CINXE.COM

<!doctype html> <html lang="en-US" class="mt-0"> <head> <meta charset="UTF-8"><script type="text/javascript">(window.NREUM||(NREUM={})).init={ajax:{deny_list:["bam.nr-data.net"]}};(window.NREUM||(NREUM={})).loader_config={licenseKey:"229f494c49",applicationID:"177966165"};;/*! For license information please see nr-loader-rum-1.274.0.min.js.LICENSE.txt */ (()=>{var e,t,r={8122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},2555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(8122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},9417:(e,t,r)=>{"use strict";r.d(t,{D0:()=>g,gD:()=>h,xN:()=>p});var n=r(993);const i=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var o=r(2614),a=r(944),s=r(384),c=r(8122);const u="[data-nr-mask]",d=()=>{const e={mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,harvestTimeSeconds:10,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},feature_flags:[],generic_events:{enabled:!0,harvestTimeSeconds:30,autoStart:!0},harvest:{tooManyRequestsDelay:60},jserrors:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},logging:{enabled:!0,harvestTimeSeconds:10,autoStart:!0,level:n.p_.INFO},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,harvestTimeSeconds:30,autoStart:!0},performance:{capture_marks:!1,capture_measures:!1},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:o.wk,inactiveMs:o.BB},session_replay:{autoStart:!0,enabled:!1,harvestTimeSeconds:60,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){i(t)?e.mask_selector="".concat(t,",").concat(u):""===t||null===t?e.mask_selector=u:(0,a.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){i(t)?e.block_selector+=",".concat(t):""!==t&&(0,a.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,a.R)(7,t)}},session_trace:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},soft_navigations:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},spa:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},ssl:void 0,user_actions:{enabled:!0}}},l={},f="All configuration objects require an agent identifier!";function g(e){if(!e)throw new Error(f);if(!l[e])throw new Error("Configuration for ".concat(e," was never set"));return l[e]}function p(e,t){if(!e)throw new Error(f);l[e]=(0,c.a)(t,d());const r=(0,s.nY)(e);r&&(r.init=l[e])}function h(e,t){if(!e)throw new Error(f);var r=g(e);if(r){for(var n=t.split("."),i=0;i<n.length-1;i++)if("object"!=typeof(r=r[n[i]]))return;r=r[n[n.length-1]]}return r}},3371:(e,t,r)=>{"use strict";r.d(t,{V:()=>f,f:()=>l});var n=r(8122),i=r(384),o=r(6154),a=r(9324);let s=0;const c={buildEnv:a.F3,distMethod:a.Xs,version:a.xv,originTime:o.WN},u={customTransaction:void 0,disabled:!1,isolatedBacklog:!1,loaderType:void 0,maxBytes:3e4,onerror:void 0,ptid:void 0,releaseIds:{},appMetadata:{},session:void 0,denyList:void 0,timeKeeper:void 0,obfuscator:void 0},d={};function l(e){if(!e)throw new Error("All runtime objects require an agent identifier!");if(!d[e])throw new Error("Runtime for ".concat(e," was never set"));return d[e]}function f(e,t){if(!e)throw new Error("All runtime objects require an agent identifier!");d[e]={...(0,n.a)(t,u),...c},Object.hasOwnProperty.call(d[e],"harvestCount")||Object.defineProperty(d[e],"harvestCount",{get:()=>++s});const r=(0,i.nY)(e);r&&(r.runtime=d[e])}},9324:(e,t,r)=>{"use strict";r.d(t,{F3:()=>i,Xs:()=>o,xv:()=>n});const n="1.274.0",i="PROD",o="CDN"},6154:(e,t,r)=>{"use strict";r.d(t,{OF:()=>c,RI:()=>i,WN:()=>d,bv:()=>o,gm:()=>a,mw:()=>s,sb:()=>u});var n=r(1863);const i="undefined"!=typeof window&&!!window.document,o="undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self.navigator instanceof WorkerNavigator||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis.navigator instanceof WorkerNavigator),a=i?window:"undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis),s=Boolean("hidden"===a?.document?.visibilityState),c=/iPad|iPhone|iPod/.test(a.navigator?.userAgent),u=c&&"undefined"==typeof SharedWorker,d=((()=>{const e=a.navigator?.userAgent?.match(/Firefox[/\s](\d+\.\d+)/);Array.isArray(e)&&e.length>=2&&e[1]})(),Date.now()-(0,n.t)())},1687:(e,t,r)=>{"use strict";r.d(t,{Ak:()=>c,Ze:()=>l,x3:()=>u});var n=r(7836),i=r(3606),o=r(860),a=r(2646);const s={};function c(e,t){const r={staged:!1,priority:o.P3[t]||0};d(e),s[e].get(t)||s[e].set(t,r)}function u(e,t){e&&s[e]&&(s[e].get(t)&&s[e].delete(t),g(e,t,!1),s[e].size&&f(e))}function d(e){if(!e)throw new Error("agentIdentifier required");s[e]||(s[e]=new Map)}function l(e="",t="feature",r=!1){if(d(e),!e||!s[e].get(t)||r)return g(e,t);s[e].get(t).staged=!0,f(e)}function f(e){const t=Array.from(s[e]);t.every((([e,t])=>t.staged))&&(t.sort(((e,t)=>e[1].priority-t[1].priority)),t.forEach((([t])=>{s[e].delete(t),g(e,t)})))}function g(e,t,r=!0){const o=e?n.ee.get(e):n.ee,s=i.i.handlers;if(!o.aborted&&o.backlog&&s){if(r){const e=o.backlog[t],r=s[t];if(r){for(let t=0;e&&t<e.length;++t)p(e[t],r);Object.entries(r).forEach((([e,t])=>{Object.values(t||{}).forEach((t=>{t[0]?.on&&t[0]?.context()instanceof a.y&&t[0].on(e,t[1])}))}))}}o.isolatedBacklog||delete s[t],o.backlog[t]=null,o.emit("drain-"+t,[])}}function p(e,t){var r=e[1];Object.values(t[r]||{}).forEach((t=>{var r=e[0];if(t[0]===r){var n=t[1],i=e[3],o=e[2];n.apply(i,o)}}))}},7836:(e,t,r)=>{"use strict";r.d(t,{P:()=>c,ee:()=>u});var n=r(384),i=r(8990),o=r(3371),a=r(2646),s=r(5607);const c="nr@context:".concat(s.W),u=function e(t,r){var n={},s={},d={},l=!1;try{l=16===r.length&&(0,o.f)(r).isolatedBacklog}catch(e){}var f={on:p,addEventListener:p,removeEventListener:function(e,t){var r=n[e];if(!r)return;for(var i=0;i<r.length;i++)r[i]===t&&r.splice(i,1)},emit:function(e,r,n,i,o){!1!==o&&(o=!0);if(u.aborted&&!i)return;t&&o&&t.emit(e,r,n);for(var a=g(n),c=h(e),d=c.length,l=0;l<d;l++)c[l].apply(a,r);var p=m()[s[e]];p&&p.push([f,e,r,a]);return a},get:v,listeners:h,context:g,buffer:function(e,t){const r=m();if(t=t||"feature",f.aborted)return;Object.entries(e||{}).forEach((([e,n])=>{s[n]=t,t in r||(r[t]=[])}))},abort:function(){f._aborted=!0,Object.keys(f.backlog).forEach((e=>{delete f.backlog[e]}))},isBuffering:function(e){return!!m()[s[e]]},debugId:r,backlog:l?{}:t&&"object"==typeof t.backlog?t.backlog:{},isolatedBacklog:l};return Object.defineProperty(f,"aborted",{get:()=>{let e=f._aborted||!1;return e||(t&&(e=t.aborted),e)}}),f;function g(e){return e&&e instanceof a.y?e:e?(0,i.I)(e,c,(()=>new a.y(c))):new a.y(c)}function p(e,t){n[e]=h(e).concat(t)}function h(e){return n[e]||[]}function v(t){return d[t]=d[t]||e(f,t)}function m(){return f.backlog}}(void 0,"globalEE"),d=(0,n.Zm)();d.ee||(d.ee=u)},2646:(e,t,r)=>{"use strict";r.d(t,{y:()=>n});class n{constructor(e){this.contextId=e}}},9908:(e,t,r)=>{"use strict";r.d(t,{d:()=>n,p:()=>i});var n=r(7836).ee.get("handle");function i(e,t,r,i,o){o?