Have not tried any of them, but some of these seem to fit the bill:
Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties
In this post, I’ll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post [Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties](https://github.blog/2024-06-26-attack-of-the-cl … ⌘ Read more
Beginner’s guide to GitHub repositories: How to create your first repo
Git started on your first repository in the third installment of GitHub for Beginners. Discover the essential features and settings to manage your projects effectively.
The post Beginner’s guide to GitHub repositories: How to create your first repo appeared first on [The GitHub Blog](https … ⌘ Read more
Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects
Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in Ruby projects.
The post [Execute c … ⌘ Read more
New Beta Feature: Deep Dive into GitHub Actions Docker Builds with Docker Desktop
Learn about the new Docker Build Summary feature in GitHub Actions that helps provide a deeper understanding of your Docker builds. ⌘ Read more
GitHub Enterprise Server 3.13 is now generally available
With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.
The post GitHub Enterprise Server 3.13 is now generally available appeared first on The GitHub Blog. ⌘ Read more
Unlocking the power of unstructured data with RAG
Unstructured data holds valuable information about codebases, organizational best practices, and customer feedback. Here are some ways you can leverage it with RAG , or retrieval-augmented generation.
The post Unlocking the power of unstructured data with RAG appeared first on The GitHub Blog. ⌘ Read more
GitHub Availability Report: May 2024
In May, we experienced one incident that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: May 2024 appeared first on The GitHub Blog. ⌘ Read more
Leveraging technology on the frontlines of emergency: How communities of developers are taking action
From sending emergency alerts about nearby fires to mapping services in refugee camps, developers are taking action to solve global problems.
The post [Leveraging technology on the frontlines of emergency: How communities of developers are taking action](https://github.blog/2024-06-12-leveraging-technology-on-the-frontlines-of-emergenc … ⌘ Read more
How we improved push processing on GitHub
Pushing code to GitHub is one of the most fundamental interactions that developers have with GitHub every day. Read how we have significantly improved the ability of our monolith to correctly and fully process pushes from our users.
The post How we improved push processing on GitHub appeared first on The GitHub Blog. ⌘ Read more
10 years of the GitHub Security Bug Bounty Program
Let’s take a look at 10 key moments from the first decade of the GitHub Security Bug Bounty program.
The post 10 years of the GitHub Security Bug Bounty Program appeared first on The GitHub Blog. ⌘ Read more
Docker Desktop 4.31: Air-Gapped Containers, Accelerated Builds, and Beta Releases of Docker Desktop on Windows on Arm, Compose File Viewer, and GitHub Actions
Docker Desktop 4.31 release offers new features to empower developers, including: air-gapped containers, accelerated builds, and beta releases of Docker Desktop on Windows on Arm (WoA) and Compose File Viewer. ⌘ Read more
Top 12 Git commands every developer must know
The latest installment of GitHub for Beginners, where we cover the essential Git commands to get you Git-literate.
The post Top 12 Git commands every developer must know appeared first on The GitHub Blog. ⌘ Read more
How GitHub reduced testing time for iOS apps with new runner features
Learn how GitHub used macOS and Apple Silicon runners for GitHub Actions to build, test, and deploy our iOS app faster.
The post How GitHub reduced testing time for iOS apps with new runner features appeared first on The GitHub Blog. ⌘ Read more
Arm64 on GitHub Actions: Powering faster, more efficient build systems
GitHub Actions now offers Arm-hosted runners with images built by Arm for developers to begin building on the latest and most sustainable processors on the market.
The post Arm64 on GitHub Actions: Powering faster, more efficient build systems appeared first on [The GitHub Blog](https://github.b … ⌘ Read more
Remko Tronçon: Packaging Swift apps for Alpine Linux
While trying to build my Age Apple Secure Enclave plugin, a small Swift CLI app, on Alpine Linux, I found out that Swift isn’t able to create musl binaries. This means none of the pre-built Linux binaries (nor the Swift compiler) work on Alpine. The assumption that Linux implies glibc apparently runs deep into the Swift internals, so although some work i … ⌘ Read more
GitHub and JFrog partner to unify code and binaries for DevSecOps
This partnership between GitHub and JFrog enables developers to manage code and binaries more efficiently on two of the most widely used developer platforms in the world.
The post GitHub and JFrog partner to unify code and binaries for DevSecOps appeared first on The GitHub Blog. ⌘ Read more
Is testing in production even possible?
