An analysis on developer-security researcher interactions in the vulnerability disclosure process
We put out a call to open source developers and security researchers to talk about the security vulnerability disclosure process. Here’s what we found. ⌘ Read more

GitHub security update: Vulnerabilities in tar and @npmcli/arborist
Between July 21, 2021 and August 13, 2021 we received reports through one of our private security bug bounty programs from researchers regarding vulnerabilities in tar and @npmcli/arborist. ⌘ Read more

Increasing developer happiness with GitHub code scanning
How GitHub uses code scanning to increase developer happiness, and how you can too. ⌘ Read more

Release Radar · August 2021 Edition
The end of financial year is complete, tax time is over, and everyone is back to shipping awesome projects. During August, our community has been super busy shipping lots of new updates. These new releases ⌘ Read more

Introducing the MLH Fellowship: GitHub Externship Track
Applications are now open for the MLH Fellowship: GitHub Externship Track. Apply by September 13. ⌘ Read more

GitHub Availability Report: August 2021
In August, we experienced two distinct incidents resulting in significant impact and degraded state of availability for Git operations, API requests, webhooks, issues, pull requests, GitHub Pages, GitHub Packages, and GitHub Actions services. ⌘ Read more

Improving Git protocol security on GitHub
We’re changing which keys are supported in SSH and removing unencrypted Git protocol. Only users connecting via SSH or git:// will be affected. If your Git remotes start with https://, nothing in this post will affect you. If you’re an SSH user, read on for the details and timeline. ⌘ Read more

Introducing GitHub Global Campus
Calling all students! Get the most out of your GitHub Education experience by joining the GitHub student community on our new digital campus. ⌘ Read more

Vague infringement allegations considered harmful
Ensuring that software copyright allegations are specific and actionable benefits the entire developer ecosystem. That’s why GitHub submitted a “friend of the court” brief in the SAS Institute, Inc. v. World Programming Ltd. case before a Federal Court of Appeals. ⌘ Read more

Request for proposals: Defining standardized GitHub metrics
The GitHub Social Impact and Policy teams are issuing a Request for Proposal (RFP) for a researcher to define a list of publicly available GitHub platform usage metrics by country for international development, public policy and economics disciplines. ⌘ Read more

30 free and open source Linux games – part 3
With Linux celebrating it’s 30 year anniversary, I thought I’d use that as an excuse to highlight 30 of my favorite free and open source Linux games, their communities, and their stories. If you’ve haven’t ⌘ Read more

30 free and open source Linux games – part 2
Linux is celebrating its 30-year anniversary, so I’m taking the opportunity to highlight 30 of my favorite free and open source Linux games, their communities, and their stories.   I shared the first 10 yesterday. ⌘ Read more

2021 Transparency Report: January to June
We’re reporting on a six-month period rather than annually to increase our level of transparency. For this report, we’ve added more granularity to our 2020 stats. ⌘ Read more

GitHub CLI 2.0 includes extensions!
GitHub CLI 2.0 is now available, making it easy to create and share your own custom commands to make your experience even more powerful. ⌘ Read more

The npm registry is deprecating TLS 1.0 and TLS 1.1
Beginning October 4, 2021, all connections to npm websites and the npm registry, including for package installation, must use TLS 1.2 or higher. ⌘ Read more

Enhanced support for citations on GitHub
We’re excited to support researchers and academics on GitHub with enhanced citation support through `CITATION.cff` files. ⌘ Read more

GitHub Discussions is out of beta
GitHub Discussions is now out of beta, with features that include labels, Discussions GraphQL API and webhooks, and mobile functionality. ⌘ Read more

Highlights from Git 2.33
The open source Git project just released Git 2.33 with features and bug fixes from over 74 contributors, 19 of them new. We last caught up with you on the latest in Git when 2.31 ⌘ Read more

Securing your GitHub account with two-factor authentication
The benefits of multifactor authentication are widely documented, and there are a number of options for using 2FA on GitHub. ⌘ Read more

What’s new from GitHub Changelog? July 2021 Recap
A public beta for CodeQL package manager, additional options to manage Actions runs from first-time contributors, GitHub Discussions translation, and more. ⌘ Read more

Seamless teaching and learning through GitHub Classroom and Visual Studio Code
This GitHub Classroom extension for Visual Studio Code provides a simplified introduction to Git, GitHub Classroom, and Visual Studio Code. ⌘ Read more

GitHub’s Engineering Team has moved to Codespaces
Over the past months, we’ve left our macOS model behind and moved to Codespaces for the majority of GitHub.com development. ⌘ Read more

August 2021 Campus Experts applications are open!
The GitHub Campus Expert applications are officially open for the August 2021 generation! ⌘ Read more

Release Radar · Mid-year 2021 Edition ⌘ Read more…

GitHub Availability Report: July 2021 ⌘ Read more…

15+ new code scanning integrations with open source security tools ⌘ Read more…

Standing up for developers: the GitHub Developer Rights Fellowship at Stanford Law School ⌘ Read more…

Minimum Viable Governance: lightweight community structure to grow your FOSS projects ⌘ Read more…

GitHub brings supply chain security features to the Go community ⌘ Read more…

Student leaders are taking GitHub Campus TV to the next level ⌘ Read more…

What’s new from GitHub Changelog? June 2021 Recap ⌘ Read more…

Adding support for cross-cluster associations to Rails 7 ⌘ Read more…

GitHub Availability Report: June 2021 ⌘ Read more…

Introducing GitHub Copilot: your AI pair programmer ⌘ Read more…

Seven years of the GitHub Security Bug Bounty program ⌘ Read more…

Run online campus events with your favorite tools at no cost with the new GitHub Virtual Event Kit ⌘ Read more…

Introducing the new GitHub Issues ⌘ Read more…

A framework for building Open Graph images ⌘ Read more…

GitHub Packages Container registry is generally available ⌘ Read more…

GitHub Desktop 2.9 includes squashing, reordering, amending, and more! ⌘ Read more…

Blacktocats turn five ⌘ Read more…

What’s new from GitHub Changelog? May 2021 Recap ⌘ Read more…

Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug ⌘ Read more…

Securing the open source supply chain by scanning for package registry credentials ⌘ Read more…

Updates to our policies regarding exploits, malware, and vulnerability research ⌘ Read more…

Release Radar · May 2021 Edition ⌘ Read more…

GitHub Enterprise Server 3.1 is now generally available ⌘ Read more…

GitHub Availability Report: May 2021 ⌘ Read more…

Github Social Impact: How we’re driving change with social sector organizations ⌘ Read more…

Why (and how) GitHub is adopting OpenTelemetry ⌘ Read more…