Git Merge 2022
Git Merge, the conference dedicated to bringing the Git community together returns on September 14-15 in Chicago, Illinois.
Prebuilding codespaces is generally available
Teams and GHEC customers can now create blazing fast codespaces, even for your largest and most complex projects.
Introducing GitHub Skills
Today, we’re announcing GitHub Skills, a new learning experience to help you throughout your GitHub journey.
GitHub brings supply chain security features to the Rust community
The Rust community can now discover, report, and prevent security vulnerabilities.
Creating a more comprehensive dependency graph with build time detection
Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities
Release Radar · May 2022 Edition
Each month, we highlight open source projects that have shipped major updates. These projects can include everything from world-changing technology to developer tooling, and weekend hobbies. We cover what the…
Latest posts
The Android kernel mitigations obstacle race
In this post I’ll exploit CVE-2022-22057, a use-after-free in the Qualcomm gpu kernel driver, to gain root and disable SELinux from the untrusted app sandbox on a Samsung Z flip 3. I’ll look at various mitigations that are implemented on modern Android devices and how they affect the exploit.
GitHub now publishes malware advisories in the GitHub Advisory Database
To combat the prevalence of malware in the open source ecosystem, GitHub now publishes malware occurrences in the GitHub Advisory Database. These advisories power Dependabot alerts and remain forever free and usable by the community.
Accelerating GitHub theme creation with color tooling
Learn why the GitHub Design Infrastructure team built a dedicated color tool and how they use it to create new color palettes for GitHub.
How can the United States build its Open Source Software policy?
We share a recap of a recent roundtable event about what a federal open source software policy could look like in the United States.
Engineering
Prebuilding codespaces is generally available
Teams and GHEC customers can now create blazing fast codespaces, even for your largest and most complex projects.
Accelerating GitHub theme creation with color tooling
Learn why the GitHub Design Infrastructure team built a dedicated color tool and how they use it to create new color palettes for GitHub.
How we think about browsers
Discover how GitHub thinks about browser support, look at usage patterns, and learn about the tools we use to make sure our customers are getting the best experience.
Sunsetting Atom
We are archiving Atom and all projects under the Atom organization for an official sunset on December 15, 2022.
Community
Release Radar · May 2022 Edition
Each month, we highlight open source projects that have shipped major updates. These projects can include everything from world-changing technology to developer tooling, and weekend hobbies. We cover what the…
Git Merge 2022
Git Merge, the conference dedicated to bringing the Git community together returns on September 14-15 in Chicago, Illinois.
Open Source Monthly: June 2022 Edition
June's Open Source Monthly features Modos–a community-focused company building software and hardware that designs digital devices with respect for users' time, attention, and well-being.
Trending stories
1
Git Merge 2022
Git Merge, the conference dedicated to bringing the Git community together returns on September 14-15 in Chicago, Illinois.
2
Prebuilding codespaces is generally available
Teams and GHEC customers can now create blazing fast codespaces, even for your largest and most complex projects.
3
Sunsetting Atom
We are archiving Atom and all projects under the Atom organization for an official sunset on December 15, 2022.
4
Creating a more comprehensive dependency graph with build time detection
Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities
5
The Android kernel mitigations obstacle race
In this post I’ll exploit CVE-2022-22057, a use-after-free in the Qualcomm gpu kernel driver, to gain root and disable SELinux from the untrusted app sandbox on a Samsung Z flip 3. I’ll look at various mitigations that are implemented on modern Android devices and how they affect the exploit.
6
Accelerating GitHub theme creation with color tooling
Learn why the GitHub Design Infrastructure team built a dedicated color tool and how they use it to create new color palettes for GitHub.
Product
Creating a more comprehensive dependency graph with build time detection
Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities
Prebuilding codespaces is generally available
Teams and GHEC customers can now create blazing fast codespaces, even for your largest and most complex projects.
Introducing Achievements: recognizing the many stages of a developer’s coding journey
Available in public beta today, we're announcing Achievements as a new way to commemorate milestones on GitHub.
Sunsetting Atom
We are archiving Atom and all projects under the Atom organization for an official sunset on December 15, 2022.
