Insider newsletter digest: Cook up a controller with GitHub Copilot
Whether you’re coding up a storm or cooking up code, building a controller function with AI is your secret sauce to a flavorful app.

The post Insider newsletter digest: Cook up a controller with GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more

How to stay safe from repo-jacking
Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.

The post How to stay safe from repo-jacking appeared first on The GitHub Blog. ⌘ Read more

Empowering all developers to build without barriers
GitHub has been awarded the 2024 Axe Accessibility at Scale Award from Deque Systems. Read more about how we’ve implemented accessibility at scale.

The post Empowering all developers to build without barriers appeared first on The GitHub Blog. ⌘ Read more

Build code security skills with the GitHub Secure Code Game
Learn to find and fix security issues while having fun with Secure Code Game, now with new challenges focusing on JavaScript, Python, Go, and GitHub Actions!

The post Build code security skills with the GitHub Secure Code Game appeared first on The GitHub Blog. ⌘ Read more

GitHub Availability Report: January 2024
In January, we experienced three incidents that resulted in degraded performance across GitHub services.

The post GitHub Availability Report: January 2024 appeared first on The GitHub Blog. ⌘ Read more

Fixing security vulnerabilities with AI
A peek under the hood of GitHub Advanced Security code scanning autofix.

The post Fixing security vulnerabilities with AI appeared first on The GitHub Blog. ⌘ Read more

Bringing npm registry services to GitHub Codespaces
The npm engineering team recently transitioned to using GitHub Codespaces for local development for npm registry services. This shift to Codespaces has substantially reduced the friction of our inner development loop and boosted developer productivity.

The post Bringing npm registry services to GitHub Codespaces appeared first on [The GitHub Blog] … ⌘ Read more

Powering advancements of AI in the open: Apply now to GitHub Accelerator
Funding AI advancements in the open, and opening applications for second Accelerator cohort.

The post Powering advancements of AI in the open: Apply now to GitHub Accelerator appeared first on The GitHub Blog. ⌘ Read more

Get started with v4 of GitHub Actions Artifacts
We listened to your feedback and released new versions (v4) of actions/upload-artifact and actions/download-artifact. While this version of the actions to upload and download artifacts includes up to 10x performance improvements and several new features, there are also key differences from previous versions that may require updates to your workflows.

The post [Get started with v4 of GitHub Actions Artifacts](https://github.blog/2024-02-12-g … ⌘ Read more

The architecture of SAST tools: An explainer for developers
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.

The post The architecture of SAST tools: An explainer for developers appeared first on The GitHub Blog. ⌘ Read more

Copilot in GitHub Support is now available!
Experience AI-powered assistance for queries related to GitHub topics.

The post Copilot in GitHub Support is now available! appeared first on The GitHub Blog. ⌘ Read more

GitHub’s Engineering Fundamentals program: How we deliver on availability, security, and accessibility
The Fundamentals program has helped us address tech debt, improve reliability, and enhance observability of our engineering systems.

The post [GitHub’s Engineering Fundamentals program: How we deliver on availability, security, and accessibility](https://github.blog/2024-02-08-githubs-engineering-fundamentals-program-how-we-delive … ⌘ Read more

AppSec is harder than you think. Here’s how AI can help.
In practice, shifting left has been more about shifting the burden rather than the ability. But AI is bringing its promise closer to reality. Here’s how.

The post AppSec is harder than you think. Here’s how AI can help. appeared first on The GitHub Blog. ⌘ Read more

Release Radar · January 2024 Edition
The new year has kicked off, and developers are hard at work. We hope all our open source community members had a lovely holiday break and, we’re looking forward to seeing what you ship this year. 2024 is already off to a great start with open source projects releasing major updates. There’s everything here from […]

The post Release Radar · January 2024 Edition appeared first on The GitHub Blog. ⌘ Read more

Do you know if all your repositories have up-to-date dependencies?
Consider deploying the GitHub Action: Evergreen so that you know each of your repositories are leveraging active dependency management with Dependabot.

The post Do you know if all your repositories have up-to-date dependencies? appeared first on The GitHub Blog. ⌘ Read more

GitHub Fund 2024 and beyond: Looking to the future
Celebrate the first year of GitHub Fund, our first investments, and a brief look of where we’re going.

The post GitHub Fund 2024 and beyond: Looking to the future appeared first on The GitHub Blog. ⌘ Read more

How GitHub’s Developer Experience team improved innerloop development
Our latest solution to the ubiquitous engineering problem of integration testing in a distributed service ecosystem here at GitHub.

