js13kGames is an annual online game development competition that challenges participants to create a themed HTML5 game using only 13 kilobytes of JavaScript. It was founded by GitHub Star Andrzej Mazur aka @end3r and has been running since 2012, attracting developers from around … | Continue reading
Skilling 5,000 people in the next two years in open source As the global home for all developers, we are uniquely positioned to lower barriers to entry in open source and help close gaps in representation in tech more broadly. We believe that by working together with our partners … | Continue reading
In September, we experienced two incidents that resulted in degraded performance across GitHub services. September 5 16:24 UTC (lasting 19 minutes) On September 5, from 16:24-16:43 UTC, multiple GitHub services were down or degraded due to an outage in one of our primary database … | Continue reading
Centrally managed policies are hard CI/CD best practices are easy to talk about and hard to implement. For example, teams want to avoid surprises before deploying code but often stop short of introducing centrally managed policies to help protect their repositories. Let’s face it … | Continue reading
Today, we’re releasing new research on GitHub Copilot Chat. By using the power of natural language, developers in our study used GitHub Copilot Chat to get real-time guidance, tips, troubleshooting, remediation, and solutions tailored to their specific coding challenges—all in re … | Continue reading
Today, in coordination with Ilya Lipnitskiy (the maintainer of libcue) and the distros mailing list, the GitHub Security Lab is disclosing CVE-2023-43641, a memory corruption vulnerability in libcue. We have also sent a text-only version of this blog post to the oss-security list … | Continue reading
Large Language Models (LLMs) are trained on vast quantities of data. As a result, they have the capacity to generate a wide range of results. By default, the results from LLMs may not meet your expectations. So, how do you coax an LLM to generate results that are more aligned wit … | Continue reading
Header image credit: Kingsley Mpandiok Empowering African developers Africa is home to diverse cultures, languages, and perspectives. According to Business Insider, it is projected to become the world’s fastest-growing region, with six out of the ten fastest-growing economies in … | Continue reading
We all know that AI is changing the world. But what happens when you combine AI with the power of open source? Over the past year, there has been an explosion of open source generative AI projects on GitHub: by our count, more than 8,000. They range from commercially backed large … | Continue reading
As a company that’s been remote-first since day one, GitHub Engineering has learned a lot about how to communicate effectively across time zones, teams, and tools. We’ve distilled our experience into a set of guidelines that we call “How we communicate,” and we’re sharing them wi … | Continue reading
At GitHub, we launched secret scanning with the mission of eliminating all credential leaks. In support of this mission, this year we’ve made secret scanning and secret scanning push protection free on public repositories to help open source users detect and prevent secret leaks. … | Continue reading
We built—and continue to build—GitHub Sponsors because we believe in a future where the open source ecosystem is one that is sustainable for everyone involved. Back in April 2023, we made organization-funded sponsorships generally available, alongside a promise to continue expand … | Continue reading
As GitHub’s Chief Security Officer and SVP of Engineering, one of the most common discussions I have with other engineering and security leaders is the state of supply chain security. We all know it’s been an interesting few years, and supply chain security has rocketed into the … | Continue reading
As we kick off Cybersecurity Awareness Month, the GitHub bug bounty team is excited to spotlight one of the top performing security researchers who participates in the GitHub Security Bug Bounty Program, @inspector-ambitious! As home to over 100 million developers and 372 million … | Continue reading
Today, GitHub is releasing a public beta for the new, Apple silicon powered M1 macOS larger runner for GitHub Actions. Apple silicon powered M1 macOS larger runners Apple developers require the latest chipset to take advantage of features in the latest versions of iOS and macOS. … | Continue reading
Game Bytes is our monthly series taking a peek at the world of gamedev on GitHub—featuring game engine updates, game jam details, open source games, mods, maps, and more. Game on! Game news Roboden Play Source … | Continue reading
At GitHub, we’re not just about offering you a powerful platform to orchestrate your software development strategy. We’re also committed to surfacing community expertise and knowledge, so you and your team can get the most out of GitHub. Today, we are launching GitHub Learning Pa … | Continue reading
Ever since we announced GitHub Copilot Chat in March this year, I’ve been thinking a lot about how it’s improving developer happiness and overall satisfaction while coding. Especially for junior developers looking to upskill, or those in the learning phase of diving into a new fr … | Continue reading
The Developer Experience (DX) team at GitHub collaborated with a number of other teams to work on moving our continuous integration (CI) system to GitHub Actions to support the development and scaling demands of our engineering team. Our goal as a team is to enable our engineers … | Continue reading
The GitHub Universe ‘23 agenda has landed! You know the drill: every year, Universe brings together the world’s developers, enterprise leaders, and security professionals to uncover the latest trends and best practices in software development. Whether you’re a novice open source … | Continue reading
In this post, I’ll explain how to exploit CVE-2023-3420, a type confusion vulnerability in v8 (the Javascript engine of Chrome), that I reported in June 2023 as bug 1452137. The bug was fixed in version 114.0.5735.198/199. It allows remote code execution (RCE) in the renderer san … | Continue reading
Teachers are essential in training the next generation of software developers. In order to do your best work as an educator and support your students, you need tools that meet your unique needs and use cases. With the power of open source, you can now build the features that you … | Continue reading
When I stepped onto the scale this morning, I remembered that there are some numbers that feel awkward to celebrate, while perhaps some others are worth celebrating! Recently, the GitHub Security Lab passed the milestone of 500 CVEs disclosed to open source projects. What’s a CVE … | Continue reading
Passkeys are a new form of sign-in and phishing resistant credential that make it easier to protect your GitHub account by reducing use of passwords and other, more easily phishable authentication methods. Since the launch of passkeys in beta in July, tens of thousands of develop … | Continue reading