(o.buffer([e],i),o.emit(e,t,r)):(n.buffer([e],i),n.emit(e,t,r))}},3606:(e,t,r)=>{"use strict";r.d(t,{i:()=>o});var n=r(9908);o.on=a;var i=o.handlers={};function o(e,t,r,o){a(o||n.d,i,e,t,r)}function a(e,t,r,i,o){o||(o="feature"),e||(e=n.d);var a=t[o]=t[o]||{};(a[r]=a[r]||[]).push([e,i])}},3878:(e,t,r)=>{"use strict";function n(e,t){return{capture:e,passive:!1,signal:t}}function i(e,t,r=!1,i){window.addEventListener(e,t,n(r,i))}function o(e,t,r=!1,i){document.addEventListener(e,t,n(r,i))}r.d(t,{DD:()=>o,jT:()=>n,sp:()=>i})},5607:(e,t,r)=>{"use strict";r.d(t,{W:()=>n});const n=(0,r(9566).bz)()},9566:(e,t,r)=>{"use strict";r.d(t,{LA:()=>s,bz:()=>a});var n=r(6154);const i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";function o(e,t){return e?15&e[t]:16*Math.random()|0}function a(){const e=n.gm?.crypto||n.gm?.msCrypto;let t,r=0;return e&&e.getRandomValues&&(t=e.getRandomValues(new Uint8Array(30))),i.split("").map((e=>"x"===e?o(t,r++).toString(16):"y"===e?(3&o()|8).toString(16):e)).join("")}function s(e){const t=n.gm?.crypto||n.gm?.msCrypto;let r,i=0;t&&t.getRandomValues&&(r=t.getRandomValues(new Uint8Array(e)));const a=[];for(var s=0;s<e;s++)a.push(o(r,i++).toString(16));return a.join("")}},2614:(e,t,r)=>{"use strict";r.d(t,{BB:()=>a,H3:()=>n,g:()=>u,iL:()=>c,tS:()=>s,uh:()=>i,wk:()=>o});const n="NRBA",i="SESSION",o=144e5,a=18e5,s={STARTED:"session-started",PAUSE:"session-pause",RESET:"session-reset",RESUME:"session-resume",UPDATE:"session-update"},c={SAME_TAB:"same-tab",CROSS_TAB:"cross-tab"},u={OFF:0,FULL:1,ERROR:2}},1863:(e,t,r)=>{"use strict";function n(){return Math.floor(performance.now())}r.d(t,{t:()=>n})},944:(e,t,r)=>{"use strict";function n(e,t){"function"==typeof console.debug&&console.debug("New Relic Warning: https://github.com/newrelic/newrelic-browser-agent/blob/main/docs/warning-codes.md#".concat(e),t)}r.d(t,{R:()=>n})},5284:(e,t,r)=>{"use strict";r.d(t,{t:()=>c,B:()=>s});var n=r(7836),i=r(6154);const o="newrelic";const a=new Set,s={};function c(e,t){const r=n.ee.get(t);s[t]??={},e&&"object"==typeof e&&(a.has(t)||(r.emit("rumresp",[e]),s[t]=e,a.add(t),function(e={}){try{i.gm.dispatchEvent(new CustomEvent(o,{detail:e}))}catch(e){}}({loaded:!0})))}},8990:(e,t,r)=>{"use strict";r.d(t,{I:()=>i});var n=Object.prototype.hasOwnProperty;function i(e,t,r){if(n.call(e,t))return e[t];var i=r();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,t,{value:i,writable:!0,enumerable:!1}),i}catch(e){}return e[t]=i,i}},6389:(e,t,r)=>{"use strict";function n(e,t=500,r={}){const n=r?.leading||!1;let i;return(...r)=>{n&&void 0===i&&(e.apply(this,r),i=setTimeout((()=>{i=clearTimeout(i)}),t)),n||(clearTimeout(i),i=setTimeout((()=>{e.apply(this,r)}),t))}}function i(e){let t=!1;return(...r)=>{t||(t=!0,e.apply(this,r))}}r.d(t,{J:()=>i,s:()=>n})},5289:(e,t,r)=>{"use strict";r.d(t,{GG:()=>o,sB:()=>a});var n=r(3878);function i(){return"undefined"==typeof document||"complete"===document.readyState}function o(e,t){if(i())return e();(0,n.sp)("load",e,t)}function a(e){if(i())return e();(0,n.DD)("DOMContentLoaded",e)}},384:(e,t,r)=>{"use strict";r.d(t,{NT:()=>o,US:()=>d,Zm:()=>a,bQ:()=>c,dV:()=>s,nY:()=>u,pV:()=>l});var n=r(6154),i=r(1863);const o={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net"};function a(){return n.gm.NREUM||(n.gm.NREUM={}),void 0===n.gm.newrelic&&(n.gm.newrelic=n.gm.NREUM),n.gm.NREUM}function s(){let e=a();return e.o||(e.o={ST:n.gm.setTimeout,SI:n.gm.setImmediate,CT:n.gm.clearTimeout,XHR:n.gm.XMLHttpRequest,REQ:n.gm.Request,EV:n.gm.Event,PR:n.gm.Promise,MO:n.gm.MutationObserver,FETCH:n.gm.fetch,WS:n.gm.WebSocket}),e}function c(e,t){let r=a();r.initializedAgents??={},t.initializedAt={ms:(0,i.t)(),date:new Date},r.initializedAgents[e]=t}function u(e){let t=a();return t.initializedAgents?.[e]}function d(e,t){a()[e]=t}function l(){return function(){let e=a();const t=e.info||{};e.info={beacon:o.beacon,errorBeacon:o.errorBeacon,...t}}(),function(){let e=a();const t=e.init||{};e.init={...t}}(),s(),function(){let e=a();const t=e.loader_config||{};e.loader_config={...t}}(),a()}},2843:(e,t,r)=>{"use strict";r.d(t,{u:()=>i});var n=r(3878);function i(e,t=!1,r,i){(0,n.DD)("visibilitychange",(function(){if(t)return void("hidden"===document.visibilityState&&e());e(document.visibilityState)}),r,i)}},3434:(e,t,r)=>{"use strict";r.d(t,{YM:()=>c});var n=r(7836),i=r(5607);const o="nr@original:".concat(i.W);var a=Object.prototype.hasOwnProperty,s=!1;function c(e,t){return e||(e=n.ee),r.inPlace=function(e,t,n,i,o){n||(n="");const a="-"===n.charAt(0);for(let s=0;s<t.length;s++){const c=t[s],u=e[c];d(u)||(e[c]=r(u,a?c+n:n,i,c,o))}},r.flag=o,r;function r(t,r,n,s,c){return d(t)?t:(r||(r=""),nrWrapper[o]=t,function(e,t,r){if(Object.defineProperty&&Object.keys)try{return Object.keys(e).forEach((function(r){Object.defineProperty(t,r,{get:function(){return e[r]},set:function(t){return e[r]=t,t}})})),t}catch(e){u([e],r)}for(var n in e)a.call(e,n)&&(t[n]=e[n])}(t,nrWrapper,e),nrWrapper);function nrWrapper(){var o,a,d,l;try{a=this,o=[...arguments],d="function"==typeof n?n(o,a):n||{}}catch(t){u([t,"",[o,a,s],d],e)}i(r+"start",[o,a,s],d,c);try{return l=t.apply(a,o)}catch(e){throw i(r+"err",[o,a,e],d,c),e}finally{i(r+"end",[o,a,l],d,c)}}}function i(r,n,i,o){if(!s||t){var a=s;s=!0;try{e.emit(r,n,i,t,o)}catch(t){u([t,r,n,i],e)}s=a}}}function u(e,t){t||(t=n.ee);try{t.emit("internal-error",e)}catch(e){}}function d(e){return!(e&&"function"==typeof e&&e.apply&&!e[o])}},993:(e,t,r)=>{"use strict";r.d(t,{ET:()=>o,p_:()=>i});var n=r(860);const i={ERROR:"ERROR",WARN:"WARN",INFO:"INFO",DEBUG:"DEBUG",TRACE:"TRACE"},o="log";n.K7.logging},3969:(e,t,r)=>{"use strict";r.d(t,{TZ:()=>n,XG:()=>s,rs:()=>i,xV:()=>a,z_:()=>o});const n=r(860).K7.metrics,i="sm",o="cm",a="storeSupportabilityMetrics",s="storeEventMetrics"},6630:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewEvent},782:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewTiming},6344:(e,t,r)=>{"use strict";r.d(t,{G4:()=>i});var n=r(2614);r(860).K7.sessionReplay;const i={RECORD:"recordReplay",PAUSE:"pauseReplay",REPLAY_RUNNING:"replayRunning",ERROR_DURING_REPLAY:"errorDuringReplay"};n.g.ERROR,n.g.FULL,n.g.OFF},4234:(e,t,r)=>{"use strict";r.d(t,{W:()=>o});var n=r(7836),i=r(1687);class o{constructor(e,t){this.agentIdentifier=e,this.ee=n.ee.get(e),this.featureName=t,this.blocked=!1}deregisterDrain(){(0,i.x3)(this.agentIdentifier,this.featureName)}}},7603:(e,t,r)=>{"use strict";r.d(t,{j:()=>P});var n=r(860),i=r(2555),o=r(3371),a=r(9908),s=r(7836),c=r(1687),u=r(5289),d=r(6154),l=r(944),f=r(3969),g=r(384),p=r(6344);const h=["setErrorHandler","finished","addToTrace","addRelease","addPageAction","setCurrentRouteName","setPageViewName","setCustomAttribute","interaction","noticeError","setUserId","setApplicationVersion","start",p.G4.RECORD,p.G4.PAUSE,"log","wrapLogger"],v=["setErrorHandler","finished","addToTrace","addRelease"];var m=r(1863),b=r(2614),y=r(993);var w=r(2646),A=r(3434);function R(e,t,r,n){if("object"!