Launching GitHub Community: Powered by GitHub Discussions
Today, we’re launching GitHub Community, which brings together GitHub Community Forum, GitHub Education Forum, and product feedback into a free, in-product, single space for all user-to-user interactions. ⌘ Read more
Introducing even more security enhancements to npm
New npm security enhancements include an improved login and publish experience with the npm CLI, connected GitHub and Twitter accounts, and a new CLI command to verify the integrity of packages in npm. ⌘ Read more
https://github.com/justchokingaround/lobster streaming mpv subtitles
Tips & tricks for using GitHub projects for personal productivity
GitHub Issues is a core component of how developers get things done and, as we built more project planning capabilities into GitHub, we’ve found some fun and unique ways to use the new projects experience for personal productivity. ⌘ Read more
Here’s how academic research is shaping GitHub Discussions
We strive to understand how developers collaborate and work on GitHub, and we sometimes partner with academics to better understand how we can improve our products. Here’s how we did that to build and evolve GitHub Discussions. ⌘ Read more
6 strategic ways to level up your CI/CD pipeline
From incorporating accessibility testing to implementing blue-green deployment models, here are six practical and strategic ways to improve your CI/CD pipeline. ⌘ Read more
Open Source Monthly: July 2022 Edition
July’s Open Source Monthly features Zag.js, which leverages state machines to make framework agnostic components. ⌘ Read more
Research: How GitHub Copilot helps improve developer productivity
We surveyed more than 2,000 developers about whether GitHub Copilot helped them be more productive and improved their coding. Then, we matched this qualitative feedback and subjective perception with quantitative data around objective usage measurements and productivity. ⌘ Read more
Top tips for creating a healthy and sustainable open source community
Read about the six key themes, and tips for each, that ensure sustainable and healthy open source communities. ⌘ Read more
GitHub Availability Report: June 2022
In June, we experienced four incidents resulting in significant impact to multiple GitHub.com services. This report also sheds light into an incident that impacted several GitHub.com services in May. ⌘ Read more
Managing a game dev community with GitHub Actions
A Little Game Called Mario is an open source, collectively developed hell project. Anyone and everyone is welcome to contribute their unique talents to make both the player and developer experience more enjoyable. Find out how the collective leverages GitHub Actions to manage this wonderful little community. ⌘ Read more
Extend your dependency information in the GitHub Dependency Graph with new GitHub Actions
New Actions from Anchore, NowSecure, SBT, and Trivy are now available to create a more comprehensive GitHub Dependency Graph. ⌘ Read more
How the GitHub Security Team uses projects and GitHub Actions for planning, tracking, and more
Can projects and GitHub Actions be used by your non-developer teams? They absolutely can. Check out how our Security Team uses GitHub to run the department effortlessly. ⌘ Read more
Write Better Commits, Build Better Projects
High-quality Git commits are the key to a maintainable and collaborative open- or closed-source project. Learn strategies to improve and use commits to streamline your development process. ⌘ Read more
What to do when your open source project becomes a community?
Maintainers answer your questions about how to manage an open source project that grows into a community. ⌘ Read more
Announcing the summer 2022 MLH Fellowship GitHub Contributors
Meet the 2022 MLH Fellowship cohort! This 12-week internship alternative is for aspiring software engineers, and powered by GitHub. ⌘ Read more
The Chromium super (inline cache) type confusion
In this post I’ll exploit CVE-2022-1134, a type confusion in Chrome that I reported in March 2022, which allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site. I’ll also look at some past vulnerabilities of this type and some implementation details of inline cache in V8, the JavaScript engine of Chrome. ⌘ Read more
Improve Git monorepo performance with a file system monitor
Monorepo performance can suffer due to the sheer number of files in your working directory. Git’s new builtin file system monitor makes it easy to speed up monorepo performance. ⌘ Read more
Ignite Realtime Blog: Smack 4.4.6 released
We are happy to announce the release of Smack 4.4.6. For a high-level overview of what’s changed in Smack 4.4.6, check out Smack’s changelog
This release mostly consists of bug fixes, many of them reported by the Jitsi folks. I would like to thank especially Damian Minkov for detailed problem descriptions, for the fruitful collaboration and for various joint bug hunts whi … ⌘ Read more
Improving Git protocol security on GitHub Enterprise Server
The recent changes to improve protocol security on GitHub.com are now coming to GitHub Enterprise Server, starting with version 3.6. ⌘ Read more
GitHub Advisory Database now supports Erlang and Elixir packages!
We’re excited to announce that the GitHub Advisory Database now includes curated security advisories on Erlang, Elixir, and more. ⌘ Read more
Highlights from Git 2.37
The open source Git project just released Git 2.37. Take a look at some of our highlights from the latest release. ⌘ Read more
Thank you to our maintainers
To celebrate Maintainer Month, GitHub has invested an additional $500,000 to help sponsor the open source projects that it depends on. ⌘ Read more
What’s new in Codespaces for Organizations
We’re releasing exciting functionalities that will enable organizations to confidently manage and scale with Codespaces. ⌘ Read more
Erlang Solutions: Contract Programming an Elixir approach – Part 1
This series explores the concepts found in Contract Programming and adapts them to the Elixir language. Erlang and BEAM languages, in general, are surrounded by philosophies like “fail fast”, “defensive programming”, and “offensive programming”, and contract programming can be a nice addition. The series is also available on Github.