I’m excited to announce the launch of the GitHub Innovation Graph, our open data and insights platform on the global and local impact of developers. For too long, measures of innovation have focused solely on things like patents and research papers, while policymakers and researc … | Continue reading
In July, we introduced a public beta of GitHub Copilot Chat, a pivotal component of our vision for the future of AI-powered software development, for all GitHub Copilot for Business users. Today, we’re thrilled to take the next step forward in our GitHub Copilot X journey by rele … | Continue reading
At GitHub Education, we work to provide a community that welcomes student developers, while also supporting them with the skills and leading industry tools that meet them at every stage of their academic journey. We’ve helped more than 4 million students build their skills throug … | Continue reading
We live in a world fully consumed by software. According to the IDC, around 750 million applications will be shipped globally by 2025, meaning the feat of securing the world’s software is growing at an unprecedented rate at a time when digital trust has never been more important. … | Continue reading
Starting from February 15, 2024, Atlassian will no longer offer technical support, security updates or vulnerability fixes for their Server products like Bitbucket Server and Bamboo Server. Switching from these tools to GitHub Enterprise Cloud and GitHub Actions has become easier … | Continue reading
Since the May beta release of our GitHub-curated Dependabot policies that detect and close false positive alerts, over 250k repositories have manually opted in, with an average improvement of over 1 in 10 alerts. The impact so far: auto-dismissal of millions of alerts that would … | Continue reading
In August, we experienced two incidents that resulted in degraded performance across GitHub services. August 15 16:58 UTC (lasting 4 hours 29 minutes) On August 15 at 16:58 UTC, GitHub started experiencing increasing delays in an internal job queue used to process webhooks. We st … | Continue reading
We’re thrilled to announce, for the fifth year in a row, an opportunity for students to connect with GitHub employees ahead of GitHub Universe 2023. Whether you’re joining us virtually or in-person on November 8-9, we’re kicking the conference off with virtual micro-mentoring ses … | Continue reading
AI is fundamentally changing the technology and security landscape. At GitHub, we see AI as a way for developers to both speed up their development process and simultaneously write more secure code. For instance, GitHub Copilot includes a security filter that targets the most com … | Continue reading
If you want to build and scale an application using a large language model (LLM), this article’s for you. It took us three years to develop GitHub Copilot before we officially launched it to the general public. To go from idea to production, we followed three stages—find it, nai … | Continue reading
The Microsoft Azure cloud computing dictionary describes edge computing as a framework that “allows devices in remote locations to process data at the ‘edge’ of the network, either by the device or a local server. And when data needs to be processed in the central datacenter, onl … | Continue reading
Over the past few weeks, we’ve rolled out a change to the virtual machines that host GitHub Codespaces to provide all of our users twice the RAM, and approximately 10-30% improved CPU performance after adopting Advanced Micro Devices (AMD)-based hosts. Now that this change has ro … | Continue reading
For the eighth year in a row, Rust has topped the chart as “the most desired programming language” in Stack Overflow’s annual developer survey. And with more than 80% of developers reporting that they’d like to use the language again next year, you have to wonder how a language c … | Continue reading
GitHub Enterprise Server 3.10 is now generally available. With this version, organizations are able to give developers and administrators more control over their repositories with enhanced security and compliance controls, and ensure secure development is a top priority. Highligh … | Continue reading
GitHub Projects has been adopted by program managers, OSS maintainers, enterprises, and individual developers alike for its user-friendly design and efficiency. We all know that managing issues and pull requests in our repositories can be challenging. To help you optimize your us … | Continue reading
Engine watch Happy Third birthday to Bevy Bevy (previously on Game Bytes), a cross-platform game engine built in Rust, is celebrating the third anniversary of its initial public release. The Bevy team is also taking the opportunity to reflect on what the community has achieved an … | Continue reading
When the next Log4j lands, you don’t want to find out that you’re several versions behind, and that it’s going to take the team days to fix all of the breaking changes. Dependabot version updates automate the patching process, giving you a measure of protection from unwelcome sur … | Continue reading
Ever found yourself struggling to set up a brand-new Integrated Development Environment (IDE) for a project? The overwhelming process of dealing with build errors, dependencies, and configurations can leave you feeling frustrated and short on time. Trust me, I’ve been there, too. … | Continue reading
In today’s world, the power of tech is undeniable. I’m thrilled to share new work that we have launched, especially focused on the myriad ways that GitHub, GitHub Copilot, and technology in general can be leveraged to address some of the world’s toughest challenges. As we embark … | Continue reading
The open source Git project just released Git 2.42 with features and bug fixes from over 67 contributors, 16 of them new. We last caught up with you on the latest in Git back when 2.41 was released. To celebrate this most recent release, here’s GitHub’s look at some of the most i … | Continue reading
Although X.509 certificates have been here for a while, they have become more popular for client authentication in zero-trust networks in recent years. Mutual TLS, or authentication based on X.509 certificates in general, brings advantages compared to passwords or tokens, but you … | Continue reading
Here’s what we know: developers need to feel satisfied in their work to be productive and organizations need their teams to be productive in order to succeed. But getting there? That’s the challenge. This year’s GitHub Universe is dedicated to helping developers and enterprises a … | Continue reading
After the last Release Radar, I promised the next one wouldn’t be far away, so here it is. This is the low down on some of the best open source projects that shipped major version updates in July. There’s lots of cool stuff from natural language processing, to APIs, money, and SD … | Continue reading
GitHub Security is constantly monitoring for abuse and security threats to GitHub, developers and communities that call GitHub home. In this blog, we are taking a moment to remind developers of some best practices and important defenses against common attack patterns against GitH … | Continue reading