=typeof t||!t||"string"!=typeof r||!r||"function"!=typeof t[r])return(0,l.R)(29);const i=function(e){return(e||s.ee).get("logger")}(e),o=(0,A.YM)(i),a=new w.y(s.P);return a.level=n.level,a.customAttributes=n.customAttributes,o.inPlace(t,[r],"wrap-logger-",a),i}function E(){const e=(0,g.pV)();h.forEach((t=>{e[t]=(...r)=>function(t,...r){let n=[];return Object.values(e.initializedAgents).forEach((e=>{e&&e.api?e.exposed&&e.api[t]&&n.push(e.api[t](...r)):(0,l.R)(38,t)})),n.length>1?n:n[0]}(t,...r)}))}const x={};function _(e,t,g=!1){t||(0,c.Ak)(e,"api");const h={};var w=s.ee.get(e),A=w.get("tracer");x[e]=b.g.OFF,w.on(p.G4.REPLAY_RUNNING,(t=>{x[e]=t}));var E="api-",_=E+"ixn-";function N(t,r,n,o){const a=(0,i.Vp)(e);return null===r?delete a.jsAttributes[t]:(0,i.x1)(e,{...a,jsAttributes:{...a.jsAttributes,[t]:r}}),j(E,n,!0,o||null===r?"session":void 0)(t,r)}function T(){}h.log=function(e,{customAttributes:t={},level:r=y.p_.INFO}={}){(0,a.p)(f.xV,["API/log/called"],void 0,n.K7.metrics,w),function(e,t,r={},i=y.p_.INFO){(0,a.p)(f.xV,["API/logging/".concat(i.toLowerCase(),"/called")],void 0,n.K7.metrics,e),(0,a.p)(y.ET,[(0,m.t)(),t,r,i],void 0,n.K7.logging,e)}(w,e,t,r)},h.wrapLogger=(e,t,{customAttributes:r={},level:i=y.p_.INFO}={})=>{(0,a.p)(f.xV,["API/wrapLogger/called"],void 0,n.K7.metrics,w),R(w,e,t,{customAttributes:r,level:i})},v.forEach((e=>{h[e]=j(E,e,!0,"api")})),h.addPageAction=j(E,"addPageAction",!0,n.K7.genericEvents),h.setPageViewName=function(t,r){if("string"==typeof t)return"/"!==t.charAt(0)&&(t="/"+t),(0,o.f)(e).customTransaction=(r||"http://custom.transaction")+t,j(E,"setPageViewName",!0)()},h.setCustomAttribute=function(e,t,r=!1){if("string"==typeof e){if(["string","number","boolean"].includes(typeof t)||null===t)return N(e,t,"setCustomAttribute",r);(0,l.R)(40,typeof t)}else(0,l.R)(39,typeof e)},h.setUserId=function(e){if("string"==typeof e||null===e)return N("enduser.id",e,"setUserId",!0);(0,l.R)(41,typeof e)},h.setApplicationVersion=function(e){if("string"==typeof e||null===e)return N("application.version",e,"setApplicationVersion",!1);(0,l.R)(42,typeof e)},h.start=()=>{try{(0,a.p)(f.xV,["API/start/called"],void 0,n.K7.metrics,w),w.emit("manual-start-all")}catch(e){(0,l.R)(23,e)}},h[p.G4.RECORD]=function(){(0,a.p)(f.xV,["API/recordReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.RECORD,[],void 0,n.K7.sessionReplay,w)},h[p.G4.PAUSE]=function(){(0,a.p)(f.xV,["API/pauseReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.PAUSE,[],void 0,n.K7.sessionReplay,w)},h.interaction=function(e){return(new T).get("object"==typeof e?e:{})};const S=T.prototype={createTracer:function(e,t){var r={},i=this,o="function"==typeof t;return(0,a.p)(f.xV,["API/createTracer/called"],void 0,n.K7.metrics,w),g||(0,a.p)(_+"tracer",[(0,m.t)(),e,r],i,n.K7.spa,w),function(){if(A.emit((o?"":"no-")+"fn-start",[(0,m.t)(),i,o],r),o)try{return t.apply(this,arguments)}catch(e){const t="string"==typeof e?new Error(e):e;throw A.emit("fn-err",[arguments,this,t],r),t}finally{A.emit("fn-end",[(0,m.t)()],r)}}}};function j(e,t,r,i){return function(){return(0,a.p)(f.xV,["API/"+t+"/called"],void 0,n.K7.metrics,w),i&&(0,a.p)(e+t,[(0,m.t)(),...arguments],r?null:this,i,w),r?void 0:this}}function k(){r.e(296).then(r.bind(r,8778)).then((({setAPI:t})=>{t(e),(0,c.Ze)(e,"api")})).catch((e=>{(0,l.R)(27,e),w.abort()}))}return["actionText","setName","setAttribute","save","ignore","onEnd","getContext","end","get"].forEach((e=>{S[e]=j(_,e,void 0,g?n.K7.softNav:n.K7.spa)})),h.setCurrentRouteName=g?j(_,"routeName",void 0,n.K7.softNav):j(E,"routeName",!0,n.K7.spa),h.noticeError=function(t,r){"string"==typeof t&&(t=new Error(t)),(0,a.p)(f.xV,["API/noticeError/called"],void 0,n.K7.metrics,w),(0,a.p)("err",[t,(0,m.t)(),!1,r,!!x[e]],void 0,n.K7.jserrors,w)},d.RI?(0,u.GG)((()=>k()),!0):k(),h}var N=r(9417),T=r(8122);const S={accountID:void 0,trustKey:void 0,agentID:void 0,licenseKey:void 0,applicationID:void 0,xpid:void 0},j={};var k=r(5284);const I=e=>{const t=e.startsWith("http");e+="/",r.p=t?e:"https://"+e};let O=!1;function P(e,t={},r,n){let{init:a,info:c,loader_config:u,runtime:l={},exposed:f=!0}=t;l.loaderType=r;const p=(0,g.pV)();c||(a=p.init,c=p.info,u=p.loader_config),(0,N.xN)(e.agentIdentifier,a||{}),function(e,t){if(!e)throw new Error("All loader-config objects require an agent identifier!");j[e]=(0,T.a)(t,S);const r=(0,g.nY)(e);r&&(r.loader_config=j[e])}(e.agentIdentifier,u||{}),c.jsAttributes??={},d.bv&&(c.jsAttributes.isWorker=!0),(0,i.x1)(e.agentIdentifier,c);const h=(0,N.D0)(e.agentIdentifier),v=[c.beacon,c.errorBeacon];O||(h.proxy.assets&&(I(h.proxy.assets),v.push(h.proxy.assets)),h.proxy.beacon&&v.push(h.proxy.beacon),E(),(0,g.US)("activatedFeatures",k.B),e.runSoftNavOverSpa&&=!0===h.soft_navigations.enabled&&h.feature_flags.includes("soft_nav")),l.denyList=[...h.ajax.deny_list||[],...h.ajax.block_internal?v:[]],l.ptid=e.agentIdentifier,(0,o.V)(e.agentIdentifier,l),e.ee=s.ee.get(e.agentIdentifier),void 0===e.api&&(e.api=_(e.agentIdentifier,n,e.runSoftNavOverSpa)),void 0===e.exposed&&(e.exposed=f),O=!0}},8374:(e,t,r)=>{r.nc=(()=>{try{return document?.currentScript?.nonce}catch(e){}return""})()},860:(e,t,r)=>{"use strict";r.d(t,{$J:()=>o,K7:()=>n,P3:()=>i});const n={ajax:"ajax",genericEvents:"generic_events",jserrors:"jserrors",logging:"logging",metrics:"metrics",pageAction:"page_action",pageViewEvent:"page_view_event",pageViewTiming:"page_view_timing",sessionReplay:"session_replay",sessionTrace:"session_trace",softNav:"soft_navigations",spa:"spa"},i={[n.pageViewEvent]:1,[n.pageViewTiming]:2,[n.metrics]:3,[n.jserrors]:4,[n.spa]:5,[n.ajax]:6,[n.sessionTrace]:7,[n.softNav]:8,[n.sessionReplay]:9,[n.logging]:10,[n.genericEvents]:11},o={[n.pageViewTiming]:"events",[n.ajax]:"events",[n.spa]:"events",[n.softNav]:"events",[n.metrics]:"jserrors",[n.jserrors]:"jserrors",[n.sessionTrace]:"browser/blobs",[n.sessionReplay]:"browser/blobs",[n.logging]:"browser/logs",[n.genericEvents]:"ins"}}},n={};function i(e){var t=n[e];if(void 0!