Clik here to view.
IssueOps: Automate CI/CD (and more!) with GitHub Issues and Actions
Software development is filled with repetitive tasks—managing issues, handling approvals, triggering CI/CD workflows, and more. But what if you could automate these types of tasks directly within...
View ArticleClik here to view.
Video: How to create checklists in Markdown for easier task tracking
Have you ever wondered how the cool cats of the internet make Markdown checklists in their GitHub repositories, issues, and pull requests? Me too. And I’m here to say: you too can be a cool cat....
View ArticleWorld Water Day: how GitHub Copilot is helping bring clean water to communities
March 22 is World Water Day—a day intended to educate, inspire, and promote action around the importance of clean and safe water. For organizations like charity: water, this is their mission...
View ArticleClik here to view.
A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple
Imagine this: You’re sipping your morning coffee and scrolling through your emails, when you spot it—a vulnerability report for your open source project. It’s your first one. Panic sets in. What does...
View ArticleClik here to view.
Mastering GitHub Copilot: When to use AI agent mode
Ever find yourself staring at an AI coding assistant, wondering why it’s not quite nailing what you need? Maybe it’s spitting out code that’s close but not quite right, or you’re stuck wrestling with...
View ArticleHow engineers can use one-on-ones with their manager to accelerate career growth
One-on-one meetings with your manager are one of the most valuable tools you have for career growth, problem-solving, and unlocking new opportunities. So if you’re only using them to provide status...
View Article5 GitHub Actions every maintainer needs to know
Maintaining and contributing to open source projects can be rewarding—but it comes with a lot of small, repetitive tasks. The good news? GitHub Actions can automate the more tedious and error-prone...
View ArticleClik here to view.
GitHub for Beginners: How to get LLMs to do what you want
Welcome back to season two of GitHub for Beginners, a series designed to help you navigate GitHub more confidently! So far, we’ve explored how to use GitHub Copilot and some of its essential features....
View ArticleClik here to view.
GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help
If you know where to look, exposed secrets are easy to find. Secrets are supposed to prevent unauthorized access, but in the wrong hands, they can be—and typically are—exploited in seconds. To give...
View ArticleClik here to view.
Localhost dangers: CORS and DNS rebinding
At GitHub Security Lab, one of the most common vulnerability types we find relates to the cross-origin resource sharing (CORS) mechanism. CORS allows a server to instruct a browser to permit loading...
View ArticleClik here to view.
Vibe coding with GitHub Copilot: Agent mode and MCP support rolling out to...
Allow us to reintroduce ourselves: GitHub Copilot is getting a whole lot more agentic with increased context of your tools and services, powered by the world’s leading models, starting today. 👏 We are...
View ArticleGit turns 20: A Q&A with Linus Torvalds
Exactly twenty years ago, on April 7, 2005, Linus Torvalds made the very first commit to a new version control system called Git. Torvalds famously wrote Git in just ten days after Linux kernel...
View ArticleClik here to view.
Found means fixed: Reduce security debt at scale with GitHub security campaigns
We get it: you’d rather spend your time shipping features than chasing security alerts. That’s why we’ve built tools like Copilot Autofix directly into pull requests, enabling teams to remediate...
View ArticleClik here to view.
How to request a change to a CVE record
Ever come across a Common Vulnerabilities and Exposures (CVE) ID affecting software you use or maintain and thought the information could be better? CVE IDs are a widely-used system for tracking...
View ArticleHow we’re making security easier for the average developer
Let’s be honest—most security tools can be pretty painful to use. These tools usually aren’t designed with you, the developer, in mind—even if it’s you, not the security team, who is often responsible...
View ArticleWhat the heck is MCP and why is everyone talking about it?
It feels like everyone’s talking about MCP (Model Context Protocol) these days when it comes to large language models (LLMs), but hardly anyone is actually defining it. TL;DR: It’s an open standard...
View ArticleClik here to view.
Introducing sub-issues: Enhancing issue management on GitHub
Recently we launched sub-issues, a feature designed to tackle complex issue management scenarios. This blog post delves into the journey of building sub-issues, what we learned along the way, how we...
View ArticleClik here to view.
GitHub for Beginners: Security best practices with GitHub Copilot
Welcome to the next episode in our GitHub for Beginners series, where we are diving into the world of GitHub Copilot. This is our fourth episode, and we’ve already talked about Copilot in general,...
View ArticleWhen to choose GitHub-Hosted runners or self-hosted runners with GitHub Actions
Whether it’s building, testing, or deploying code, automating manual processes is key to improving developer experience and achieving a successful DevOps strategy. On GitHub, you can use GitHub...
View ArticleGitHub Availability Report: March 2025
In March, we experienced one incident that resulted in degraded performance across GitHub services. March 29 7:00 UTC (lasting 58 hours) Between March 29 7:00 UTC and March 31 17:00 UTC, GitHub...
View Article