Introducing GitHub Skills
Today, we’re announcing GitHub Skills, a new learning experience to help you throughout your GitHub journey.
GitHub brings supply chain security features to the Rust community
The Rust community can now discover, report, and prevent security vulnerabilities.
A beginner’s guide to CI/CD and automation on GitHub
CI/CD and workflow automation are native capabilities on GitHub platform. Here’s how to start using them and speed up your workflows.
Security
Creating a more comprehensive dependency graph with build time detection
Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities
The Android kernel mitigations obstacle race
In this post I’ll exploit CVE-2022-22057, a use-after-free in the Qualcomm gpu kernel driver, to gain root and disable SELinux from the untrusted app sandbox on a Samsung Z flip 3. I’ll look at various mitigations that are implemented on modern Android devices and how they affect the exploit.
GitHub now publishes malware advisories in the GitHub Advisory Database
To combat the prevalence of malware in the open source ecosystem, GitHub now publishes malware occurrences in the GitHub Advisory Database. These advisories power Dependabot alerts and remain forever free and usable by the community.
Introducing Entitlements: GitHub's open source Identity and Access Management solution
We're excited to announce that we're open sourcing our Identity and Access Management solution: Entitlements.
One developer’s journey bringing Dependabot to GitHub Enterprise Server
A personal story about building the feature you want and sharing it with the world.
GitHub brings supply chain security features to the Rust community
The Rust community can now discover, report, and prevent security vulnerabilities.
Open Source
Release Radar · May 2022 Edition
Each month, we highlight open source projects that have shipped major updates. These projects can include everything from world-changing technology to developer tooling, and weekend hobbies. We cover what the…
Git Merge 2022
Git Merge, the conference dedicated to bringing the Git community together returns on September 14-15 in Chicago, Illinois.
How can the United States build its Open Source Software policy?
We share a recap of a recent roundtable event about what a federal open source software policy could look like in the United States.
Open Source Monthly: June 2022 Edition
June's Open Source Monthly features Modos–a community-focused company building software and hardware that designs digital devices with respect for users' time, attention, and well-being.
Introducing Entitlements: GitHub's open source Identity and Access Management solution
We're excited to announce that we're open sourcing our Identity and Access Management solution: Entitlements.
Enterprise
Dependabot Updates hit GA in GHES
Dependabot is generally available in GitHub Enterprise Server 3.5. Here is how to set up Dependabot on your instance.
One developer’s journey bringing Dependabot to GitHub Enterprise Server
A personal story about building the feature you want and sharing it with the world.
What's new in security and user management for GitHub Enterprise
Learn how you can securely manage users with the latest ships for GitHub Enterprise.
Education
Start your open source journey with Community Exchange
Are you a student who is new to open source or just starting your maintainer journey? GitHub Global Campus’ Community Exchange can help you make that first contribution or grow your open source project.
Graduation is here! Celebrate the Class of 2022, and join GitHub on June 11 🎓
This year, thousands of students from around the world came together and redefined the world we live in, how we learn, and how we move forward. We are honored to…
Prepare for next semester with GitHub Global Campus and Codespaces
Teachers, it is now your turn to join GitHub Global Campus with our student community! Get access to exclusive benefits, programs, and the Power of Codespaces at no cost in GitHub Classroom!
Policy
How can the United States build its Open Source Software policy?
We share a recap of a recent roundtable event about what a federal open source software policy could look like in the United States.
Our response to the war in Ukraine
As the global response to the tragedies in Ukraine and other impacted regions continues to evolve, I wanted to share with our community an expansion of the message that I shared earlier this week with our Hubbers.
2021 Transparency Report
In GitHub's latest transparency report, we’re giving you a by-the-numbers look at how we responded to requests for user info and content removal.
Company
Accelerating GitHub theme creation with color tooling
Learn why the GitHub Design Infrastructure team built a dedicated color tool and how they use it to create new color palettes for GitHub.
Sunsetting Atom
We are archiving Atom and all projects under the Atom organization for an official sunset on December 15, 2022.