Our response to the war in Ukraine
As the global response to the tragedies in Ukraine and other impacted regions continues to evolve, I wanted to share with our community an expansion of the message that I shared earlier this week with our Hubbers. ⌘ Read more
Google no longer allows in-app donations that don’t go through Google Play. https://github.com/streetcomplete/StreetComplete/issues/3768
A new way to understand your GitHub-hosted runner capacity
Explore and understand your overall GitHub-hosted Actions runner capacity with the new runner view. ⌘ Read more
Codespaces for the largest repositories just got faster
The ability to prebuild codespaces is entering public beta. Enable fast environment creation times, regardless of the size and complexity of your repositories. ⌘ Read more
Get started with ease using security workflows!
In-line with the other categories, workflows in the Security category will be recommended based on a repository’s content. ⌘ Read more
GitHub Advisory Database now open to community contributions
Anyone can now provide additional information to further the community’s understanding and awareness of security advisories. ⌘ Read more
Code scanning finds more vulnerabilities using machine learning
Today we launched new code scanning analysis features powered by machine learning. The experimental analysis finds more of the most common types of vulnerabilities. ⌘ Read more
Leveraging machine learning to find security vulnerabilities
A behind-the-scenes peek into the machine learning framework powering new code scanning security alerts. ⌘ Read more
How to make the most out of a mentoring relationship
Tips from our developer advocates on how and why to find a mentor. ⌘ Read more
Encoding and escaping untrusted data to prevent injection attacks
Practical tips on how to apply OWASP Top 10 Proactive Control C4. ⌘ Read more
GitHub Enterprise Server 3.4 improves developer productivity and adds reusable workflows to CI/CD
The GitHub Enterprise Server 3.4 release candidate delivers enhancements to make life easier and more productive, from keyboard shortcuts to auto-generated release notes! ⌘ Read more
The GitHub Stars in our eyes ⭐️
Over the past year, the GitHub Stars have made a tremendous impact in the community with their influence, inspiring and building communities and creating content to help everyone. ⌘ Read more
Announcing the 2022 MLH Fellowship Cohort, powered by GitHub
The MLH Fellowship, powered by GitHub, is a 12-week internship alternative for aspiring software engineers. Meet the 2022 cohort! ⌘ Read more
Include diagrams in your Markdown files with Mermaid
A picture tells a thousand words. Now you can quickly create and edit diagrams in markdown using words with Mermaid support in your Markdown files. ⌘ Read more
Getting started with project planning on GitHub
Stop context switching. Keep your team’s project planning next to your code. ⌘ Read more
How to start using reusable workflows with GitHub Actions
Reusable workflows offer a simple and powerful way to avoid copying and pasting workflows across your repositories. ⌘ Read more
Coordinated vulnerability disclosure (CVD) for open source projects
A comprehensive guide for vulnerability reporters. ⌘ Read more
Improving the developer experience for Dependabot alerts
Today, we’re shipping improvements to Dependabot alerts that make them easier to understand and remediate. ⌘ Read more
Release Radar · January 2022 Edition
Here’s January’s top staff picks on projects that shipped major version releases. ⌘ Read more
GitHub Availability Report: January 2022
In January, we experienced no incidents resulting in service downtime to our core services. ⌘ Read more
How to build a CI/CD pipeline with GitHub Actions in four simple steps
A quick guide on the advantages of using GitHub Actions as your preferred CI/CD tool—and how to build a CI/CD pipeline with it. ⌘ Read more
New sponsors-only repositories, custom amounts, and more
Along with the release of sponsors-only repositories, here’s a look at what’s new and what’s next for Sponsors. ⌘ Read more
Code scanning and Ruby: turning source code into a queryable database
A deep dive into how GitHub adds support for new languages to CodeQL. ⌘ Read more
Top-100 npm package maintainers now require 2FA, and additional security-focused improvements to npm
Starting today, we are rolling out mandatory 2FA to all maintainers of top-100 npm packages by dependents. ⌘ Read more
Dependency graph now supports GitHub Actions
The dependency graph helps developers and maintainers understand the code they depend on, and now includes GitHub Actions! ⌘ Read more
2021 Transparency Report
In GitHub’s latest transparency report, we’re giving you a by-the-numbers look at how we responded to requests for user info and content removal. ⌘ Read more
One year ago to the date I made the lastest update for #phpub2twtxt to github and now 365 days later I have published #pixelblog as its successor - lets see where things are going for trip around the sun
Thinking beyond SQL injection: OWASP tips for secure database access
When it comes to secure database access, there’s more to consider than SQL injections. OWASP Top 10 Proactive Control C3 offers guidance. ⌘ Read more
Get ready for Campus TV Season 2: 🌱 New Beginnings
Learn new skills, build projects and meet like-minded students with the latest shows from the GitHub Education Stream Team. ⌘ Read more
Highlights from Git 2.35
The open source Git project just released Git 2.35. Here’s GitHub’s look at some of the most interesting features and changes introduced since last time. ⌘ Read more
Release Radar · December 2021 Edition
Many of us were wrapping up projects, emails, events, and getting ready for Christmas. While we were all busy getting ready for the festive season, our community was still hard at work shipping open source ⌘ Read more
Open source creates value, but how do you measure it?
