-rated submissions overall.
The post Game Off 2023 results 🏆 appeared first on The GitHub Blog. ⌘ Read more
Unlock your full potential with GitHub Certifications! Earning a GitHub certification will give you the competitive advantage of showing up as a GitHub expert.
The post GitHub Certifications are generally available appeared first on The GitHub Blog. ⌘ Read more
The GitHub Security Lab teamed up with Ekoparty once again to create some challenges for its yearly Capture the Flag competition!
The post GitHub and the Ekoparty 2023 Capture the Flag appeared first on The GitHub Blog. ⌘ Read more
When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let's explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.
The post Frenemies to friends: Developers and security tools appeared first on [The GitHub Blog](http ... ⌘ [Read more](https://github.blog/2024-01-08-frenemies-to-friends-developers-and-security-tools/)
Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.
The post 5 ways to make your DevSecOps strategy developer-friendly appeared first on The GitHub Blog. ⌘ Read more
GitHub SDKs: software generated meets hand curated.
The post Our move to generated SDKs appeared first on The GitHub Blog. ⌘ Read more
All GitHub Copilot users can now enjoy natural language-powered coding with Copilot Chat at no additional cost.
The post GitHub Copilot Chat now generally available for organizations and individuals appeared first on The GitHub Blog. ⌘ Read more
As the year winds down, we're highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers.
The post GitHub’s top blog posts of 2023 appeared first on The GitHub Blog. ⌘ Read more
Take CODEOWNERS and GitHub teams to the next level. Learn about how GitHub engineering solves the age old problem of who owns what.
The post How we organize and get things done with SERVICEOWNERS appeared first on The GitHub Blog. ⌘ Read more
Read a round-up of the exciting, new innovation coming from GitHub Enterprise.
The post From migration tools to updates to Enterprise Managed Users, what’s new in GitHub Enterprise appeared first on [The GitHub Blog](https://githu ... ⌘ Read more
Hacktoberfest has wrapped up, GitHub Universe has come to a close, and our community has been super hard at work. All the while people enjoyed turkey over thanksgiving and expressed gratitude for those around them. In this edition, we’d like to thank the open source community for all the awesome projects shipped over the past […]
The post Release Radar · End of 2023 Edition appeared first on [The GitHub Blog](https://gi ... ⌘ Read more
Hacktoberfest has wrapped up, GitHub Universe has come to a close, and our community has been super hard at work. All the while people have been enjoying turkey and expressing gratitude for those around them. In this edition, we’re thankful to the open source community and all the awesome projects shipped over the past two […]
The post Release Radar · Thanksgiving 2023 Edition appeared first on [The GitHub Blog](h ... ⌘ [Read more](https://github.blog/2023-12-14-release-radar-nov-2023/)
Learn about how we run a scalable vulnerability management program built on top of GitHub.
The post Scaling vulnerability management across thousands of services and more than 150 million findings appeared first on ... ⌘ Read more
In November, we experienced one incident that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: November 2023 appeared first on The GitHub Blog. ⌘ Read more
This blog post describes two linked vulnerabilities found in Frigate, an AI-powered security camera manager, that could have enabled an attacker to silently gain remote code execution.
The post Securing our home labs: Frigate code review appeared first on The GitHub Blog. ⌘ Read more
We’ve added new improvements to default setup, including automatically scheduling scans on repositories and support for all CodeQL covered languages.
The post [Default setup now includes scheduled scans and supports all languages covered by CodeQL](https://github.blog/2023-12-13-default-setup-now-includes-scheduled-scans-and-supports-all-languages-covered-by-cod ... ⌘ Read more
GitHub uses MySQL to store vast amounts of relational data. This is the story of how we seamlessly upgraded our production fleet to MySQL 8.0.
The post Upgrading GitHub.com to MySQL 8.0 appeared first on The GitHub Blog. ⌘ Read more
Read a roundup of the exciting, new innovation coming from GitHub Actions.