==t)return t.exports;var o=n[e]={exports:{}};return r[e](o,o.exports,i),o.exports}i.m=r,i.d=(e,t)=>{for(var r in t)i.o(t,r)&&!i.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},i.f={},i.e=e=>Promise.all(Object.keys(i.f).reduce(((t,r)=>(i.f[r](e,t),t)),[])),i.u=e=>"nr-rum-1.274.0.min.js",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="NRBA-1.274.0.PROD:",i.l=(r,n,o,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==o)for(var u=document.getElementsByTagName("script"),d=0;d<u.length;d++){var l=u[d];if(l.getAttribute("src")==r||l.getAttribute("data-webpack")==t+o){s=l;break}}if(!s){c=!0;var f={296:"sha512-gkYkZDAwQ9PwaDXs2YM+rNIdRej1Ac1mupWobRJ8eahQcXz6/sunGZCKklrzi5kWxhOGRZr2tn0rEKuLTXzfAA=="};(s=document.createElement("script")).charset="utf-8",s.timeout=120,i.nc&&s.setAttribute("nonce",i.nc),s.setAttribute("data-webpack",t+o),s.src=r,0!==s.src.indexOf(window.location.origin+"/")&&(s.crossOrigin="anonymous"),f[a]&&(s.integrity=f[a])}e[r]=[n];var g=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var i=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),i&&i.forEach((e=>e(n))),t)return t(n)},p=setTimeout(g.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=g.bind(null,s.onerror),s.onload=g.bind(null,s.onload),c&&document.head.appendChild(s)}},i.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.p="https://js-agent.newrelic.com/",(()=>{var e={840:0,374:0};i.f.j=(t,r)=>{var n=i.o(e,t)?e[t]:void 0;if(0!==n)if(n)r.push(n[2]);else{var o=new Promise(((r,i)=>n=e[t]=[r,i]));r.push(n[2]=o);var a=i.p+i.u(t),s=new Error;i.l(a,(r=>{if(i.o(e,t)&&(0!==(n=e[t])&&(e[t]=void 0),n)){var o=r&&("load"===r.type?"missing":r.type),a=r&&r.target&&r.target.src;s.message="Loading chunk "+t+" failed.\n("+o+": "+a+")",s.name="ChunkLoadError",s.type=o,s.request=a,n[1](s)}}),"chunk-"+t,t)}};var t=(t,r)=>{var n,o,[a,s,c]=r,u=0;if(a.some((t=>0!==e[t]))){for(n in s)i.o(s,n)&&(i.m[n]=s[n]);if(c)c(i)}for(t&&t(r);u<a.length;u++)o=a[u],i.o(e,o)&&e[o]&&e[o][0](),e[o]=0},r=self["webpackChunk:NRBA-1.274.0.PROD"]=self["webpackChunk:NRBA-1.274.0.PROD"]||[];r.forEach(t.bind(null,0)),r.push=t.bind(null,r.push.bind(r))})(),(()=>{"use strict";i(8374);var e=i(944),t=i(6344),r=i(9566);class n{agentIdentifier;constructor(e=(0,r.LA)(16)){this.agentIdentifier=e}#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}addPageAction(e,t){return this.#e("addPageAction",e,t)}setPageViewName(e,t){return this.#e("setPageViewName",e,t)}setCustomAttribute(e,t,r){return this.#e("setCustomAttribute",e,t,r)}noticeError(e,t){return this.#e("noticeError",e,t)}setUserId(e){return this.#e("setUserId",e)}setApplicationVersion(e){return this.#e("setApplicationVersion",e)}setErrorHandler(e){return this.#e("setErrorHandler",e)}addRelease(e,t){return this.#e("addRelease",e,t)}log(e,t){return this.#e("log",e,t)}}class o extends n{#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}start(){return this.#e("start")}finished(e){return this.#e("finished",e)}recordReplay(){return this.#e(t.G4.RECORD)}pauseReplay(){return this.#e(t.G4.PAUSE)}addToTrace(e){return this.#e("addToTrace",e)}setCurrentRouteName(e){return this.#e("setCurrentRouteName",e)}interaction(){return this.#e("interaction")}wrapLogger(e,t,r){return this.#e("wrapLogger",e,t,r)}}var a=i(860),s=i(9417);const c=Object.values(a.K7);function u(e){const t={};return c.forEach((r=>{t[r]=function(e,t){return!0===(0,s.gD)(t,"".concat(e,".enabled"))}(r,e)})),t}var d=i(7603);var l=i(1687),f=i(4234),g=i(5289),p=i(6154),h=i(384);const v=e=>p.RI&&!0===(0,s.gD)(e,"privacy.cookies_enabled");function m(e){return!!(0,h.dV)().o.MO&&v(e)&&!0===(0,s.gD)(e,"session_trace.enabled")}var b=i(6389);class y extends f.W{constructor(e,t,r=!0){super(e.agentIdentifier,t),this.auto=r,this.abortHandler=void 0,this.featAggregate=void 0,this.onAggregateImported=void 0,!1===e.init[this.featureName].autoStart&&(this.auto=!1),this.auto?(0,l.Ak)(e.agentIdentifier,t):this.ee.on("manual-start-all",(0,b.J)((()=>{(0,l.Ak)(e.agentIdentifier,this.featureName),this.auto=!0,this.importAggregator(e)})))}importAggregator(t,r={}){if(this.featAggregate||!this.auto)return;let n;this.onAggregateImported=new Promise((e=>{n=e}));const o=async()=>{let o;try{if(v(this.agentIdentifier)){const{setupAgentSession:e}=await i.e(296).then(i.bind(i,3861));o=e(t)}}catch(t){(0,e.R)(20,t),this.ee.emit("internal-error",[t]),this.featureName===a.K7.sessionReplay&&this.abortHandler?.()}try{if(t.sharedAggregator)await t.sharedAggregator;else{t.sharedAggregator=i.e(296).then(i.bind(i,9337));const{EventAggregator:e}=await t.sharedAggregator;t.sharedAggregator=new e}if(!this.#t(this.featureName,o))return(0,l.Ze)(this.agentIdentifier,this.featureName),void n(!1);const{lazyFeatureLoader:e}=await i.e(296).then(i.bind(i,6103)),{Aggregate:a}=await e(this.featureName,"aggregate");this.featAggregate=new a(t,r),n(!0)}catch(t){(0,e.R)(34,t),this.abortHandler?.(),(0,l.Ze)(this.agentIdentifier,this.featureName,!0),n(!1),this.ee&&this.ee.abort()}};p.RI?(0,g.GG)((()=>o()),!0):o()}#t(e,t){switch(e){case a.K7.sessionReplay:return m(this.agentIdentifier)&&!!t;case a.K7.sessionTrace:return!!t;default:return!0}}}var w=i(6630);class A extends y{static featureName=w.T;constructor(e,t=!0){super(e,w.T,t),this.importAggregator(e)}}var R=i(9908),E=i(2843),x=i(3878),_=i(782),N=i(1863);class T extends y{static featureName=_.T;constructor(e,t=!0){super(e,_.T,t),p.RI&&((0,E.u)((()=>(0,R.p)("docHidden",[(0,N.t)()],void 0,_.T,this.ee)),!0),(0,x.sp)("pagehide",(()=>(0,R.p)("winPagehide",[(0,N.t)()],void 0,_.T,this.ee))),this.importAggregator(e))}}var S=i(3969);class j extends y{static featureName=S.TZ;constructor(e,t=!0){super(e,S.TZ,t),this.importAggregator(e)}}new class extends o{constructor(t,r){super(r),p.gm?(this.features={},(0,h.bQ)(this.agentIdentifier,this),this.desiredFeatures=new Set(t.features||[]),this.desiredFeatures.add(A),this.runSoftNavOverSpa=[...this.desiredFeatures].some((e=>e.featureName===a.K7.softNav)),(0,d.j)(this,t,t.loaderType||"agent"),this.run()):(0,e.R)(21)}get config(){return{info:this.info,init:this.init,loader_config:this.loader_config,runtime:this.runtime}}run(){try{const t=u(this.agentIdentifier),r=[...this.desiredFeatures];r.sort(((e,t)=>a.P3[e.featureName]-a.P3[t.featureName])),r.forEach((r=>{if(!t[r.featureName]&&r.featureName!==a.K7.pageViewEvent)return;if(this.runSoftNavOverSpa&&r.featureName===a.K7.spa)return;if(!this.runSoftNavOverSpa&&r.featureName===a.K7.softNav)return;const n=function(e){switch(e){case a.K7.ajax:return[a.K7.jserrors];case a.K7.sessionTrace:return[a.K7.ajax,a.K7.pageViewEvent];case a.K7.sessionReplay:return[a.K7.sessionTrace];case a.K7.pageViewTiming:return[a.K7.pageViewEvent];default:return[]}}(r.featureName).filter((e=>!