GitHub’s response to Log4j vulnerability CVE-2021-44228
On Thursday, December 9, 2021, GitHub was made aware of a vulnerability in the Log4j logging framework, CVE-2021-44228.
On Thursday, December 9, 2021, GitHub was made aware of a vulnerability in the Log4j logging framework, CVE-2021-44228.
We shipped a ton of updates in November, from the push notification for PR review activities on the go, to an easy way to create Markdown links.
Last week, GitHub joined the Internet Governance Forum to spread awareness of developers’ initiatives and public policy interests.
Precise code navigation is powered by stack graphs, a new open source framework that lets you define the name binding rules for a programming language.
Code navigation is now available in PRs, and code navigation results for Python are now more precise.
Today, we are rolling out a technology preview for GitHub code search, the next iteration for search, discovery, and navigation on GitHub.
GitHub Enterprise Server is now generally available for all customers. This release improves performance for CI/CD and for customers with large repositories.
Today we’re introducing enhanced login verification to the npm registry, and we will begin a staged rollout to maintainers beginning Dec 7.
This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place.
GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow.