Empowering Uruguay’s future workforce with AI
During the second cycle of Git Commit Uruguay, students learned the basics of AI and built their own AI-powered projects.
The GitHub Blog
Rotating credentials for GitHub.com and new GHES patches
GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.
Game Off 2023 results 🏆
The GitHub Game Off results are in! All games have been rated, ranked, and reviewed. Read on for a look at the 10 highest-rated submissions overall.
GitHub Certifications are generally available
Unlock your full potential with GitHub Certifications! Earning a GitHub certification will give you the competitive advantage of showing up as a GitHub expert.
GitHub and the Ekoparty 2023 Capture the Flag
The GitHub Security Lab teamed up with Ekoparty once again to create some challenges for its yearly Capture the Flag competition!
Frenemies to friends: Developers and security tools
When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let's explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.
Latest posts
5 ways to make your DevSecOps strategy developer-friendly
Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.
GitHub Copilot Chat now generally available for organizations and individuals
All GitHub Copilot users can now enjoy natural language-powered coding with Copilot Chat at no additional cost.
GitHub’s top blog posts of 2023
As the year winds down, we're highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers.
Engineering
How we organize and get things done with SERVICEOWNERS
Take CODEOWNERS and GitHub teams to the next level. Learn about how GitHub engineering solves the age old problem of who owns what.
GitHub Availability Report: November 2023
In November, we experienced one incident that resulted in degraded performance across GitHub services.
Upgrading GitHub.com to MySQL 8.0
GitHub uses MySQL to store vast amounts of relational data. This is the story of how we seamlessly upgraded our production fleet to MySQL 8.0.
How we’re experimenting with LLMs to evolve GitHub Copilot
Learn how we’re experimenting with generative AI models to extend GitHub Copilot across the developer lifecycle.
Community
Release Radar · End of 2023 Edition
Hacktoberfest has wrapped up, GitHub Universe has come to a close, and our community has been super hard at work. All the while people enjoyed turkey over Thanksgiving in the…
For Good First Issue: Introducing a new way to contribute
For Good First Issue is a curated list of open source projects that are also digital public goods and need the help of developers.
Celebrating the GitHub Awards 2023 recipients 🎉
The GitHub Awards recognizes and celebrates the outstanding contributions and achievements in the developer community, honoring individuals, projects, and organizations for their impactful work, innovation, thought leadership, and creating an outsized positive impact on the community.
Game Off 2023 results 🏆
The GitHub Game Off results are in! All games have been rated, ranked, and reviewed. Read on for a look at the 10 highest-rated submissions overall.
Trending stories
1
GitHub Certifications are generally available
Unlock your full potential with GitHub Certifications! Earning a GitHub certification will give you the competitive advantage of showing up as a GitHub expert.
2
Raising the bar for software security: GitHub 2FA begins March 13
On March 13, we will officially begin rolling out our initiative to require all developers who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. Read on to learn about what the process entails and how you can help secure the software supply chain with 2FA.
3
Rotating credentials for GitHub.com and new GHES patches
GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.
4
How to build a CI/CD pipeline with GitHub Actions in four simple steps
A quick guide on the advantages of using GitHub Actions as your preferred CI/CD tool—and how to build a CI/CD pipeline with it.
5
How to use GitHub Copilot: Prompts, tips, and use cases
In this prompt guide for GitHub Copilot, two GitHub developer advocates, Rizel and Michelle, will share examples and best practices for communicating your desired results to the AI pair programmer.
6
Research: quantifying GitHub Copilot’s impact on developer productivity and happiness
When the GitHub Copilot Technical Preview launched just over one year ago, we wanted to know one thing: Is this tool helping developers? The GitHub Next team conducted research using a combination of surveys and experiments, which led us to expected and unexpected answers.
Product
GitHub Copilot Chat now generally available for organizations and individuals
All GitHub Copilot users can now enjoy natural language-powered coding with Copilot Chat at no additional cost.
Default setup now includes scheduled scans and supports all languages covered by CodeQL
We’ve added new improvements to default setup, including automatically scheduling scans on repositories and support for all CodeQL covered languages.