(e in this.features)));n.length>0&&(0,e.R)(36,{targetFeature:r.featureName,missingDependencies:n}),this.features[r.featureName]=new r(this)}))}catch(t){(0,e.R)(22,t);for(const e in this.features)this.features[e].abortHandler?.();const r=(0,h.Zm)();delete r.initializedAgents[this.agentIdentifier]?.api,delete r.initializedAgents[this.agentIdentifier]?.features,delete this.sharedAggregator;return r.ee.get(this.agentIdentifier).abort(),!1}}}({features:[A,T,j],loaderType:"lite"})})()})();</script> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <link rel="icon" type="image/x-icon" href="https://github.githubassets.com/favicon.ico"> <meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' />  <title>codeql - GitHub Changelog</title> <link rel="canonical" href="https://github.blog/changelog/label/codeql/" /> <link rel="next" href="https://github.blog/changelog/label/codeql/page/2/" /> <meta property="og:locale" content="en_US" /> <meta property="og:type" content="article" /> <meta property="og:title" content="codeql · GitHub Changelog" /> <meta property="og:url" content="https://github.blog/changelog/label/codeql/" /> <meta property="og:site_name" content="The GitHub Blog" /> <meta name="twitter:card" content="summary_large_image" /> <script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"CollectionPage","@id":"https://github.blog/changelog/label/codeql/","url":"https://github.blog/changelog/label/codeql/","name":"codeql Archives - The GitHub Blog","isPartOf":{"@id":"https://github.blog/#website"},"breadcrumb":{"@id":"https://github.blog/changelog/label/codeql/#breadcrumb"},"inLanguage":"en-US"},{"@type":"BreadcrumbList","@id":"https://github.blog/changelog/label/codeql/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://github.blog/"},{"@type":"ListItem","position":2,"name":"codeql"}]},{"@type":"WebSite","@id":"https://github.blog/#website","url":"https://github.blog/","name":"The GitHub Blog","description":"Updates, ideas, and inspiration from GitHub to help developers build and design software.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https://github.blog/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}</script>  <link rel='dns-prefetch' href='//ghcc.githubassets.com' /> <link rel='dns-prefetch' href='//js.monitor.azure.com' /> <link rel='dns-prefetch' href='//analytics.githubassets.com' /> <link rel='dns-prefetch' href='//stats.wp.com' /> <link rel='dns-prefetch' href='//v0.wordpress.com' /> <link rel="alternate" type="application/rss+xml" title="The GitHub Blog » Feed" href="https://github.blog/feed/" /> <link rel="alternate" type="application/rss+xml" title="The GitHub Blog » Comments Feed" href="https://github.blog/comments/feed/" /> <link rel="alternate" type="application/rss+xml" title="The GitHub Blog » codeql Label Feed" href="https://github.blog/changelog/label/codeql/feed/" /> <script> window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/github.blog\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.6.2"}}; /*! This file is auto-generated */ !function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\u2b1b","\ud83d\udc26\u200b\u2b1b")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings); </script> <style id='wp-emoji-styles-inline-css'> img.wp-smiley, img.emoji { display: inline !important; border: none !important; box-shadow: none !important; height: 1em !important; width: 1em !important; margin: 0 0.07em !important; vertical-align: -0.1em !important; background: none !important; padding: 0 !important; } </style> <link rel='stylesheet' id='all-css-2' href='https://github.blog/wp-includes/css/dist/block-library/style.min.css?m=1732206008g' type='text/css' media='all' /> <style id='co-authors-plus-coauthors-style-inline-css'> .wp-block-co-authors-plus-coauthors.is-layout-flow [class*=wp-block-co-authors-plus]{display:inline} </style> <style id='co-authors-plus-avatar-style-inline-css'> .wp-block-co-authors-plus-avatar :where(img){height:auto;max-width:100%;vertical-align:bottom}.wp-block-co-authors-plus-coauthors.is-layout-flow .wp-block-co-authors-plus-avatar :where(img){vertical-align:middle}.wp-block-co-authors-plus-avatar:is(.alignleft,.alignright){display:table}.wp-block-co-authors-plus-avatar.aligncenter{display:table;margin-inline:auto} </style> <style id='co-authors-plus-image-style-inline-css'> .wp-block-co-authors-plus-image{margin-bottom:0}.wp-block-co-authors-plus-image :where(img){height:auto;max-width:100%;vertical-align:bottom}.wp-block-co-authors-plus-coauthors.is-layout-flow .wp-block-co-authors-plus-image :where(img){vertical-align:middle}.wp-block-co-authors-plus-image:is(.alignfull,.alignwide) :where(img){width:100%}.wp-block-co-authors-plus-image:is(.alignleft,.alignright){display:table}.wp-block-co-authors-plus-image.aligncenter{display:table;margin-inline:auto} </style> <style id='safe-svg-svg-icon-style-inline-css'> .safe-svg-cover{text-align:center}.safe-svg-cover .safe-svg-inside{display:inline-block;max-width:100%}.safe-svg-cover svg{height:100%;max-height:100%;max-width:100%;width:100%} </style> <style id='jetpack-sharing-buttons-style-inline-css'> .jetpack-sharing-buttons__services-list{display:flex;flex-direction:row;flex-wrap:wrap;gap:0;list-style-type:none;margin:5px;padding:0}.jetpack-sharing-buttons__services-list.has-small-icon-size{font-size:12px}.jetpack-sharing-buttons__services-list.has-normal-icon-size{font-size:16px}.jetpack-sharing-buttons__services-list.has-large-icon-size{font-size:24px}.jetpack-sharing-buttons__services-list.has-huge-icon-size{font-size:36px}@media print{.jetpack-sharing-buttons__services-list{display:none!important}}.editor-styles-wrapper .wp-block-jetpack-sharing-buttons{gap:0;padding-inline-start:0}ul.jetpack-sharing-buttons__services-list.has-background{padding:1.25em 2.375em} </style> <style id='classic-theme-styles-inline-css'> /*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} </style> <style id='global-styles-inline-css'> :root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} :root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='all-css-20' href='https://github.blog/_static/??