How GitHub measures and improves reliability, security, and developer happiness with automated deployments.

How GitHub measures and improves reliability, security, and developer happiness with automated deployments.

npm is the world’s largest package registry, powering the world’s largest development community—JavaScript. Without them, npm would not be where it is today, and we know that maintaining open lines of communication and bringing transparency

Outubro é um mês especial no mundo do desenvolvimento de software. Há 7 anos a Hacktoberfest — um festival que celebra a comunidade open source — incentiva pessoas desenvolvedoras a contribuir para projetos open source

Like our global community, we’ve had a year of challenges and extremes at GitHub, and I’m grateful everyday for our culture as our foundation of strength and resilience. We started our fiscal year in July

@demetris11 embarks on a journey of curiosity and discovery in her new role overseeing DI&B strategy at GitHub

@demetris11 embarks on a journey of curiosity and discovery in her new role overseeing DI&B strategy at GitHub

The open source Git project just released Git 2.29 with features and bug fixes from over 89 contributors, 24 of them new. Last time we caught up with you, Git 2.28 had just been released. One version later, let’s

We regularly update our policies to reflect the evolution of our products, changing legal requirements, and user feedback. In this update, we’ve made some changes to our Terms of Service, Privacy Statement, and other site

This article originally appeared in TechCrunch, and is republished here with permission. The Supreme Court heard arguments October 7 in Google v. Oracle. This case raises a fundamental question for software developers and the open

A lot of work went into figuring out how to sync a public and private docs repo.

In the newest version of GitHub for mobile, we’re shipping a bunch of features that make code review easier, faster, and more productive.

The ninth annual js13kGames competition wrapped up last weekend with over 220 games submitted. All created in a month and in less than 13kB of JavaScript. For anyone not in the know, js13kGames is a

In September, we experienced one incident resulting in significant impact to the GitHub Pages service.

Last week we launched code scanning out of beta and have since announced integrations with static analysis and developer security training solutions. By expanding our GitHub security ecosystem, developers can use their tools of choice

As policymakers grapple with how to address hate speech and disinformation on the internet, they’re eying the legal structure underpinning collaborative software development: legal safe harbors. These safe harbors protect online platforms from liability for

Limit use of external actions within Actions workflow for enterprises, organizations, and repositories.

Last week, we launched code scanning for all open source and enterprise developers, and we promised we’d share more on our extensibility capabilities and the GitHub security ecosystem. Today, we’re happy to introduce 10 new

This post is the second in our series on using GitHub for MLOps and data science. Just joining in? Get started with part one. Most continuous integration (CI) tools only focus on providing ways to

This post is the second in our series on using GitHub for MLOps and data science. Just joining in? Get started with part one. Most continuous integration (CI) tools only focus on providing ways to

Earlier this month we were thrilled to welcome the OpenJDK Community to GitHub. The communities migration effort, codenamed Project ‘Skara’, brought JDK 16 main-line development into GitHub. The JDK project is at the heart of the Java community

Now available, code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production.

Now available, code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production.

We recently shipped support for the origin-bound draft standard for security codes delivered via SMS. This standard ensures security codes are entered in a phishing-resistant manner. It accomplishes this by binding an SMS with the sending site’s origin. In

Remote Education explores the challenges of organizing student communities and events online. We’ll be speaking with event organizers and community leaders in the industry and academics each week to help you bring your community online

In this interview, we dig deeper with Maya Kaczorowski on what DevSecOps is, and how to apply it. It’s a mindset shift in how development teams think about security. DevSecOps is about making all parties who are part of the application development lifecycle accountable for security of the application.

GitHub Enterprise Server 2.22 is now here with GitHub Actions, Packages and Advanced Security Code Scanning available for the very first time.

It’s now even easier to review logs from your GitHub Actions workflow runs. We’ve introduced several improvements to make the experience more performant, precise, and pleasing to use. Why these changes matter When we think

A free two-day single track conference live on September 24 - 25, 2020 in celebration of our culture and LatinX heritage month. You will join a live stream of interactive talks by industry experts in both Spanish, Portuguese and English, with live captioning and translation. Topics will include software development, security, technical project management, civic tech, open source, professional development and best practices.

Lee este artículo en español Estamos muy entusiasmados en anunciar nuestro siguiente evento virtual en América Latina: GitHub ¡Presente! en Español El primer evento será el Martes 22 de Septiembre a las 16:00, hora de

GitHub CLI brings GitHub to your terminal. It reduces context switching, helps you focus, and enables you to more easily script and create your own workflows. Earlier this year, we announced the beta of GitHub

This post is the second in a series on access and the U.S. elections. Hear from Software Engineer and GitHub Senior Director of Strategic Programs, Kyle Daigle, on his experience volunteering at his local election office.

Announcing the public beta of our new integration between GitHub and Microsoft Teams.

Remote Education explores the challenges of organizing student communities and events online. We’ll be speaking with event organizers and community leaders in the industry and academics every week to help you bring your community online

GitHub is home to the world’s largest community of developers who share their code, work together, and build amazing things. But out of those millions of developers on GitHub, there are a few who go

At GitHub, we spend a lot of time thinking about and building secure products—and one key facet of that is threat modeling. This practice involves bringing security and engineering teams together to discuss systems, ultimately

A software supply chain is anything that goes into, or affects your code. Even though supply chain compromises are real, and growing in popularity, they’re still extremely rare - and so the most important thing you can do to protect your supply chain is patch your vulnerabilities. Then, to successfully secure your software supply chain, you need to understand the dependencies in your environment, know about vulnerabilities in those dependencies, and quickly patch them. For Software Composition Analysis (SCA) capabilities native to GitHub, use Dependency Graph, Dependabot alerts, and Dependabot security and version updates to automate the hard work.