From macOS runners to secure deployments, what’s new from GitHub Actions
Read a roundup of the exciting, new innovation coming from GitHub Actions.
Insider newsletter digest: How to use GitHub Copilot
Explore the July edition, featuring prompts, tips, and use cases for GitHub Copilot.
The architecture of today's LLM applications
Here’s everything you need to know to build your first LLM app and problem spaces you can start exploring today.
Demystifying LLMs: How they can do things they weren't trained to do
Explore how LLMs generate text, why they sometimes hallucinate information, and the ethical implications surrounding their incredible capabilities.
Research: Quantifying GitHub Copilot’s impact on code quality
Findings show that code quality is better across the board and developers felt more confident, too.
Security
Securing our home labs: Frigate code review
This blog post describes two linked vulnerabilities found in Frigate, an AI-powered security camera manager, that could have enabled an attacker to silently gain remote code execution.
Cueing up a calculator: an introduction to exploit development on Linux
Using CVE-2023-43641 as an example, I’ll explain how to develop an exploit for a memory corruption vulnerability on Linux. The exploit has to bypass several mitigations to achieve code execution.
GitHub and the Ekoparty 2023 Capture the Flag
The GitHub Security Lab teamed up with Ekoparty once again to create some challenges for its yearly Capture the Flag competition!
Frenemies to friends: Developers and security tools
When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let's explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.
5 ways to make your DevSecOps strategy developer-friendly
Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.
Scaling vulnerability management across thousands of services and more than 150 million findings
Learn about how we run a scalable vulnerability management program built on top of GitHub.
Rotating credentials for GitHub.com and new GHES patches
GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.
Open Source
Game Off 2023 results 🏆
The GitHub Game Off results are in! All games have been rated, ranked, and reviewed. Read on for a look at the 10 highest-rated submissions overall.
Release Radar · End of 2023 Edition
Hacktoberfest has wrapped up, GitHub Universe has come to a close, and our community has been super hard at work. All the while people enjoyed turkey over Thanksgiving in the…
For Good First Issue: Introducing a new way to contribute
For Good First Issue is a curated list of open source projects that are also digital public goods and need the help of developers.
Highlights from Git 2.43
The last Git release of 2023 is here! Take a look at some of our highlights on what's new in Git 2.43.
Enterprise
From migration tools to updates to Enterprise Managed Users, what’s new in GitHub Enterprise
Read a round-up of the exciting, new innovation coming from GitHub Enterprise.
GitHub Availability Report: November 2023
In November, we experienced one incident that resulted in degraded performance across GitHub services.
GitHub Enterprise Server 3.11 is now generally available
Customers using GitHub Enterprise Server can gain more insight and understanding into the security of their code.
Education
Empowering Uruguay’s future workforce with AI
During the second cycle of Git Commit Uruguay, students learned the basics of AI and built their own AI-powered projects.
GitHub Certifications are generally available
Unlock your full potential with GitHub Certifications! Earning a GitHub certification will give you the competitive advantage of showing up as a GitHub expert.
Calling all teachers! Learn how to build new commands on the GitHub Classroom CLI
In this step-by-step tutorial, we’ll dive into how you can become the next open source contributor to the GitHub Classroom CLI, building commands that you can use to improve your workflow as an educator!
Policy
GitHub Innovation Graph Q2 2023 Data Release
Discover the latest trends and insights on public software development activity on GitHub with the release of Q2 2023 data for the Innovation Graph.
Introducing the GitHub transparency center
It’s time for our biannual transparency report, where we share how we approach content moderation and disclosure of user information. This year, we’re introducing the transparency center, a new platform for our transparency reporting data.
Announcing the GitHub Innovation Graph
Explore a universe of data about how the world is building software together on GitHub.
Company
GitHub’s top blog posts of 2023
As the year winds down, we're highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers.
The ultimate gifts for the developer in your life this holiday season
If you're on the hunt for the perfect holiday gifts for the developer who has it all, look no further. We’ve curated a list of 10 must-have items (plus a few more) that strike the perfect balance between practicality and style.
Universe's key takeaway: Innovate better with AI-powered workflows on a single, unified platform
Discover new AI-powered features and tools to help developers stay in the flow and organizations innovate at scale.