/wp-content/plugins/wp-menu-image/assets/css/wmi-front-style.css,/wp-content/themes/github-2021/dist/css/site-script.css?m=1732205351' type='text/css' media='all' /> <link rel="https://api.w.org/" href="https://github.blog/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://github.blog/wp-json/wp/v2/label/1737" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://github.blog/xmlrpc.php?rsd" /> <meta name="generator" content="WordPress 6.6.2" /> <style>img#wpstats{display:none}</style> <meta name="ha-url" content="https://collector.githubapp.com/github-blog/collect"><link rel="preload" href="https://github.blog/wp-content/themes/github-2021/dist/fonts/alliance/Alliance-No-1-ExtraBold.woff2" as="font" type="font/woff2" crossorigin="anonymous"><link rel="preload" href="https://github.blog/wp-content/themes/github-2021/dist/fonts/alliance/Alliance-No-1-Bold.woff2" as="font" type="font/woff2" crossorigin="anonymous"><link rel="preload" href="https://github.blog/wp-content/themes/github-2021/dist/fonts/alliance/Alliance-No-1-SemiBold.woff2" as="font" type="font/woff2" crossorigin="anonymous"><link rel="preload" href="https://github.blog/wp-content/themes/github-2021/dist/fonts/alliance/Alliance-No-1-Regular.woff2" as="font" type="font/woff2" crossorigin="anonymous"><link rel="icon" href="https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=32%2C32" sizes="32x32" /> <link rel="icon" href="https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=192%2C192" sizes="192x192" /> <link rel="apple-touch-icon" href="https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=180%2C180" /> <meta name="msapplication-TileImage" content="https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=270%2C270" /> <style id="wp-custom-css"> .post__content { word-break: break-word; } </style> </head> <body class="archive tax-changelog-label term-codeql term-1737 font-mktg hfeed no-sidebar"> <div data-color-mode="dark" data-light-theme="light" data-dark-theme="dark_dimmed" class="pt-header pt-lg-0"> <header id="header" class="header position-fixed position-lg-static pb-lg-header z-4 top-0 left-0 right-0 d-flex flex-column flex-items-stretch color-bg-default"> <a href="#start-of-content" class="p-3 color-bg-accent-emphasis color-fg-on-emphasis show-on-focus"> Skip to content </a> <div class="position-relative container-xl width-full mx-auto p-responsive-blog"> <div class="d-flex flex-items-center flex-justify-between pt-3 pb-3 color-fg-default"> <a href="https://github.com" target="_blank" rel="noreferrer" aria-label="GitHub homepage" class="Header-link position-relative d-flex flex-items-center color-fg-default"> <svg aria-hidden="true" role="presentation" class="nav-back-arrow position-absolute d-block" viewBox="0 0 24 24" width="32" height="32" fill="currentColor"><path fill-rule="evenodd" d="M15.28 5.22a.75.75 0 00-1.06 0l-6.25 6.25a.75.75 0 000 1.06l6.25 6.25a.75.75 0 101.06-1.06L9.56 12l5.72-5.72a.75.75 0 000-1.06z"></path></svg> <svg aria-hidden="true" role="img" class="octicon octicon-mark-github d-block" viewBox="0 0 16 16" width="32" height="32" fill="currentColor"><path fill-rule="evenodd" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"></path></svg> </a> <span class="d-inline-block ml-2 f1-mktg f2-md-mktg" style="opacity: 0.3;">/</span> <a class="d-inline-block Header-link font-weight-semibold ml-2 f2 color-fg-default" href="https://github.blog/"> Blog</a> <nav class="d-none d-lg-block" aria-label="Secondary navigation"> <ul id="secondary-navigation" class="secondary-navigation flex-items-center flex-nowrap list-style-none ml-4" aria-hidden="false"><li id="menu-item-78809"><a href="https://github.blog/changelog/" class="position-relative d-flex flex-items-center flex-start no-wrap py-2 px-4 f4 lh-condensed-ultra Link--secondary color-fg-default text-medium">Changelog</a></li> <li id="menu-item-78810"><a href="https://docs.github.com/" class="position-relative d-flex flex-items-center flex-start no-wrap py-2 px-4 f4 lh-condensed-ultra Link--secondary color-fg-default text-medium">Docs<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-down position-absolute right-0 d-block ml-1 mt-1" role="presentation"><path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path></svg></a></li> <li id="menu-item-78811"><a href="https://github.com/customer-stories" class="position-relative d-flex flex-items-center flex-start no-wrap py-2 px-4 f4 lh-condensed-ultra Link--secondary color-fg-default text-medium">Customer stories<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-down position-absolute right-0 d-block ml-1 mt-1" role="presentation"><path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path></svg></a></li> </ul></nav> <div class="d-none d-lg-flex flex-1"> <form id="desktop-search" class="desktop-search position-relative ml-lg-4 flex-1" action="https://github.blog" method="get" aria-hidden="true" aria-label="Search form" role="search"> <div class="position-relative d-flex flex-1 height-full color-bg-transparent" data-color-mode="light" data-light-theme="light" data-dark-theme="dark" > <input aria-label="Search the blog" type="search" class="p-2 pl-3 pr-6 border-0 rounded-2 flex-1" placeholder="Search the blog…" value="" name="s" id="search-input"> <button type="submit" class="position-absolute right-0 z-3 d-flex flex-items-center flex-justify-center flex-self-center mr-2 p-2 border-0 rounded-2 color-bg-transparent color-fg-subtle" aria-label="Search"> <svg viewBox="0 0 16 16" width="20" height="20" class="octicon octicon-search" role="presentation"><path fill-rule="evenodd" d="M11.5 7a4.499 4.499 0 11-8.998 0A4.499 4.499 0 0111.5 7zm-.82 4.74a6 6 0 111.06-1.06l3.04 3.04a.75.75 0 11-1.06 1.06l-3.04-3.04z"></path></svg> </button> </div> </form> <button aria-label="Toggle search" class="flex-self-center ml-auto p-2 border-0 color-bg-transparent color-fg-default rounded-3 js-toggle" aria-controls="desktop-search" aria-expanded="false" > <svg viewBox="0 0 24 24" width="24" height="24" class="octicon octicon-search" role="presentation"><path d="M10.25 2a8.25 8.25 0 0 1 6.34 13.53l5.69 5.69a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215l-5.69-5.69A8.25 8.25 0 1 1 10.25 2ZM3.5 10.25a6.75 6.75 0 1 0 13.5 0 6.75 6.75 0 0 0-13.5 0Z"></path></svg> <svg viewBox="2 2 20 20" width="24" height="24" class="octicon octicon-x" role="presentation"><path d="M5.72 5.72a.75.75 0 0 1 1.06 0L12 10.94l5.22-5.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L13.06 12l5.22 5.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L12 13.06l-5.22 5.