Developer experience examines how people, processes, and tools affect developers’ ability to work efficiently. What do building software and vacuuming your house have in common? Jonathan Carter, technical advisor of the CEO at GitHub, used to hate vacuuming. That’s because his v … | Continue reading
At GitHub, we’re committed to building a more diverse and inclusive tech industry through our open source community, All In. We believe advancing diversity, equity, and inclusion (DEI) in open source communities makes for better, more innovative products that serve a broader audi … | Continue reading
Mobile applications have become a fundamental part of everyday life, from how we work, communicate, and entertain ourselves. We rely on mobile applications for their convenience, ease of use, and ability to provide access to a wide range of services and information on the go. At … | Continue reading
At GitHub, we believe in the power of collaboration and the importance of maintaining active and thriving projects. As an organization expands and projects evolve, repositories can easily become stale and inactive. It’s important to identify these repositories and take appropriat … | Continue reading
DevOps practices have helped demonstrate the value in bringing teams together to accelerate value for end-users. This typically includes automating build and release processes and bringing quality checks directly into the workflow. Fundamentally, these processes depend on some so … | Continue reading
Maintaining an open source project is a lot of work. You have to write features, respond to issues, review pull requests, moderate community discussions, write documentation, and more. Bringing in co-maintainers can help prevent burnout by offering fresh perspectives and making a … | Continue reading
The open source Git project just released Git 2.41 with features and bug fixes from over 95 contributors, 29 of them new. We last caught up with you on the latest in Git back when 2.40 was released. To celebrate this most recent release, here’s GitHub’s look at some of the most i … | Continue reading
The past few years have seen an increase in the number of open source program offices (OSPOs) operating in enterprises, academia, and government—notably, the Octoverse 2022 report found that over 30% of Fortune 100 companies have implemented an OSPO. These programs aim to become … | Continue reading
In this blog, I’ll look at CVE-2022-46395, a variant of Project Zero issue 2327 (CVE-2022-36449) and show how it can be used to gain arbitrary kernel code execution and root privileges from the untrusted app domain on an Android phone that uses the Arm Mali GPU. I used a Pixel 6 … | Continue reading
Low-code has enabled not only developers to deploy code more easily, but it has also lowered the barrier to entry for many others to deploy applications without having to have a large amount of coding knowledge. Low-code has enabled so many to deliver applications and solve probl … | Continue reading
Subscribe to The ReadME Podcast on Apple Podcasts, Spotify, or wherever you listen to podcasts. “The future of Kubernetes, if we’re being honest, is that it has to go away. If we’re still talking about Kubernetes 20 years from now, that would be a sad moment in tech because we di … | Continue reading
Web applications are foundational to nearly every aspect of everyday life, whether they are used for shopping and remote work, or to provide life-saving services in hospitals and power critical infrastructure. However, the proliferation of web applications doesn’t come without ri … | Continue reading
Our global developer and customer event, GitHub Universe, is back in-person and online later this year on November 8-9. (Make sure to save the date if you’re planning to attend!) That means it’s time to source the speakers and sessions that make Universe magical. As someone who h … | Continue reading
At GitHub, our favorite people are developers. We love to make them happy and productive, and today, on Global Accessibility Awareness Day, we want to celebrate their achievements by sharing some great stories about a few developers with disabilities alongside news of recent acce … | Continue reading
The first time that engineers at GitHub worked with one of OpenAI’s large language models (LLM), they were equal parts excited and astonished. Alireza Goudarzi, a senior researcher of machine learning at GitHub recounts, “As a theoretical AI researcher, my job has been to take ap … | Continue reading
To make working with GitHub Copilot feel like a meeting of the minds between developers and the pair programmer, GitHub’s machine learning experts have been busy researching, developing, and testing new capabilities—and many are focused on improving the AI pair programmer’s conte … | Continue reading
As a design organization we have the opportunity to make a significant impact on making GitHub inclusive for all developers. Designing complex interactions for users with a wide range of abilities is challenging. It’s easy to fall into traps where checks pass but the resulting ex … | Continue reading
Last week, GitHub experienced several availability incidents, both long running and shorter duration. We have since mitigated these incidents and all systems are now operating normally. The root causes for these incidents were unrelated but in aggregate, they negatively impacted … | Continue reading
Subscribe to The ReadME Podcast on Apple Podcasts, Spotify, or wherever you listen to podcasts. “It’s paradoxical that we preach openness, except when it’s how we use the software. I get it, we think of open source as being ownerless, permissionless, and accessible by anyone. But … | Continue reading
For the first time ever, I built a browser extension and did it with the help of GitHub Copilot. Here’s how. I’ve built a rock, paper, scissors game with GitHub Copilot but never a browser extension. As a developer advocate at GitHub, I decided to put GitHub Copilot to the test … | Continue reading
GitHub has recently made some significant user interface changes to navigation and search. Our vision is to be the home for all developers–including those with disabilities–so as we’ve built these features, we included accessibility throughout the development process. If you’re a … | Continue reading
Over 100 million developers around the world come to GitHub to build software. Primer, GitHub’s open source design system, is responsible for creating inclusive, responsive and efficient experiences for a diverse range of users. The Primer team aims to enable all user interface ( … | Continue reading
Lee este articulo en español Imagínate esto: te sientas en tu escritorio con una taza de café caliente y una relajante lista de reproducción lofi que se reproduce de fondo. Abres ansiosamente tu computadora, listo para comenzar a codificar. Pero para tu consternación, se ve afect … | Continue reading
Game Bytes is our monthly series taking a peek at the world of gamedev on GitHub—featuring game engine updates, game jam details, open source games, mods, maps, and more. Game on! Engine watch Babylon.js 6.0 https://github.blog/wp-content/uploads/2023/05/babylon-js-6.0.mp4 … | Continue reading