The post How GitHub’s Developer Experience team improved innerloop development appeared first on The GitHub Blog. ⌘ Read more

A guide to open source for the social sector
Calling all nonprofits! Do you want to implement open source software but don’t know where to start? We’ve got good news; you can easily get started by consulting our new guide.

The post A guide to open source for the social sector appeared first on The GitHub Blog. ⌘ Read more

Good DevEx increases productivity. Here is the data.
Explore how DevEx boosts productivity and innovation according to new research.

The post Good DevEx increases productivity. Here is the data. appeared first on The GitHub Blog. ⌘ Read more

How to get in the flow while coding (and why it’s important)
Explore what flow state entails, its benefits, and three tips for reaching it the next time you code.

The post How to get in the flow while coding (and why it’s important) appeared first on The GitHub Blog. ⌘ Read more

10 unexpected ways to use GitHub Copilot
GitHub Copilot is widely known for its code generation feature. Learn how the AI assistant’s abilities can extend beyond just code generation.

The post 10 unexpected ways to use GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more

Game Bytes · January 2024
Game Bytes is our monthly series taking a peek at the world of gamedev on GitHub—featuring game engine updates, game jam details, open source games, mods, maps, and more. Game on!

The post Game Bytes · January 2024 appeared first on The GitHub Blog. ⌘ Read more

Insider newsletter digest: Build from anywhere
Explore the August 2023 edition, featuring easy tips and tricks for GitHub Mobile.

The post Insider newsletter digest: Build from anywhere appeared first on The GitHub Blog. ⌘ Read more

New data and visualizations highlight the resilience of international developer collaboration
Discover the latest trends and insights on public software development activity on GitHub with the release of Q3 2023 data for the Innovation Graph.

The post [New data and visualizations highlight the resilience of international developer collaboration](https://github.blog/2024-01-18-new-data-and-visualizations-highlight-the-resilience-of-internation … ⌘ Read more

GitHub Availability Report: December 2023
In December, we experienced three incidents that resulted in degraded performance across GitHub services.

The post GitHub Availability Report: December 2023 appeared first on The GitHub Blog. ⌘ Read more

GitHub-hosted runners: Double the power for open source
GitHub Actions continues its industry-leading support for the OSS community by doubling the Windows/Linux machine size to 4-vCPU runners at no cost for public repositories.

The post GitHub-hosted runners: Double the power for open source appeared first on The GitHub Blog. ⌘ Read more

A developer’s second brain: Reducing complexity through partnership with AI
As we look to empower developers with AI tools, we inadvertently integrate AI deeper into the way developers work. How do developers feel about that? And what are the most impactful ways to introduce more AI into workflows? We recently conducted 25 in-depth interviews with developers to understand exactly that.

The post [A developer’s second brain: Reducing complexity through partnership … ⌘ Read more

Rotating credentials for GitHub.com and new GHES patches
GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.

The post [Rotating credentials for GitHub.com and new GHES patches](https://github.blog/2024-01-16-ro … ⌘ Read more

Empowering Uruguay’s future workforce with AI
During the second cycle of Git Commit Uruguay, students learned the basics of AI and built their own AI-powered projects.

The post Empowering Uruguay’s future workforce with AI appeared first on The GitHub Blog. ⌘ Read more

Game Off 2023 results 🏆
The GitHub Game Off results are in! All games have been rated, ranked, and reviewed. Read on for a look at the ten highest-rated submissions overall.

The post Game Off 2023 results 🏆 appeared first on The GitHub Blog. ⌘ Read more

GitHub Certifications are generally available
Unlock your full potential with GitHub Certifications! Earning a GitHub certification will give you the competitive advantage of showing up as a GitHub expert.

The post GitHub Certifications are generally available appeared first on The GitHub Blog. ⌘ Read more

GitHub and the Ekoparty 2023 Capture the Flag
The GitHub Security Lab teamed up with Ekoparty once again to create some challenges for its yearly Capture the Flag competition!

The post GitHub and the Ekoparty 2023 Capture the Flag appeared first on The GitHub Blog. ⌘ Read more

Frenemies to friends: Developers and security tools
When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let’s explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.

The post Frenemies to friends: Developers and security tools appeared first on [The GitHub Blog](http … ⌘ Read more

5 ways to make your DevSecOps strategy developer-friendly
Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.

The post 5 ways to make your DevSecOps strategy developer-friendly appeared first on The GitHub Blog. ⌘ Read more

Our move to generated SDKs
GitHub SDKs: software generated meets hand curated.