The post From macOS runners to secure deployments, what’s new from GitHub Actions appeared first on The GitHub Blog. ⌘ Read more
Discover the latest trends and insights on public software development activity on GitHub with the release of Q2 2023 data for the Innovation Graph.
The post GitHub Innovation Graph Q2 2023 Data Release appeared first on The GitHub Blog. ⌘ Read more
Using CVE-2023-43641 as an example, I’ll explain how to develop an exploit for a memory corruption vulnerability on Linux. The exploit has to bypass several mitigations to achieve code execution.
The post Cueing up a calculator: an introduction to exploit development on Linux appeared first ... ⌘ Read more
Learn how we’re experimenting with generative AI models to extend GitHub Copilot across the developer lifecycle.
The post How we’re experimenting with LLMs to evolve GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
Customers using GitHub Enterprise Server can gain more insight and understanding into the security of their code.
The post GitHub Enterprise Server 3.11 is now generally available appeared first on The GitHub Blog. ⌘ Read more
Learn how researchers and security experts at GitHub, Microsoft, and Santander came together to address the challenges presented by the post-quantum cryptography world.
The post Addressing post-quantum cryptography with CodeQL appeared first on The GitHub Blog. ⌘ Read more
If you're on the hunt for the perfect holiday gifts for the developer who has it all, look no further. We’ve curated a list of 10 must-have items (plus a few more) that strike the perfect balance between practicality and style.
The post [The ultimate gifts for the developer in your life this holiday season](https://github.blog/2023-12-04-the-ultimate-gifts-for-the-developer-in-your-life-this-holid ... ⌘ Read more
Explore July’s Insider newsletter, featuring prompts, tips, and use cases for GitHub Copilot.
The post From the pages of our Insider newsletter: How to use GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
The GitHub Security Lab examined the most popular open source software running on our home labs, with the aim of enhancing its security. Here's what we found and what you can do to better protect your own smart home.
The post Securing our home labs: Home Assistant code review appeared first on The GitHub Blog. ⌘ Read more
For Good First Issue is a curated list of open source projects that are also digital public goods and need the help of developers.
The post For Good First Issue: Introducing a new way to contribute appeared first on The GitHub Blog. ⌘ Read more
The last Git release of 2023 is here! Take a look at some of our highlights on what's new in Git 2.43.
The post Highlights from Git 2.43 appeared first on The GitHub Blog. ⌘ Read more
Improve your GitHub Action’s security posture by securing your source repository, protecting your maintainers, and making it easy to report security incidents.
The post Security best practices for authors of GitHub Actions appeared first on The GitHub Blog. ⌘ Read more
Discover new AI-powered features and tools to help developers stay in the flow and organizations innovate at scale.
The post [Universe’s key takeaway: Innovate better with AI-powered workflows on a single, unified platform](https://github.blog/2023-11-15-universes-key-takeaway-innovate-better-with-ai-powered-workflows-on-a-single-unified-pla ... ⌘ Read more
In October, we experienced two incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: October 2023 appeared first on The GitHub Blog. ⌘ Read more
The GitHub Awards recognizes and celebrates the outstanding contributions and achievements in the developer community, honoring individuals, projects, and organizations for their impactful work, innovation, thought leadership, and creating an outsized positive impact on the community.
The post Celebrating the GitHub Awards 2023 recipients 🎉 appeared first on [The ... ⌘ [Read more](https://github.blog/2023-11-09-celebrating-the-github-awards-2023-recipients/)
GitHub is announcing general availability of GitHub Copilot Chat and previews of the new GitHub Copilot Enterprise offering, new AI-powered security features, and the GitHub Copilot Partner Program.
The post [Universe 2023: Copilot transforms GitHub into the AI-powered developer platform](https://github.blog/2023-11-08-universe-2023-copilot-transforms-github-into-the-ai-powered- ... ⌘ Read more
In this year’s Octoverse report, we study how open source activity around AI, the cloud, and Git are changing the developer experience.
