Localhost dangers: CORS and DNS rebinding
What is CORS and how can a CORS misconfiguration lead to security issues? In this blog post, we’ll describe some common CORS issues as well as how you can find and fix them.
The GitHub Blog
GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help
Every minute, GitHub blocks several secrets with push protection—but secret leaks still remain one of the most common causes of security incidents. Learn how GitHub is making it easier to protect yourself from exposed secrets, including today’s launches of standalone Secret Protection, org-wide scanning, and better access for teams of all sizes.
GitHub for Beginners: How to get LLMs to do what you want
Learn how to write effective prompts and troubleshoot results in this installment of our GitHub for Beginners series.
5 GitHub Actions every maintainer needs to know
With these actions, you can keep your open source projects organized, minimize repetitive and manual tasks, and focus more on writing code.
Latest
How engineers can use one-on-ones with their manager to accelerate career growth
Go beyond status updates and use these meetings to surface challenges, solve problems, and drive impact.
Mastering GitHub Copilot: When to use AI agent mode
Discover the differences between agent mode and Copilot Edits with GitHub Copilot—and when to use them in your workflows.
A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple
A step-by-step guide for open source maintainers on how to handle vulnerability reports confidently from the start.
Popular
Showing popular posts from: All categories
GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help
Every minute, GitHub blocks several secrets with push protection—but secret leaks still remain one of the most common causes of security incidents. Learn how GitHub is making it easier to protect yourself from exposed secrets, including today’s launches of standalone Secret Protection, org-wide scanning, and better access for teams of all sizes.
Mastering GitHub Copilot: When to use AI agent mode
Discover the differences between agent mode and Copilot Edits with GitHub Copilot—and when to use them in your workflows.
GitHub Copilot: The agent awakens
Introducing agent mode for GitHub Copilot in VS Code, announcing the general availability of Copilot Edits, and providing a first look at our SWE agent.
Engineering
IssueOps: Automate CI/CD (and more!) with GitHub Issues and Actions
A look into building IssueOps workflows on GitHub to do everything from CI/CD to handling approvals and more.
Finding leaked passwords with AI: How we built Copilot secret scanning
Passwords are notoriously difficult to detect with conventional programming approaches. AI can help us find passwords better because it understands context. This blog post will explore the technical challenges we faced with building the feature and the novel and creative ways we solved them.
How to debug code with GitHub Copilot
GitHub Copilot can streamline your debugging process by troubleshooting in your IDE, analyzing pull requests, and more, helping you tackle issues faster and more robustly.
How GitHub uses CodeQL to secure GitHub
How GitHub’s Product Security Engineering team manages our CodeQL implementation at scale and how you can, too.
Considerations for making a tree view component accessible
A deep dive on the work that went into making the component that powers repository and pull request file trees.
Spotlight
Using GitHub Copilot Free: What to know
Find out what you can do with the free tier of GitHub Copilot, the AI editor for everyone, and start building what’s next today.
Inside GitHub: A sneak peak into the world of GitHub stickers
Go behind the scenes with Christina Warren (@filmgirl) as she uncovers the fascinating story of our beloved Octocat stickers. 🎉
Octoverse 2024: The rise of Python and AI
Find out how AI and a rapidly growing global developer community defined this past year on GitHub across public and open source projects.
News & insights
GitHub Availability Report: February 2025
In February, we experienced two incidents that resulted in degraded performance across GitHub services.
Engaging with the developer community on our approach to content moderation
We share the full year 2024 data update on our Transparency Center and highlight how developers can engage with us on our site policies and content moderation.
GitHub Availability Report: January 2025
In January, we experienced two incidents that resulted in degraded performance across GitHub services.
That’s a wrap: GitHub Innovation Graph in 2024
Discover the latest trends and insights on public software development activity on GitHub with the release of Q2 & Q3 2024 data for the Innovation Graph.
Seven years of open source: A more secure and diverse ecosystem
Explore insights into open source community growth, innovation, and inclusivity with an updated survey dataset.
GitHub Availability Report: December 2024
In December, we experienced two incidents that resulted in degraded performance across GitHub services.
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