The post Our move to generated SDKs appeared first on The GitHub Blog. ⌘ Read more

GitHub Copilot Chat now generally available for organizations and individuals
All GitHub Copilot users can now enjoy natural language-powered coding with Copilot Chat at no additional cost.

The post GitHub Copilot Chat now generally available for organizations and individuals appeared first on The GitHub Blog. ⌘ Read more

GitHub’s top blog posts of 2023
As the year winds down, we’re highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers.

The post GitHub’s top blog posts of 2023 appeared first on The GitHub Blog. ⌘ Read more

How we organize and get things done with SERVICEOWNERS
Take CODEOWNERS and GitHub teams to the next level. Learn about how GitHub engineering solves the age old problem of who owns what.

The post How we organize and get things done with SERVICEOWNERS appeared first on The GitHub Blog. ⌘ Read more

From migration tools to updates to Enterprise Managed Users, what’s new in GitHub Enterprise
Read a round-up of the exciting, new innovation coming from GitHub Enterprise.

The post From migration tools to updates to Enterprise Managed Users, what’s new in GitHub Enterprise appeared first on [The GitHub Blog](https://githu … ⌘ Read more

Release Radar · End of 2023 Edition
Hacktoberfest has wrapped up, GitHub Universe has come to a close, and our community has been super hard at work. All the while people enjoyed turkey over thanksgiving and expressed gratitude for those around them. In this edition, we’d like to thank the open source community for all the awesome projects shipped over the past […]

The post Release Radar · End of 2023 Edition appeared first on [The GitHub Blog](https://gi … ⌘ Read more

Release Radar · Thanksgiving 2023 Edition
Hacktoberfest has wrapped up, GitHub Universe has come to a close, and our community has been super hard at work. All the while people have been enjoying turkey and expressing gratitude for those around them. In this edition, we’re thankful to the open source community and all the awesome projects shipped over the past two […]

The post Release Radar · Thanksgiving 2023 Edition appeared first on [The GitHub Blog](h … ⌘ Read more

Scaling vulnerability management across thousands of services and more than 150 million findings
Learn about how we run a scalable vulnerability management program built on top of GitHub.

The post Scaling vulnerability management across thousands of services and more than 150 million findings appeared first on … ⌘ Read more

GitHub Availability Report: November 2023
In November, we experienced one incident that resulted in degraded performance across GitHub services.

The post GitHub Availability Report: November 2023 appeared first on The GitHub Blog. ⌘ Read more

Securing our home labs: Frigate code review
This blog post describes two linked vulnerabilities found in Frigate, an AI-powered security camera manager, that could have enabled an attacker to silently gain remote code execution.

The post Securing our home labs: Frigate code review appeared first on The GitHub Blog. ⌘ Read more

Default setup now includes scheduled scans and supports all languages covered by CodeQL
We’ve added new improvements to default setup, including automatically scheduling scans on repositories and support for all CodeQL covered languages.

The post [Default setup now includes scheduled scans and supports all languages covered by CodeQL](https://github.blog/2023-12-13-default-setup-now-includes-scheduled-scans-and-supports-all-languages-covered-by-cod … ⌘ Read more

Upgrading GitHub.com to MySQL 8.0
GitHub uses MySQL to store vast amounts of relational data. This is the story of how we seamlessly upgraded our production fleet to MySQL 8.0.

The post Upgrading GitHub.com to MySQL 8.0 appeared first on The GitHub Blog. ⌘ Read more

From macOS runners to secure deployments, what’s new from GitHub Actions
Read a roundup of the exciting, new innovation coming from GitHub Actions.

The post From macOS runners to secure deployments, what’s new from GitHub Actions appeared first on The GitHub Blog. ⌘ Read more

GitHub Innovation Graph Q2 2023 Data Release
Discover the latest trends and insights on public software development activity on GitHub with the release of Q2 2023 data for the Innovation Graph.

The post GitHub Innovation Graph Q2 2023 Data Release appeared first on The GitHub Blog. ⌘ Read more

Cueing up a calculator: an introduction to exploit development on Linux
Using CVE-2023-43641 as an example, I’ll explain how to develop an exploit for a memory corruption vulnerability on Linux. The exploit has to bypass several mitigations to achieve code execution.

The post Cueing up a calculator: an introduction to exploit development on Linux appeared first … ⌘ Read more

How we’re experimenting with LLMs to evolve GitHub Copilot
Learn how we’re experimenting with generative AI models to extend GitHub Copilot across the developer lifecycle.

The post How we’re experimenting with LLMs to evolve GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more