You will find a lot … ⌘ Read more
No more GitHub Copilot for me
I was an avid user of GitHub Copilot during the technical preview phase. Apparently, as many as 1.2 million developers used Copilot. But now Copilot is out of beta and suddenly costs money. ⌘ Read more
GitHub Copilot is generally available to all developers
We’re making GitHub Copilot, an AI pair programmer that suggests code in your editor, generally available to all developers for $10 USD/month or $100 USD/year. It will also be free to use for verified students and maintainers of popular open source projects. ⌘ Read more
ProcessOne: Announcing ejabberd DEB and RPM Repositories
Today, we are happy to announce our official Linux packages repository: a source of .deb and .rpm packages for ejabberd Community Server. This repository provides a new way for the community to install and upgrade ejabberd.
All details on how to set this up are described on the dedicated website:
![ejabberd installation log](http … ⌘ Read more
GitHub enables the development of functional safety applications by adding support for coding standards AUTOSAR C++ and CERT C++
GitHub is excited to announce the release of CodeQL queries that implement the standards CERT C++ and AUTOSAR C++. These queries can aid developers looking to demonstrate ISO 26262 Part 6 process compliance. ⌘ Read more
Gajim: Gajim 1.4.4
Gajim 1.4.4 comes with many improvements: emoji auto-complete, automatic theme switching when your desktop switches from light to dark in the evening, a completely reworked Gajim remote interface, and many bug fixes.
After many emoji improvements in Gajim 1.4.3, this version comes with an emoji auto-complete while writing messages! As soon as you start typing a :, a popover will show you available emoji shortcodes, just like on Slack or Github 🎉
![Emoji auto-complete](ht … ⌘ Read more
Creating a more comprehensive dependency graph with build time detection
Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities ⌘ Read more
Release Radar · May 2022 Edition
Each month, we highlight open source projects that have shipped major updates. These projects can include everything from world-changing technology to developer tooling, and weekend hobbies. We cover what the project is and some of their breaking changes. Read about the project, and browse their repositories. Without further ado, here are our top staff picks […] ⌘ Read more
The Android kernel mitigations obstacle race
In this post I’ll exploit CVE-2022-22057, a use-after-free in the Qualcomm gpu kernel driver, to gain root and disable SELinux from the untrusted app sandbox on a Samsung Z flip 3. I’ll look at various mitigations that are implemented on modern Android devices and how they affect the exploit. ⌘ Read more
ProcessOne: Announcing ejabberd DEB and RPM Repositories
Today, we are happy to announce our official Linux packages repository: a source of .deb and .rpm packages for ejabberd Community Server. This repository provides a new way for the community to install and upgrade ejabberd.
All details on how to set this up are described on the dedicated website:
![ejabberd installation log](http … ⌘ Read more
https://github.com/jflaherty/ptrtut13 pointers and arrays in C
Git Merge 2022
Git Merge, the conference dedicated to bringing the Git community together returns on September 14-15 in Chicago, Illinois. ⌘ Read more
Prebuilding codespaces is generally available
Teams and GHEC customers can now create blazing fast codespaces, even for your largest and most complex projects. ⌘ Read more
GitHub now publishes malware advisories in the GitHub Advisory Database
To combat the prevalence of malware in the open source ecosystem, GitHub now publishes malware occurrences in the GitHub Advisory Database. These advisories power Dependabot alerts and remain forever free and usable by the community. ⌘ Read more
https://github.com/susam/emacs4cl common lisp
Accelerating GitHub theme creation with color tooling
Learn why the GitHub Design Infrastructure team built a dedicated color tool and how they use it to create new color palettes for GitHub. ⌘ Read more
How can the United States build its Open Source Software policy?
We share a recap of a recent roundtable event about what a federal open source software policy could look like in the United States. ⌘ Read more
Open Source Monthly: June 2022 Edition
June’s Open Source Monthly features Mondos–a community-focused company building software and hardware that designs digital devices with respect for users’ time, attention, and well-being. ⌘ Read more
https://github.com/karthink/elfeed-tube emacs youtube RSS
Farside: “A smart redirecting gateway for various frontend services” like Nitter and Scribe. https://github.com/benbusby/farside
wait, is CIRL incorrigible for the same reason that utility-maximizers don’t wirehead? https://niplav.github.io/notes.html#A-Short-Example-For-Why-CIRL-Is-Incorrigible
Implementing a robust digital identity
How can you robustly assert and identify a user’s identity? ⌘ Read more
How we think about browsers
Discover how GitHub thinks about browser support, look at usage patterns, and learn about the tools we use to make sure our customers are getting the best experience. ⌘ Read more