The latest blogs from GitHub

Learn to automate dependency management using GitHub Copilot, GitHub Actions, and Dependabot to eliminate manual checks, improve security, and save time for what really matters.

GitHub Copilot isn’t just for developers! Discover how product managers, security professionals, scrum masters, and more use GitHub Copilot to streamline tasks, automate workflows, and boost productivity across teams.

Passwords are notoriously difficult to detect with conventional programming approaches. AI can help us find passwords better because it understands context. This blog post will explore the technical challenges we faced with building the feature and the novel and creative ways we solved them.

Get started with GitHub Copilot and navigate features like Copilot Chat in this installment of the GitHub for Beginners series.

GitHub’s Digital Public Goods Open Source Community Manager Program just wrapped up a second successful year, helping Community Managers gain experience in using open source for good.

GitHub Copilot can streamline your debugging process by troubleshooting in your IDE, analyzing pull requests, and more, helping you tackle issues faster and more robustly.

We share the full year 2024 data update on our Transparency Center and highlight how developers can engage with us on our site policies and content moderation.

Show your appreciation to the open source projects you love. You can help provide much-needed support to the critical but often underfunded projects that keep your infrastructure running smoothly. And remember—every day is a perfect day to support open source! 💖

In January, we experienced two incidents that resulted in degraded performance across GitHub services.

How GitHub’s Product Security Engineering team manages our CodeQL implementation at scale and how you can, too.

Discover how to use GitHub Copilot to refactor your code and see samples of it in action.

The partnership between GitHub and Endor Labs enables application security engineers and developers to drastically reduce time spent on open source vulnerabilities, and gives them the tools to go from finding to fixing.

Introducing agent mode for GitHub Copilot in VS Code, announcing the general availability of Copilot Edits, and providing a first look at our SWE agent.

Three open source experts offer their advice on sharing open source projects with the world.

Empowering humanitarian action with open source: A natural language search tool for UN Resolutions.

Discover the exciting world of cybersecurity research: what researchers do, essential skills, and actionable steps to begin your journey toward protecting the digital world.

A deep dive on the work that went into making the component that powers repository and pull request file trees.

Open source AI models are in widespread use, enabling developers around the world to build custom AI solutions and host them where they choose.

Explore our simple guide to finding projects, understanding guidelines, and making an impact.

Discover the latest trends and insights on public software development activity on GitHub with the release of Q2 & Q3 2024 data for the Innovation Graph.

Learn how specially crafted artifacts can be used to attack Maven repository managers. This post describes PoC exploits that can lead to pre-auth remote code execution and poisoning of the local artifacts in Sonatype Nexus and JFrog Artifactory.