Secure at every step: Putting DevSecOps into practice with code scanning
Integrating static analysis security testing into the developer workflow is hard. We discuss the challenges and how to overcome them
All posts
Adacats Mentorship Program: A growth journey
Last year, the Adacats (GitHub’s employee resource group for marginalized genders) started a mentorship program. We’re sharing insights and fun stories from this experience for anyone interested in starting a program of their own. The
Upgrading GitHub to Ruby 2.7
GitHub recently upgraded to Ruby 2.7. Learn how the team approached the deprecation warnings, why upgrading is important, and the notable performance improvements.
Automate releases and more with the new Sentry Release GitHub Action
This is a guest post by Rahul Chhabria, Director of Product Marketing at Sentry. At Sentry, we believe that code is the center of every experience and when code works, customers are happy. For consumers
GitHub Action Hero: Keirron Stach
GitHub Actions gives you the power to automate your workflow. Connect with the tools you know and love. Have more freedom to innovate and be creative. Deploy to any cloud, build containers, automate messages, and
Maintainer spotlight: Managing dependencies and the Metasploit pen testing toolkit
Keeping open source software secure is a community responsibility. But with millions of projects, it’s hard to pinpoint the right signal from noise—and find and fix the vulnerabilities that really matter. Over the next few
Introducing The ReadME Project
Open source powers software on a planetary scale: 99% of code is built on it. The rewards and challenges of creating open source are deeply familiar to the maintainers and developers who create it, but
Introducing the Rally + GitHub integration
GitHub’s Professional Services Engineering team has decided to open source another project: Rally + GitHub. You may have seen our most recent open source project, Super Linter. Well, the team has done it again, this time to
Karuna 2020: Using GitHub Actions in the COVID-19 response efforts
GitHub Actions gives you the power to automate your workflow. Connect with the tools you know and love. Have more freedom to innovate and be creative. Deploy to any cloud, build containers, automate messages, and
Secure at every step: A guide to DevSecOps, shifting left, and GitOps
When developers share the responsibility of security, perform security testing earlier in your development lifecycle, and use Git as a source of truth, you can help your development teams find and remediate security issues faster.
