The GitHub Blog

In December, we experienced no incidents resulting in service downtime to our core services.

The GitHub Security Lab’s CodeQL bounty program fuels GitHub Advanced Security with queries written by the open source community.

As the year winds down, we’re highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers.

GitHub was honored to contribute to the Santa Clara Principles on Transparency and Accountability in Content Moderation 2.0.

In this post, I’ll discuss how to apply OWASP Proactive Control C2: Leverage security frameworks and libraries.

When you want to create a workflow in the Actions tab of your repository, the recommendations are now based on an analysis of repo content.

Codespaces is a great tool for technical hiring exercises and helps level the playing field for candidates.

Looking to avoid security vulnerabilities, buttons that don’t work, slow site speeds, or manually writing release notes? This one’s for you.

This blog post tells the story of why we built a new search engine optimized for code.

Use GitHub’s security features to assess Apache Log4j exposure and, where possible, mitigate this vulnerability within your GitHub repositories.