When digital infrastructure is overlooked by governments, it isn’t just a missed opportunity: policies may inadvertently endanger open source collaboration. ⌘ Read more
Reducing security risk in open source software with GitHub Actions and OpenSSF Scorecards V4
We’re excited to announce the V4 release of the OpenSSF’s Scorecard project in partnership with Google. ⌘ Read more
How open source is supporting NASA’s new eyes in space
With the successful liftoff of the James Webb Space Telescope, we ask our very own Arfon Smith about the history of open source and space science. ⌘ Read more
Top-rated entries from Game Off 2021
Here are the top games created in our annual game jam as rated and reviewed by the developers that made them. Game On! 🤘🏻 ⌘ Read more
How five open source communities are using GitHub Discussions
From answering questions about a new release to fielding feature requests, here’s how five open source communities use GitHub Discussions. ⌘ Read more
The Open Source Software Security Summit: securing the world’s code together
My colleague Stormy Peters and I are proud to represent GitHub at the White House’s Open Source Software Security Summit to share how securing open source begins by empowering developers. ⌘ Read more
How we ship GitHub Mobile every week
Learn how the GitHub Mobile Team automates their release process with GitHub Actions. ⌘ Read more
GitHub Availability Report: December 2021
In December, we experienced no incidents resulting in service downtime to our core services. ⌘ Read more
How the community powers GitHub Advanced Security with CodeQL queries
The GitHub Security Lab’s CodeQL bounty program fuels GitHub Advanced Security with queries written by the open source community. ⌘ Read more
@jlj@twt.nfld.uk right now the getwtxt-ng source is in a private repo on github, though I may move it to sr.ht for its primary home (and just mirror it to github)
GitHub’s top 10 blog posts of 2021
As the year winds down, we’re highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers. ⌘ Read more
Hey. I my own local forward tool. https://github.com/JonLundy/sshfwd it uses ssh port forwards.
How GitHub contributed to the Santa Clara Principles update
GitHub was honored to contribute to the Santa Clara Principles on Transparency and Accountability in Content Moderation 2.0. ⌘ Read more
How to leverage security frameworks and libraries for secure code
In this post, I’ll discuss how to apply OWASP Proactive Control C2: Leverage security frameworks and libraries. ⌘ Read more
The QOI File Format Specification
Last month I announced a
toy project called QOI — the Quite OK Image Format. It losslessly compresses
RGB and RGBA images to a similar size of PNG, while offering a 20x-50x
speedup in compression and 3x-4x speedup in decompression.
With the help of countless passionate people on Github, we have refined some of
the rough edges and specified exactly what … ⌘ Read more
Getting started with GitHub Actions just got easier!
When you want to create a workflow in the Actions tab of your repository, the recommendations are now based on an analysis of repo content. ⌘ Read more
Technical interviews via Codespaces
Codespaces is a great tool for technical hiring exercises and helps level the playing field for candidates. ⌘ Read more
5 automations every developer should be running
Looking to avoid security vulnerabilities, buttons that don’t work, slow site speeds, or manually writing release notes? This one’s for you. ⌘ Read more
A brief history of code search at GitHub
This blog post tells the story of why we built a new search engine optimized for code. ⌘ Read more