Community post by Antonio Berben, Principal Solutions Architect at Solo.io (Linkedin | GitHub) In a Testing In Production (TIP) scenario, a critical aspect is routing traffic based on runtime contextual data. This data, often referred to as routing… ⌘ Read more
What is Git? Our beginner’s guide to version control
Let’s get you started on your Git journey with basic concepts to know, plus a step-by-step on how to install and configure the most widely used version control system in the world.
The post What is Git? Our beginner’s guide to version control appeared first on The GitHub Blog. ⌘ Read more
Ignite Realtime Blog: New Openfire plugin: XMPP Web!
We are excited to be able to announce the immediate availability of a new plugin for Openfire: XMPP Web!
This new plugin for the real-time communications server provided by the Ignite Realtime community allows you to install the third-party webclient named ‘ XMPP Web’ in mere seconds! By installing this new plugin, the web client is immediately ready for use.
This new pl … ⌘ Read more
2024 GitHub Accelerator: Meet the 11 projects shaping open source AI
Announcing the second cohort, delivering value to projects, and driving a new frontier.
The post 2024 GitHub Accelerator: Meet the 11 projects shaping open source AI appeared first on The GitHub Blog. ⌘ Read more
“@docker can you help me…”: An Early Look at the Docker Extension for GitHub Copilot
Announcing the Docker extension for GitHub Copilot (@docker), a plugin that extends GitHub Copilot’s technology to assist developers in working with Docker. ⌘ Read more
Introducing GitHub Copilot Extensions: Unlocking unlimited possibilities with our ecosystem of partners
The world of Copilot is getting bigger, improving the developer experience by keeping developers in the flow longer and allowing them to do more in natural language.
The post Introducing GitHub Copilot Extensions: Unlocking unlimited possibilities with our ecosystem of partners appeared first on [The GitHub Blog](https://gi … ⌘ Read more
Erlang Solutions: Instant Scalability with MongooseIM and CETS
The main feature of the recently released MongooseIM 6.2.1 is the improved CETS in-memory storage backend which makes it much easier to scale up.
It is difficult to predict how much traffic your XMPP server will need to handle. Are you going to have thousands or millions of connected users? … ⌘ Read more
Scaling accessibility within GitHub and beyond
GitHub celebrates Global Accessibility Awareness Day by launching another installment of the Coding Accessibility series and sharing how we scale accessibility within GitHub and beyond.
The post Scaling accessibility within GitHub and beyond appeared first on The GitHub Blog. ⌘ Read more
Securing Git: Addressing 5 new vulnerabilities
Git is releasing several new versions to address five CVEs. Upgrading to the latest Git version is essential to protect against these vulnerabilities.
The post Securing Git: Addressing 5 new vulnerabilities appeared first on The GitHub Blog. ⌘ Read more
Research: Quantifying GitHub Copilot’s impact in the enterprise with Accenture
We conducted research with developers at Accenture to understand GitHub Copilot’s real-world impact in enterprise organizations.
The post Research: Quantifying GitHub Copilot’s impact in the enterprise with Accenture appeared first on [The GitHub Blog](https://github.blog … ⌘ Read more
Say hello to the SPORTech collection
Whether you’re a rookie coder or a seasoned pro, our new SPORTech shop collection is tailored for you. And here’s the kicker: we’re offering free delivery worldwide over $20 until May 20!
The post Say hello to the SPORTech collection appeared first on The GitHub Blog. ⌘ Read more
GitHub Availability Report: April 2024
In April, we experienced four incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: April 2024 appeared first on The GitHub Blog. ⌘ Read more
How AI enhances static application security testing (SAST)
Here’s how SAST tools combine generative AI with code scanning to help you deliver features faster and keep vulnerabilities out of code.
The post How AI enhances static application security testing (SAST) appeared first on The GitHub Blog. ⌘ Read more
Just launched: Second cohort of the DPG Open Source Community Manager Program!
Are you looking to have a positive impact in open source development? This program may be for you! Apply by May 30 to join.
The post Just launched: Second cohort of the DPG Open Source Community Manager Program! appeared first on The GitHub Blog. ⌘ Read more
Viddy, a modern watch(1) alternative with paging, visual diffs, and history: https://github.com/sachaos/viddy
How we’re building more inclusive and accessible components at GitHub
We’ve made improvements to the way users of assistive technology can interact with and navigate lists of issues and pull requests and tables across GitHub.com.
