Secure deployments with OpenID Connect & GitHub Actions now generally available
GitHub Actions now supports OpenID Connect for secure deployment to different cloud providers via short-lived, auto-rotated tokens. ⌘ Read more
How to squash bugs by enrolling in OSS-Fuzz
OSS-Fuzz is Google’s awesome fuzzing service for open source projects. GitHub Security Lab’s @kevinbackhouse describes enrolling a project. ⌘ Read more
The Copyright Office expands your security research rights
Recently, the Copyright Office responded to the calls to clarify the scope of protected security research. ⌘ Read more
Accelerate security adoption in your organization
The GitHub Services Engineers have released the Advanced Security Enforcer GitHub Action to enable organizations to utilize code scanning in a consistent and automated way. ⌘ Read more
In case you missed it, GitHub Education at Universe 2021!
A recap of all the GitHub Education news from Universe 2021, including the new Intro to Web Dev Experience. ⌘ Read more
What’s new from GitHub Changelog? October 2021 recap
A public beta of the new GitHub Issues, a “security manager” role for organizations, a command palette beta, and lots more. ⌘ Read more
7 advanced workflow automation features with GitHub Actions
Check out some advanced automation and CI/CD capabilities you can use today with GitHub Actions on any GitHub account. ⌘ Read more
No on gitlab. If its self hosted gitea is best in class.
I can see hosting a mirror on github if only for the redundancy/visibility. Some projects will host but then direct contributions on their self host. Like Go does.
I would suggest using a vanity domain that can redirect tools like go get to hosting of choice. And not require rewriting all the packages any time it gets moved.
GitHub’s developer-first approach to content moderation
GitHub puts the needs of developers at the core of our content moderation policies. Learn more about our approach and how you can contribute. ⌘ Read more
GraphQL global ID migration update
All newly created GraphQL objects now have IDs that conform to a new format, which we refer to as “next IDs.” Learn how to migrate older IDs to the new format and why we’re making the change. ⌘ Read more
Blue-teaming for Exiv2: adding custom CodeQL queries to code scanning
The Exiv2 team tightened our security by enabling GitHub’s code scanning feature and adding custom queries tailored to the Exiv2 code base. ⌘ Read more
The 2021 State of the Octoverse
The State of the Octoverse analyzes data from millions of developers & repos to share trends across working habits, productivity, and career satisfaction. ⌘ Read more
GitHub’s commitment to npm ecosystem security
We’re sharing details of recent incidents on the npm registry, our investigations, and how we’re continuing to invest in the security of npm. ⌘ Read more
Highlights from Git 2.34
To celebrate this most recent release, here’s GitHub’s look at some of the most interesting features and changes introduced since last time. ⌘ Read more
Release Radar · October 2021 Edition
What an incredible month it’s been for GitHub and our communities. Whilst we’ve been busy with GitHub Universe, our communities have been busy coding. It’s been a successful year for Hacktoberfest, with many first-time contributors ⌘ Read more
Highlights from GitHub’s security roadmap at Universe 2021
During Universe, we received a number of security questions ranging from our strategy to our advisories. Here’s what we’ve got planned! ⌘ Read more
https://github.com/Danamir/dyn-gandi gandi dns
7 unique software collaboration features in GitHub Discussions
Here are a few ways our teams use GitHub Discussions internally to build community, simplify workflows, and get key insights into our work. ⌘ Read more
Make your monorepo feel small with Git’s sparse index
The new sparse index feature makes it feel like you are working in a small repository when working in a focused portion of a monorepo. ⌘ Read more
GitHub Enterprise Server 3.3 enhances CI/CD and adds a new security manager role
This latest release sees the introduction of a new role, a new webhook for GitHub Actions, and a bright edge to dark mode. ⌘ Read more
Three rules of bug fixing for better OSS security
When you’re fixing a bug, especially a security vulnerability, you should add a regression test, fix the bug, and find & fix variants. ⌘ Read more
GitHub Availability Report: October 2021
In October, we experienced one incident resulting in significant impact and degraded state of availability for the GitHub Codespaces service. ⌘ Read more
10 GitHub Actions resources to bookmark from the basics to CI/CD
Tips on how to get started using GitHub Actions and resources to learn more about making it work for you. ⌘ Read more
I’m a bit skeptical about GitHub Copilot, but now that I’ve really tried it out for the first time, I’m amazed by its capabilities. Copilot doesn’t replace programming, but it does take a lot of the work out of it. What works well, for example, is the completion of comments in the code. ⌘ Read more
Building the next phase of GitHub, together
This morning, I shared the following post with Hubbers in response to Nat’s announcement about his next adventure. I am thrilled to take on the role of CEO to build the next phase of GitHub for our global community of software developers. ⌘ Read more
