The architecture of today's LLM applications
Here’s everything you need to know to build your first LLM app and problem spaces you can start exploring today.
Introducing the GitHub transparency center
It’s time for our biannual transparency report, where we share how we approach content moderation and disclosure of user information. This year, we’re introducing the transparency center, a new platform for our transparency reporting data.
Release Radar · Hacktoberfest 2023 Edition
As Hacktoberfest comes to a close, you still have a day or so left to complete and submit your pull requests. If you're struggling to think of projects to contribute…
Demystifying LLMs: How they can do things they weren't trained to do
Explore how LLMs generate text, why they sometimes hallucinate information, and the ethical implications surrounding their incredible capabilities.
Developers are the first group to adopt AI at work. Here’s why that matters.
From starting at GitHub over 10 years ago as a developer to becoming the Chief Operating Officer, I’ve learned that developers are often bellwethers for change across the rest of their organizations. That makes investing in—and learning from—them critical.
Latest posts
5 tips for making your GitHub profile page accessible
Your profile’s README invites the world to know you and your work, so it’s important that everyone can read and understand it. In this post, we share some tips for making your README more accessible.
Cybersecurity spotlight on bug bounty researcher @Ammar Askar
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program—@Ammar Askar!
How to gain insight into your project contributors
We're excited to share with you the contributors Action! At GitHub, we maintain several open source repositories and have developed this Action to empower maintainers to measure how many new and returning contributors and contributions have occurred over any given time period.
ICYMI: improved C++ vulnerability coverage and CodeQL support for Lombok
The effectiveness of a static application security solution hinges on its ability to provide extensive vulnerability coverage and support for a wide range of languages and frameworks. Today, we’re highlighting two releases that’ll help you discover more vulnerabilities in your codebase, so you can ship more secure software.
Engineering
The architecture of today's LLM applications
Here’s everything you need to know to build your first LLM app and problem spaces you can start exploring today.
Demystifying LLMs: How they can do things they weren't trained to do
Explore how LLMs generate text, why they sometimes hallucinate information, and the ethical implications surrounding their incredible capabilities.
Measuring Git performance with OpenTelemetry
Use our new open source Trace2 receiver component and OpenTelemetry to capture and visualize telemetry from your Git commands.
GitHub Availability Report: September 2023
In September, we experienced two incidents that resulted in degraded performance across GitHub services.
Community
Release Radar · Hacktoberfest 2023 Edition
As Hacktoberfest comes to a close, you still have a day or so left to complete and submit your pull requests. If you're struggling to think of projects to contribute…
5 tips for making your GitHub profile page accessible
Your profile’s README invites the world to know you and your work, so it’s important that everyone can read and understand it. In this post, we share some tips for making your README more accessible.
js13kGames 2023 winners 🏆
The twelfth annual js13kGames coding competition, challenging participants to create games in 13kB or less of JavaScript in a month, just wrapped up. This post highlights the top thirteen entries.
Trending stories
1
The architecture of today's LLM applications
Here’s everything you need to know to build your first LLM app and problem spaces you can start exploring today.
2
3
Raising the bar for software security: GitHub 2FA begins March 13
On March 13, we will officially begin rolling out our initiative to require all developers who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. Read on to learn about what the process entails and how you can help secure the software supply chain with 2FA.
4
Introducing the GitHub transparency center
It’s time for our biannual transparency report, where we share how we approach content moderation and disclosure of user information. This year, we’re introducing the transparency center, a new platform for our transparency reporting data.
5
6
How to build a CI/CD pipeline with GitHub Actions in four simple steps
A quick guide on the advantages of using GitHub Actions as your preferred CI/CD tool—and how to build a CI/CD pipeline with it.
Product
The architecture of today's LLM applications
Here’s everything you need to know to build your first LLM app and problem spaces you can start exploring today.
Demystifying LLMs: How they can do things they weren't trained to do
Explore how LLMs generate text, why they sometimes hallucinate information, and the ethical implications surrounding their incredible capabilities.
Research: Quantifying GitHub Copilot’s impact on code quality
Findings show that code quality is better across the board and developers felt more confident, too.
Introducing the new, Apple silicon powered M1 macOS larger runner for GitHub Actions
Speed up your GitHub Actions jobs on macOS with all new, faster Apple silicon powered M1 macOS larger runner for arm64.