The post How we’re building more inclusive and accessible components at GitHub appeared first on The GitHub Blog. ⌘ Read more
GitHub Copilot Chat in GitHub Mobile is now generally available
With GitHub Copilot Chat in GitHub Mobile, developers can collaborate, ask coding questions, and gain insights into both public and private repositories anywhere, anytime–all in natural language for users on all GitHub Copilot plans.
The post GitHub Copilot Chat in GitHub Mobile is now generally available appeared first on The GitHub Blog. ⌘ Read more
Create a home for your community with GitHub Discussions
GitHub Community-in-a-box provides the tooling, resources, and knowledge you need to build internal communities of learning at scale with GitHub Discussions.
The post Create a home for your community with GitHub Discussions appeared first on The GitHub Blog. ⌘ Read more
Dependabot on GitHub Actions and self-hosted runners is now generally available
A quick guide on the advantages of Dependabot as a GitHub Actions workflow and the benefits this unlocks, including self-hosted runner support.
The post Dependabot on GitHub Actions and self-hosted runners is now generally available appeared first on [The GitHub Bl … ⌘ Read more
Introducing Artifact Attestations–now in public beta
Generate and verify signed attestations for anything you make with GitHub Actions.
The post Introducing Artifact Attestations–now in public beta appeared first on The GitHub Blog. ⌘ Read more
Celebrating 1 year of A11y Design Bootcamp: Takeaways and tips
A11y Design Bootcamp is a live educational program that consists of exercises, discussions, and knowledge shares to raise awareness of web accessibility best practices, the role designers play in creating accessible products, and how to advocate for accessibility with cross-functional partners.
The post [Celebrating 1 year of A11y Design Bootcamp: Takeaways and tips](https://github.blog/2024-05-02-celebrating-1- … ⌘ Read more
Empowering accessibility: GitHub’s journey building an in-house Champions program
As part of GitHub’s dedication to accessibility, we expanded our internal accessibility program and scaled up our internal auditing process to help remove or lower barriers for users with disabilities. Then, we empowered employees from various disciplines to drive accessibility efforts within their teams.
The post [Empowering accessibility: GitHub’s journey building an … ⌘ Read more
5 tips to supercharge your developer career in 2024
From mastering prompt engineering to leveraging AI for code security, here’s how you can excel in today’s competitive job market.
The post 5 tips to supercharge your developer career in 2024 appeared first on The GitHub Blog. ⌘ Read more
@movq@www.uninformativ.de Maybe something for you: 7.css - A CSS framework for recreating Windows 7 UI
Where does your software (really) come from?
GitHub is working with the OSS community to bring new supply chain security capabilities to the platform.
The post Where does your software (really) come from? appeared first on The GitHub Blog. ⌘ Read more
Highlights from Git 2.45
Git 2.45 is here with experimental support for reftables, and SHA-256 interoperability. Get our take on the latest here.
The post Highlights from Git 2.45 appeared first on The GitHub Blog. ⌘ Read more
GitHub Copilot Workspace: Welcome to the Copilot-native developer environment
We’re redefining the developer environment with GitHub Copilot Workspace - where any developer can go from idea, to code, to software all in natural language.
The post GitHub Copilot Workspace: Welcome to the Copilot-native developer environment appeared first on The GitHub Blog. ⌘ Read more
CodeQL zero to hero part 3: Security research with CodeQL
Learn how to use CodeQL for security research and improve your security research workflow.
The post CodeQL zero to hero part 3: Security research with CodeQL appeared first on The GitHub Blog. ⌘ Read more
@prologic@twtxt.net and @bender@twtxt.net for a start a single user twtxt/yarn pod could look like this 😉
GitHub Actions, Arm64, and the future of automotive software development
Learn how GitHub’s Enterprise Cloud, GitHub Actions, and Arm’s latest Automotive Enhanced processors, work together to usher in a new era of efficient, scalable, and flexible automotive software creation.
The post GitHub Actions, Arm64, and the future of automotive software development app … ⌘ Read more
Securing millions of developers through 2FA
We’ve dramatically increased 2FA adoption on GitHub as part of our responsibility to make the software ecosystem more secure. Read on to learn how we secured millions of developers and why we’re urging more organizations to join us in these efforts.
The post Securing millions of developers through 2FA appeared first on The GitHub Blog. ⌘ Read more
Using open source to help the earth
This Earth Day, we discuss how tech and open source are helping two organizations combat the effects of a changing climate.
The post Using open source to help the earth appeared first on The GitHub Blog. ⌘ Read more