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L10.94 12 5.72 6.78a.75.75 0 0 1 0-1.06Z"></path></svg> </button> <a data-analytics-click="Blog, click on button, text: Try GitHub Copilot; ref_location:top nav;" class="no-wrap btn-mktg font-weight-semibold ml-3 js-header-cta header-cta" href="https://docs.github.com/en/copilot/quickstart?utm_source=github&utm_medium=blog&utm_campaign=topnav" target="_blank">Try GitHub Copilot</a> <a data-analytics-click="Blog, click on button, text: Contact sales; ref_location:top nav;" class="no-wrap btn-mktg btn-muted-mktg font-weight-semibold ml-3 js-header-cta header-cta" href="https://github.com/enterprise/contact?ref_cta=contact%2520sales&ref_loc=banner&ref_page=blog" target="_blank">Contact sales</a> </div> <div class="d-flex d-lg-none flex-items-center flex-1 mr-n2"> <button aria-label="Toggle search" class="ml-auto p-2 border-0 color-bg-transparent color-fg-default rounded-3 js-toggle" aria-controls="mobile-search" aria-expanded="false" > <svg viewBox="0 0 24 24" width="24" height="24" class="octicon octicon-search" role="presentation"><path d="M10.25 2a8.25 8.25 0 0 1 6.34 13.53l5.69 5.69a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215l-5.69-5.69A8.25 8.25 0 1 1 10.25 2ZM3.5 10.25a6.75 6.75 0 1 0 13.5 0 6.75 6.75 0 0 0-13.5 0Z"></path></svg> <svg viewBox="2 2 20 20" width="24" height="24" class="octicon octicon-x" role="presentation"><path d="M5.72 5.72a.75.75 0 0 1 1.06 0L12 10.94l5.22-5.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L13.06 12l5.22 5.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L12 13.06l-5.22 5.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L10.94 12 5.72 6.78a.75.75 0 0 1 0-1.06Z"></path></svg> </button> <button aria-label="Toggle menu" class="ml-2 p-2 border-0 color-bg-transparent color-fg-default rounded-3 js-toggle" aria-controls="mobile-menu" aria-expanded="false" data-trap-focus="#header"> <svg viewBox="0 0 16 16" width="24" height="24" class="octicon octicon-three-bars" role="presentation"><path d="M1 2.75A.75.75 0 0 1 1.75 2h12.5a.75.75 0 0 1 0 1.5H1.75A.75.75 0 0 1 1 2.75Zm0 5A.75.75 0 0 1 1.75 7h12.5a.75.75 0 0 1 0 1.5H1.75A.75.75 0 0 1 1 7.75ZM1.75 12h12.5a.75.75 0 0 1 0 1.5H1.75a.75.75 0 0 1 0-1.5Z"></path></svg> <svg viewBox="2 2 20 20" width="24" height="24" class="octicon octicon-x " role="presentation"><path d="M5.72 5.72a.75.75 0 0 1 1.06 0L12 10.94l5.22-5.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L13.06 12l5.22 5.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L12 13.06l-5.22 5.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L10.94 12 5.72 6.78a.75.75 0 0 1 0-1.06Z"></path></svg> </button> </div> </div> </div> <div class="position-relative pb-lg-navigation" data-sticky-navigation=".sticky-navigation"> <nav aria-label="Primary navigation" class="sticky-navigation position-absolute z-4 top-0 left-0 d-none d-lg-block width-full color-border-subtle color-bg-default"> <div class="position-relative container-xl width-full mx-auto p-responsive-blog"> <ul id="primary-navigation" class="primary-navigation position-relative d-flex flex-row flex-nowrap flex-grow-0 flex-justify-between list-style-none"><li id="menu-item-78814"><a href="https://github.blog/ai-and-ml/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78814-dropdown" aria-expanded="false" aria-haspopup="true" role="button">AI & ML<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="AI & ML sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78814-dropdown" tabindex="-1"> <li id="menu-item-78863" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/ai-and-ml/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">AI & ML<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Learn about artificial intelligence and machine learning across the GitHub ecosystem and the wider industry.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="AI & ML sub-menu"> <li id="menu-item-78815" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/ai-and-ml/generative-ai/" class="d-block f4 color-fg-default text-bold">Generative AI</a><p class="mb-0 f5 color-fg-muted">Learn how to build with generative AI.</p></li> <li id="menu-item-78816" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/ai-and-ml/github-copilot/" class="d-block f4 color-fg-default text-bold">GitHub Copilot</a><p class="mb-0 f5 color-fg-muted">Change how you work with GitHub Copilot.</p></li> <li id="menu-item-78817" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/ai-and-ml/llms/" class="d-block f4 color-fg-default text-bold">LLMs</a><p class="mb-0 f5 color-fg-muted">Everything developers need to know about LLMs.</p></li> <li id="menu-item-78818" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/ai-and-ml/machine-learning/" class="d-block f4 color-fg-default text-bold">Machine learning</a><p class="mb-0 f5 color-fg-muted">Machine learning tips, tricks, and best practices.</p></li> </ul> </li> <li id="menu-item-78864" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" fetchpriority="high" srcset="https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=300 300w, https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=800 800w, https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=400 400w, https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://github.blog/ai-and-ml/generative-ai/how-ai-code-generation-works/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">How AI code generation works</a><p class="mb-3 f5 color-fg-muted">Explore the capabilities and benefits of AI code generation and how it can improve your developer experience.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78819"><a href="https://github.blog/developer-skills/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78819-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Developer skills<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Developer skills sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78819-dropdown" tabindex="-1"> <li id="menu-item-78865" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/developer-skills/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Developer skills<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Resources for developers to grow in their skills and careers.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Developer skills sub-menu"> <li id="menu-item-78820" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/developer-skills/application-development/" class="d-block f4 color-fg-default text-bold">Application development</a><p class="mb-0 f5 color-fg-muted">Insights and best practices for building apps.</p></li> <li id="menu-item-78821" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/developer-skills/career-growth/" class="d-block f4 color-fg-default text-bold">Career growth</a><p class="mb-0 f5 color-fg-muted">Tips & tricks to grow as a professional developer.