The post Octoverse: The state of open source and rise of AI in 2023 appeared first on The GitHub Blog. ⌘ Read more
Learn about how GitHub Advanced Security’s new AI-powered features can help you secure your code more efficiently than ever.
The post Introducing AI-powered application security testing with GitHub Advanced Security appeared first on The GitHub Blog. ⌘ Read more
GitHub Universe 2023 is just around the corner! Join us and learn how GitHub is leveraging AI to empower all developers, including developers with disabilities.
The post Leveraging AI to empower all developers at GitHub Universe 2023 appeared first on The GitHub Blog. ⌘ Read more
Celebrate the maintainers of the first GitHub Accelerator cohort, learn what they have been up to since, and hear what’s next for GitHub Accelerator.
The post Celebrating the first round of GitHub Accelerator and what’s next appeared first on The GitHub Blog. ⌘ Read more
It’s the moment you’ve all been waiting for. Are you ready?
The post GitHub Game Off 2023 theme announcement appeared first on The GitHub Blog. ⌘ Read more
We expanded diversity of our employee base, launched several new employee engagement programs, made investments to improve accessibility, and more.
The post Diversity, inclusion, and belonging at GitHub in 2023 appeared first on The GitHub Blog. ⌘ Read more
It’s time for our biannual transparency report, where we share how we approach content moderation and disclosure of user information. This year, we’re introducing the transparency center, a new platform for our transparency reporting data.
The post Introducing the GitHub transparency center appeared first on The GitHub Blog. ⌘ Read more
As Hacktoberfest comes to a close, you still have a day or so left to complete and submit your pull requests. If you’re struggling to think of projects to contribute to, our picks below might help you. This edition of the Release Radar covers a few projects that shipped major version updates this August and […]
The post Release Radar · Hacktoberfest 2023 Edition appeared first on [The GitHub Blog](https://github.bl ... ⌘ Read more
Here’s everything you need to know to build your first LLM app and problem spaces you can start exploring today.
The post The architecture of today’s LLM applications appeared first on The GitHub Blog. ⌘ Read more
13 spooktacular games plus source code for readers to jam on.
The post Hackable Halloween games MMXXIII appeared first on The GitHub Blog. ⌘ Read more
Explore how LLMs generate text, why they sometimes hallucinate information, and the ethical implications surrounding their incredible capabilities.
The post Demystifying LLMs: How they can do things they weren’t trained to do appeared first on The GitHub Blog. ⌘ Read more
From starting at GitHub over 10 years ago as a developer to becoming the Chief Operating Officer, I’ve learned that developers are often bellwethers for change across the rest of their organizations. That makes investing in—and learning from—them critical.
The post [Developers are the first group to adopt AI at work. Here’s why that matters.](https://github.blog/2023-10-27-developers-ar ... ⌘ Read more
Your profile’s README invites the world to know you and your work, so it’s important that everyone can read and understand it. In this post, we share some tips for making your README more accessible.
The post 5 tips for making your GitHub profile page accessible appeared first on The GitHub Blog. ⌘ Read more
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program—@Ammar Askar!
The post Cybersecurity spotlight on bug bounty researcher @Ammar Askar appeared first on The GitHub Blog. ⌘ Read more
We're excited to share with you the contributors Action! At GitHub, we maintain several open source repositories and have developed this Action to empower maintainers to measure how many new and returning contributors and contributions have occurred over any given time period.
The post How to gain insight into your project contributors appeared first ... ⌘ Read more
The effectiveness of a static application security solution hinges on its ability to provide extensive vulnerability coverage and support for a wide range of languages and frameworks. Today, we’re highlighting two releases that’ll help you discover more vulnerabilities in your codebase, so you can ship more secure software.
