Clik here to view.
From finding to fixing: GitHub Advanced Security integrates Endor Labs SCA
It’s no wonder developers are increasingly overwhelmed. The number of new CVEs published each year has increased by nearly 500% in the last decade. And the average project, with just 10 direct...
View ArticleHow to refactor code with GitHub Copilot
We’ve all been there—staring at a function that looks like it was written by an over-caffeinated goblin at 3 AM (maybe even your alter ego). You could pretend it doesn’t exist, or you could refactor...
View ArticleHow GitHub uses CodeQL to secure GitHub
GitHub’s Product Security Engineering team writes code and implements tools that help secure the code that powers GitHub. We use GitHub Advanced Security (GHAS) to discover, track, and remediate...
View ArticleGitHub Availability Report: January 2025
In January, we experienced three incidents that resulted in degraded performance across GitHub services. January 09 1:26 UTC (lasting 31 minutes) On January 9, 2025, between 01:26 UTC and 01:56 UTC,...
View ArticleSupport the open source projects you love this Valentine’s Day
While everyone likes flowers and chocolates, why not show your love for your favorite open source projects this Valentine’s and give appreciation to the maintainers who keep them running? Many of the...
View ArticleEngaging with the developer community on our approach to content moderation
At GitHub, we’re committed to keeping our community informed about how we govern our platform. That means being transparent about content moderation and involving users in the development of our site...
View ArticleClik here to view.
How to debug code with GitHub Copilot
Debugging is an essential part of a developer’s workflow—but it’s also one of the most time consuming. What if AI could streamline the process, helping you analyze, fix, and document code faster?...
View ArticleCommunity managers in action: Leading a developer community for good
Jumpstarting your career as a community manager Managing communities has always been something I wanted to explore. This year, I finally decided to take on every opportunity to do so. And it has been...
View ArticleClik here to view.
GitHub for Beginners: How to get started with GitHub Copilot
Welcome to season two of GitHub for Beginners! Last season, we introduced you to GitHub and helped you go from beginner to confidently using the platform. This season, we’re continuing your journey by...
View ArticleClik here to view.
Finding leaked passwords with AI: How we built Copilot secret scanning
In October 2024, we announced the general availability of Copilot secret scanning, leveraging AI to detect generic passwords in users’ codebases. This post describes how Copilot secret scanning works...
View ArticleClik here to view.
Not just for developers: How product and security teams can use GitHub Copilot
In today’s fast-paced world where collaboration between technical and non-technical teams is vital, tools like GitHub Copilot are proving to be indispensable. These AI-powered tools are no longer just...
View ArticleClik here to view.
Video: How to run dependency audits with GitHub Copilot
Every software project faces the inevitable challenge of dependency management. Over time, dependencies become outdated, leading to security vulnerabilities. Others go unused, needlessly bloating...
View ArticleFour steps toward building an open source community
Open source projects generally begin with a problem to be solved. If it’s a problem a lot of people have, it may gain traction. Eventually you might have many people contributing. Before you know it,...
View ArticleFull exposure: A practical approach to handling sensitive data leaks
This post originally appeared in Infosecurity Magazine, and is republished here with permission. In the fast-paced world of software development, accidents can happen—even to the best of us. One such...
View ArticleWhy Java endures: The foundation of modern enterprise development
Here’s a true story: I learned Java after pretending to be an Android developer when I first started out in software development. While doing that, I quickly learned something important: Java isn’t...
View ArticleGitHub Availability Report: February 2025
In February, we experienced two incidents that resulted in degraded performance across GitHub services. February 25 14:25 UTC (lasting 2 hours and 19 minutes) On February 25, 2025, between 14:25 UTC...
View ArticleClik here to view.
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. Attackers who are in possession of a single valid signature that was...
View ArticleHow GitHub engineers learn new codebases
No matter where you are in your coding career, you will likely come across a new codebase or problem domain that is completely unfamiliar to you. Because codebases can be filled with many layers of...
View ArticleHighlights from Git 2.49
The open source Git project just released Git 2.49 with features and bug fixes from over 89 contributors, 24 of them new. We last caught up with you on the latest in Git back when 2.48 was released....
View ArticleClik here to view.
GitHub for Beginners: Essential features of GitHub Copilot
Welcome back to our second GitHub for Beginners series, where we are diving into the world of GitHub Copilot. In our previous episode, we introduced you to GitHub Copilot and gave you some guidance on...
View Article