Разработка • The GitHub Blog • 1 июля 2022 г. 17:00
New Actions from Anchore, NowSecure, SBT, and Trivy are now available to create a more comprehensive GitHub Dependency Graph.... читать далее
Security GitHub ActionsРазработка • The GitHub Blog • 1 июля 2022 г. 15:22
Can projects and GitHub Actions be used by your non-developer teams? They absolutely can. Check out how our Security Team uses GitHub to run the department effortlessly.... читать далее
Company Product Security GitHub Actions GitHub IssuesРазработка • The GitHub Blog • 30 июня 2022 г. 19:34
High-quality Git commits are the key to a maintainable and collaborative open- or closed-source project. Learn strategies to improve and use commits to streamline your development process.... читать далее
Engineering best practicesРазработка • The GitHub Blog • 30 июня 2022 г. 15:11
Maintainers answer your questions about how to manage an open source project that grows into a community.... читать далее
Community communitiesРазработка • The GitHub Blog • 30 июня 2022 г. 15:00
Meet the 2022 MLH Fellowship cohort! This 12-week internship alternative is for aspiring software engineers, and powered by GitHub.... читать далее
Education Open Source MLH FellowshipРазработка • The GitHub Blog • 29 июня 2022 г. 18:39
In this post I'll exploit CVE-2022-1134, a type confusion in Chrome that I reported in March 2022, which allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site. I'll also look at some past vulnerabi...... читать далее
Security GitHub Security LabРазработка • The GitHub Blog • 29 июня 2022 г. 17:00
Monorepo performance can suffer due to the sheer number of files in your working directory. Git’s new builtin file system monitor makes it easy to speed up monorepo performance.... читать далее
Engineering Open Source Git monorepoРазработка • The GitHub Blog • 28 июня 2022 г. 17:00
The recent changes to improve protocol security on GitHub.com are now coming to GitHub Enterprise Server, starting with version 3.6.... читать далее
Enterprise Product Security Git GitHub Enterprise Server SSHРазработка • The GitHub Blog • 27 июня 2022 г. 20:24
We’re excited to announce that the GitHub Advisory Database now includes curated security advisories on Erlang, Elixir, and more.... читать далее
Company SecurityРазработка • The GitHub Blog • 27 июня 2022 г. 18:01
The open source Git project just released Git 2.37. Take a look at some of our highlights from the latest release.... читать далее
Engineering Open Source GitРазработка • The GitHub Blog • 24 июня 2022 г. 15:32
To celebrate Maintainer Month, GitHub has invested an additional $500,000 to help sponsor the open source projects that it depends on.... читать далее
Open Source GitHub Sponsors maintainersРазработка • The GitHub Blog • 22 июня 2022 г. 21:04
We’re releasing exciting functionalities that will enable organizations to confidently manage and scale with Codespaces.... читать далее
Enterprise Policy Product CodespacesРазработка • The GitHub Blog • 21 июня 2022 г. 16:04
We’re making GitHub Copilot, an AI pair programmer that suggests code in your editor, generally available to all developers for $10 USD/month or $100 USD/year. It will also be free to use for verified students and maintainers of popular open source p...... читать далее
Product GitHub CopilotРазработка • The GitHub Blog • 20 июня 2022 г. 17:00
GitHub is excited to announce the release of CodeQL queries that implement the standards CERT C++ and AUTOSAR C++. These queries can aid developers looking to demonstrate ISO 26262 Part 6 process compliance.... читать далее
Open Source Security code scanning CodeQL open sourceРазработка • The GitHub Blog • 17 июня 2022 г. 19:00
Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities... читать далее
Product Security DependabotРазработка • The GitHub Blog • 16 июня 2022 г. 22:05
Each month, we highlight open source projects that have shipped major updates. These projects can include everything from world-changing technology to developer tooling, and weekend hobbies. We cover what the project is and some of their breaking cha...... читать далее
Community Open Source Go java javascript JSON laravel Node.js PHP python ruby ubuntuРазработка • The GitHub Blog • 16 июня 2022 г. 16:00
In this post I’ll exploit CVE-2022-22057, a use-after-free in the Qualcomm gpu kernel driver, to gain root and disable SELinux from the untrusted app sandbox on a Samsung Z flip 3. I’ll look at various mitigations that are implemented on modern Andro...... читать далее
Security GitHub Security LabРазработка • The GitHub Blog • 16 июня 2022 г. 0:29
Git Merge, the conference dedicated to bringing the Git community together returns on September 14-15 in Chicago, Illinois.... читать далее
Community Open Source Git Git MergeРазработка • The GitHub Blog • 15 июня 2022 г. 17:00
Teams and GHEC customers can now create blazing fast codespaces, even for your largest and most complex projects.... читать далее
Engineering Product CodespacesРазработка • The GitHub Blog • 15 июня 2022 г. 15:46
To combat the prevalence of malware in the open source ecosystem, GitHub now publishes malware occurrences in the GitHub Advisory Database. These advisories power Dependabot alerts and remain forever free and usable by the community.... читать далее
Security Dependabot supply chain security