Thank you, GitHub
This morning, I sent the following post to the GitHub team. TL;DR: I’m moving on to my next adventure, and Thomas Dohmke (currently Chief Product Officer) will be GitHub’s next CEO. ⌘ Read more
On the blog: Artificial Stupidity with GitHub Copilot https://john.colagioia.net/blog/2021/11/03/copilot2.html #programming #techtips
Blue-teaming for Exiv2, part 1: creating a security advisory process
This blog post is the first in a series about hardening the security of the Exiv2 project. My goal is to share tips that will help you harden the security of your own project. ⌘ Read more
Game Off 2021 theme announcement
The theme for this year’s Game Off is… …BUG! Your challenge, should you choose to accept it, is to create a game between now and December 1 incorporating the theme somehow, and submit it to ⌘ Read more
Ignite Realtime Blog: Smack 4.4.4 released
We are happy to announce the release of Smack 4.4.4. Thanks to numerous contributors this patch level release includes many fixes and improvements. I’d like to especially thank the folks from Jitsi, namely Boris Grozev, Damian Minkov, Ingo Bauersachs, and Jonathan Lennox. Who tracked down multiple bugs, including a nasty concurrency bug. Furthermore, thanks to Ingo, Smack and its important dependencies [jxmpp](https://github.com/ign … ⌘ Read more
Cybersecurity spotlight on bug bounty researcher @yvvdwf
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program: @yvvdwf ⌘ Read more
GitHub keeps getting better for open source maintainers
Maintainers can now limit who can approve and request changes on pull requests. You can also close issues and block users via your phone. ⌘ Read more
13 short and scary games plus source to play (or hack) this Halloween 🎃
It’s that time of year again where I like to share seasonally spooktacular games plus source code—a goldmine of material for (a) those looking for coffee-break entertainment, (b) those interested in learning more about game ⌘ Read more
Everything new from Universe 2021
Since last year’s GitHub Universe, we’ve shipped more than 20,000 improvements to GitHub for developers, open source communities, and enterprise teams. Here’s a comprehensive overview of what we’re announcing at Universe this week. ⌘ Read more
Gephisto -Get a network map in one click. #Gephi href=”https://we.loveprivacy.club/search?q=%23GraphML”>#GraphML**
#Gephi #GraphML ⌘ Read more
A peek inside some of the top games from Ludum Dare 49
The 49th Ludum Dare game jam just wrapped up with almost 3000 entries. Here’s a peek at some of the highest-rated entries that you can play, plus their source code that you can poke around ⌘ Read more
GitHub Actions for security and compliance
GitHub Actions can automate several common security and compliance tasks, even if your CI/CD pipeline is managed by another tool. ⌘ Read more
GitHub Marketplace welcomes its 10,000th action
GitHub Marketplace just passed 10,000 published actions! Learn about contributing to this growing open source ecosystem. ⌘ Read more
Diversity, inclusion, and belonging at GitHub in 2021
In the past two years, GitHub has doubled in size, welcoming more than 760 new Hubbers in 2021 alone. This past year we particularly focused on our goal of making GitHub more equitable. We saw growth in our diversity representation, whose population increased at a higher rate than the company itself. ⌘ Read more
What’s new from GitHub Changelog? September 2021 recap
Catch up on 44 ships, including a colorblind-accessible theme, a public README.md for organizations, and customization of code review settings. ⌘ Read more
Meet the GitHub Universe hosts, and start building your schedule
We sat down with Universe hosts Lorena Mesa and Jarryd McCree for a quick Q&A to help you make the most out of your conference experience this year. ⌘ Read more
💾 Save the date for GitHub Game Off 2021
Game Off is an annual game jam (or “hackathon for building games”) that’s a little different from most—it lasts for the entire month of November—not just a weekend or a few days. It’s the perfect ⌘ Read more
Student developer resources you won’t find in the classroom
Heading back to school? Did you just graduate? The GitHub Education Stream Team (GEST) is sharing resources, tools, and more to help emerging developers land a job. Student leaders from around the world are creating and hosting shows to grow the tech community and share information you won’t find in the classroom. ⌘ Read more
Everybody is building one because, you know, why not? Why I built my own static site generator.
Apply now for GitHub Universe 2021 micro-mentoring
As part of our ongoing commitment to ensure GitHub’s conferences are accessible and inclusive to people from all walks of life, we’re offering 30-minute, 1:1 micro-mentoring sessions with GitHub employees. ⌘ Read more
GitHub security update: revoking weakly-generated SSH keys
On September 28, 2021, we received notice from the developer Axosoft regarding a vulnerability in a dependency of their popular git GUI client - GitKraken. An underlying issue with a dependency, called `keypair`, resulted in the GitKraken client generating weak SSH keys. ⌘ Read more