The post [ICYMI: improved C++ vulnerability coverage and CodeQL support ... ⌘ [Read more](https://github.blog/2023-10-19-icymi-improved-c-vulnerability-coverage-and-codeql-support-for-lombok/)
Gain actionable insights about the intersection of AI and human skills, while tackling ethics, accessibility, and productivity at these GitHub Universe sessions.
The post Your curated GitHub Universe agenda: AI, ethics, and productivity appeared first on The GitHub Blog. ⌘ Read more
Atlassian is ending support for its Server products—including Bitbucket Server—in February 2024. In this post, you’ll learn what that means for you, your options, and how you can move to GitHub.
The post [The clock is ticking: Atlassian’s support for Bitbucket Server ends on February 15, 2024](https://github.blog/2023-10-17-the-clock-is-ticking-atlassians-support ... ⌘ Read more
In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post [Getting RCE in Chrome with incomplete object initialization in the Maglev compiler](https://github.blog/2023-10-17-getting-rce-in-chrome-with-incomplete-object-initialization-in-the- ... ⌘ Read more
Use our new open source Trace2 receiver component and OpenTelemetry to capture and visualize telemetry from your Git commands.
The post Measuring Git performance with OpenTelemetry appeared first on The GitHub Blog. ⌘ Read more
The twelfth annual js13kGames coding competition, challenging participants to create games in 13kB or less of JavaScript in a month, just wrapped up. This post highlights the top thirteen entries.
The post js13kGames 2023 winners 🏆 appeared first on The GitHub Blog. ⌘ Read more
If you are a student from a U.S. minority-serving institution looking to start your journey into open source, join us!
The post Ensuring the next generation of open source leaders are truly “all in” appeared first on The GitHub Blog. ⌘ Read more
In September, we experienced two incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: September 2023 appeared first on The GitHub Blog. ⌘ Read more
GitHub Enterprise Cloud customers can now ensure controlled workflows run and pass before code is merged into any of its repositories.
The post Enforcing code reliability by requiring workflows with GitHub Repository Rules appeared first on [The GitHub Blog](https://g ... ⌘ Read more
Findings show that code quality is better across the board and developers felt more confident, too.
The post Research: Quantifying GitHub Copilot’s impact on code quality appeared first on The GitHub Blog. ⌘ Read more
CVE-2023-43641 is a vulnerability in libcue, which can lead to code execution by downloading a file on GNOME.
The post [Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)](https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/) appeared first on The GitHub Blog. ⌘ Read more
GitHub Copilot Chat can help you learn about accessibility and improve the accessibility of your code. In this blog, we share a sample foundational prompt that instructs GitHub Copilot Chat to become your personal AI assistant for accessibility.
The post [Prompting GitHub Copilot Chat to become your personal AI assistant for accessibility](https://github.blog/2023-10- ... ⌘ Read more
All In Africa is a gateway to growth, learning, and meaningful connections within the African open source ecosystem and beyond.
The post Skilling African developers through All In Africa appeared first on The GitHub Blog. ⌘ Read more
Open source generative AI projects are a great way to build new AI-powered features and apps.
The post A developer’s guide to open source LLMs and generative AI appeared first on The GitHub Blog. ⌘ Read more
Learn more about how we use GitHub to build GitHub, how we turned our guiding communications principles into prescriptive practices to manage our internal communications signal-to-noise ratio, and how you can contribute to the ongoing conversation.
The post [How to communicate like a GitHub engineer: our principles, practices, and tools](https://github.blog/2023-10-04-how-to-commu ... ⌘ Read more
Secret scanning now performs validity checks for select AWS, Microsoft, Google, and Slack tokens.
The post Introducing secret scanning validity checks for major cloud services appeared first on The GitHub Blog. ⌘ Read more
GitHub Sponsors has partnered with Patreon. We’re also expanding to new regions.
The post Sponsors is expanding appeared first on The GitHub Blog. ⌘ Read more