Is your company using generative AI yet? While it’s still in its infancy, generative AI coding tools are already changing the way developers and companies build software. Generative AI can boost developer and business productivity by automating tasks, improving communication and … | Continue reading
Although some ReDoS vulnerabilities can be very serious (particularly when they’re server-side and enable an untrusted remote attacker to DOS the server), very often they land much closer to the “annoying” end of the CVSS rating scale: not particularly serious, but easy to create … | Continue reading
At GitHub, we believe that by empowering developers with intuitive security built into their workflows, we can, together, shift security from reactive to proactive. Since the beta release of secret scanning’s push protection feature for GitHub Advanced Security users in April 202 … | Continue reading
Retrospectives are essential for a team’s ongoing growth and achievement, but they can be exclusionary for team members with disabilities due to the inaccessibility of most retrospective tools. These tools often depend on drag-and-drop functionality, images, color coding, and und … | Continue reading
One of the most fundamental tasks developers perform is reading and understanding code. Whether planning and implementing a new feature, investigating a bug, or reviewing a pull request, developers typically spend more time reading and understanding code than writing it. That’s w … | Continue reading
Modern software engineering practices are essential to deliver value to your users. After all, isn’t that the promise of DevOps? A combination of people, process, and technology to accelerate delivery of value to end users? Value could mean many things. It could mean running a re … | Continue reading
GitHub is the home for all developers, a place where we come together to learn, collaborate, and ship code. At GitHub Education, our goal is to welcome students and teachers into that home and provide them with the skills and leading industry tools to complete their academic jour … | Continue reading
Missed GitHub CEO Thomas Dohmke’s Web Summit Rio 2023 talk? Read his remarks and get caught up on everything GitHub Copilot X. Hello, Rio! I’m Thomas, and I’m a developer. I’ve been looking forward to this for some time, about a year. When I first planned this talk, I wanted to … | Continue reading
As a developer, there’s a variety of application security tools that you can use to help secure your applications. It’s not uncommon to find yourself balancing multiple tools in your application security stack, whether they be an open source or third-party solution. Code scanning … | Continue reading
GitHub believes that everyone—especially people from underserved and underrepresented communities — should have access to open source and the necessary skills to engage in open source development. To that end, we launched All In for Students to provide open source training, as we … | Continue reading
In April, we experienced four incidents that resulted in degraded performance across GitHub services. This report also sheds light into three March incidents that resulted in degraded performance across GitHub services. March 27 12:25 UTC (lasting 1 hour and 33 minutes) On March … | Continue reading
Creating an open source project can feel a bit like sending out an open invite to a party—will it be a roaring good time, or will you unbegrudginly dine on leftover junk food for the following week after nobody shows? When the first guest arrives, you breathe a sigh of relief. Th … | Continue reading
Over the past few months, we’ve made a number of improvements that make Dependabot smarter, quieter, and easier to work with, from pausing pull requests on inactive repositories to making alerts visible to more developers. Today, we’re addressing the alert fatigue problem with a … | Continue reading
Subscribe to The ReadME Podcast on Apple Podcasts, Spotify, or wherever you listen to podcasts. Envision a cubic kilometer of seawater—imagine swimming a kilometer out into the ocean, down a kilometer, and over a kilometer. If you could use fusion to tap into the energy from the … | Continue reading
The CLI is a critical component of a developer’s toolkit—it’s a trusty sidekick that offers flexibility and control. You can tell it what to do by simply typing in a specific command, and it will execute those commands like moving files, running programs, or even starting up a se … | Continue reading
Today, the Git project released new versions to address a pair of security vulnerabilities, CVE-2023-25652 and CVE-2023-29007, that affect versions 2.40.0 and older. Git was also patched to address additional, Windows-specific vulnerabilities: CVE-2023-25815, CVE-2023-29011, and … | Continue reading
Are you looking for ways to support open source maintainers? Maintainer Month is the perfect opportunity! This May, open source maintainers from all around the world will come together to celebrate their hard work and contributions to the community. And we’re looking for partners … | Continue reading
I joined GitHub on April 23, 2013 – almost exactly 10 years ago. In the time since then, I’ve seen the astonishing evolution of GitHub, and I am thrilled to be stepping into the role of Chief Operating Officer for the company I have loved for more than a decade. When I joined Git … | Continue reading
Powered by GitHub Apps, Deployment Protection Rules bring additional control to your GitHub Actions CI/CD workflows. Deployment Protection Rules allow you, your team, and your organization to employ the management mechanisms that meet your needs and standards, to ensure you’re de … | Continue reading
Today, we’re announcing the general availability of private vulnerability reporting, a private collaboration channel that makes it easier for researchers and maintainers to report and fix vulnerabilities on public repositories. “One of the biggest struggles as a researcher has be … | Continue reading
Starting today, when you build your npm projects on GitHub Actions, you can publish provenance alongside your package by including the --provenance flag. This provenance data gives consumers a verifiable way to link a package back to its source repository and the specific build i … | Continue reading
As cyberspace has increasingly become a site of conflict, there has been a rise in cyber mercenaries, or private sector actors that wage offensive operations in cyberspace on behalf of governments or private actors. Cyber mercenaries hoard and sell exploits and surveillance tools … | Continue reading
In January, we launched default setup, a new way to enable code scanning. Default setup has been a game changer, allowing you to enable code scanning on your repository in just a few clicks, without using a .yaml workflow file. We’ve gotten great feedback from the security commun … | Continue reading
In a previous blog on consolidating your toolkit, we shared strategies to help you simplify your tech stack, which ultimately helps developers be more productive. In fact, developers are almost 60% more likely to feel equipped to do their job when they can easily find what they n … | Continue reading