GitHub Copilot Chat beta now available for all individuals
All GitHub Copilot for Individuals users now have access to GitHub Copilot Chat beta, bringing natural language-powered coding to every developer in all languages.
GitHub Enterprise Server 3.10 is now generally available
Customers using GHES can now ensure secure development is a top priority with enhanced security and compliance controls for their repositories.
Security
Cybersecurity spotlight on bug bounty researcher @Ammar Askar
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program—@Ammar Askar!
ICYMI: improved C++ vulnerability coverage and CodeQL support for Lombok
The effectiveness of a static application security solution hinges on its ability to provide extensive vulnerability coverage and support for a wide range of languages and frameworks. Today, we’re highlighting two releases that’ll help you discover more vulnerabilities in your codebase, so you can ship more secure software.
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)
CVE-2023-43641 is a vulnerability in libcue, which can lead to code execution by downloading a file on GNOME.
Introducing secret scanning validity checks for major cloud services
Secret scanning now performs validity checks for select AWS, Microsoft, Google, and Slack tokens.
3 strategies to expand your threat model and secure your supply chain
How to get the security basics right at your organization.
Cybersecurity spotlight on bug bounty researcher @inspector-ambitious
For this year’s Cybersecurity Awareness Month, the GitHub bug bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@inspector-ambitious!
Open Source
Release Radar · Hacktoberfest 2023 Edition
As Hacktoberfest comes to a close, you still have a day or so left to complete and submit your pull requests. If you're struggling to think of projects to contribute…
How to gain insight into your project contributors
We're excited to share with you the contributors Action! At GitHub, we maintain several open source repositories and have developed this Action to empower maintainers to measure how many new and returning contributors and contributions have occurred over any given time period.
js13kGames 2023 winners 🏆
The twelfth annual js13kGames coding competition, challenging participants to create games in 13kB or less of JavaScript in a month, just wrapped up. This post highlights the top thirteen entries.
A developer's guide to open source LLMs and generative AI
Open source generative AI projects are a great way to build new AI-powered features and apps.
Enterprise
The clock is ticking: Atlassian’s support for Bitbucket Server ends on February 15, 2024
Atlassian is ending support for its Server products—including Bitbucket Server—in February 2024. In this post, you’ll learn what that means for you, your options, and how you can move to GitHub.
Enforcing code reliability by requiring workflows with GitHub repository rules
GitHub Enterprise Cloud customers can now ensure controlled workflows run and pass before code is merged into any of its repositories.
Switching from Bitbucket Server and Bamboo to GitHub just got easier
Starting today, GitHub Enterprise Importer supports repository migrations from Bitbucket Server and Bitbucket Data Center, and GitHub Actions Importer offers CI/CD migrations from Bitbucket and Bamboo.
Education
Calling all teachers! Learn how to build new commands on the GitHub Classroom CLI
In this step-by-step tutorial, we’ll dive into how you can become the next open source contributor to the GitHub Classroom CLI, building commands that you can use to improve your workflow as an educator!
Introducing Learning Paths on Global Campus
Guiding student developers through skill building foundations, a building block in their learning journey with GitHub Education.
Introduction to SELinux
SELinux is the most popular Linux Security Module used to isolate and protect system components from one another. Learn about different access control systems and Linux security as I introduce the foundations of a popular type system.
Policy
Introducing the GitHub transparency center
It’s time for our biannual transparency report, where we share how we approach content moderation and disclosure of user information. This year, we’re introducing the transparency center, a new platform for our transparency reporting data.
Announcing the GitHub Innovation Graph
Explore a universe of data about how the world is building software together on GitHub.
How to get AI regulation right for open source
Sharing our coalition paper to inform the final negotiation of the EU AI Act.
Company
Developers are the first group to adopt AI at work. Here’s why that matters.
From starting at GitHub over 10 years ago as a developer to becoming the Chief Operating Officer, I’ve learned that developers are often bellwethers for change across the rest of their organizations. That makes investing in—and learning from—them critical.
Your curated GitHub Universe agenda: AI, ethics, and productivity
Gain actionable insights about the intersection of AI and human skills, while tackling ethics, accessibility, and productivity at these GitHub Universe sessions.
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.