</p></li> <li id="menu-item-78822" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/developer-skills/github/" class="d-block f4 color-fg-default text-bold">GitHub</a><p class="mb-0 f5 color-fg-muted">Improve how you use GitHub at work.</p></li> <li id="menu-item-78823" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/developer-skills/github-education/" class="d-block f4 color-fg-default text-bold">GitHub Education</a><p class="mb-0 f5 color-fg-muted">Learn how to move into your first professional role.</p></li> <li id="menu-item-78824" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/developer-skills/programming-languages-and-frameworks/" class="d-block f4 color-fg-default text-bold">Programming languages & frameworks</a><p class="mb-0 f5 color-fg-muted">Stay current on what’s new (or new again).</p></li> </ul> </li> <li id="menu-item-78866" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=300 300w, https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=800 800w, https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=400 400w, https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://docs.github.com/en/get-started" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">Get started with GitHub documentation</a><p class="mb-3 f5 color-fg-muted">Learn how to start building, shipping, and maintaining software with GitHub.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78825"><a href="https://github.blog/engineering/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78825-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Engineering<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Engineering sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78825-dropdown" tabindex="-1"> <li id="menu-item-78867" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/engineering/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Engineering<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Get an inside look at how we’re building the home for all developers.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Engineering sub-menu"> <li id="menu-item-78827" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/engineering/architecture-optimization/" class="d-block f4 color-fg-default text-bold">Architecture & optimization</a><p class="mb-0 f5 color-fg-muted">Discover how we deliver a performant and highly available experience across the GitHub platform.</p></li> <li id="menu-item-78828" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/engineering/engineering-principles/" class="d-block f4 color-fg-default text-bold">Engineering principles</a><p class="mb-0 f5 color-fg-muted">Explore best practices for building software at scale with a majority remote team.</p></li> <li id="menu-item-78829" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/engineering/infrastructure/" class="d-block f4 color-fg-default text-bold">Infrastructure</a><p class="mb-0 f5 color-fg-muted">Get a glimpse at the technology underlying the world’s leading AI-powered developer platform.</p></li> <li id="menu-item-78830" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/engineering/platform-security/" class="d-block f4 color-fg-default text-bold">Platform security</a><p class="mb-0 f5 color-fg-muted">Learn how we build security into everything we do across the developer lifecycle.</p></li> <li id="menu-item-78858" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/engineering/user-experience/" class="d-block f4 color-fg-default text-bold">User experience</a><p class="mb-0 f5 color-fg-muted">Find out what goes into making GitHub the home for all developers.</p></li> </ul> </li> <li id="menu-item-78868" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://github.blog/engineering/how-we-use-github-to-be-more-productive-collaborative-and-secure/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">How we use GitHub to be more productive, collaborative, and secure</a><p class="mb-3 f5 color-fg-muted">Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78832"><a href="https://github.blog/enterprise-software/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78832-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Enterprise software<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Enterprise software sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78832-dropdown" tabindex="-1"> <li id="menu-item-78869" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/enterprise-software/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Enterprise software<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Explore how to write, build, and deploy enterprise software at scale.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Enterprise software sub-menu"> <li id="menu-item-78833" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/enterprise-software/automation/" class="d-block f4 color-fg-default text-bold">Automation</a><p class="mb-0 f5 color-fg-muted">Automating your way to faster and more secure ships.</p></li> <li id="menu-item-78834" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/enterprise-software/ci-cd/" class="d-block f4 color-fg-default text-bold">CI/CD</a><p class="mb-0 f5 color-fg-muted">Guides on continuous integration and delivery.</p></li> <li id="menu-item-78835" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/enterprise-software/collaboration/" class="d-block f4 color-fg-default text-bold">Collaboration</a><p class="mb-0 f5 color-fg-muted">Tips, tools, and tricks to improve developer collaboration.</p></li> <li id="menu-item-78836" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/enterprise-software/devops/" class="d-block f4 color-fg-default text-bold">DevOps</a><p class="mb-0 f5 color-fg-muted">DevOps resources for enterprise engineering teams.</p></li> <li id="menu-item-78837" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/enterprise-software/devsecops/" class="d-block f4 color-fg-default text-bold">DevSecOps</a><p class="mb-0 f5 color-fg-muted">How to integrate security into the SDLC.</p></li> <li id="menu-item-78838" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/enterprise-software/governance-and-compliance/" class="d-block f4 color-fg-default text-bold">Governance & compliance</a><p class="mb-0 f5 color-fg-muted">Ensuring your builds stay clean.</p></li> </ul> </li> <li id="menu-item-78870" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://resources.github.com/artificial-intelligence/how-enterprise-engineering-teams-can-successfully-adopt-ai/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">How enterprise engineering teams can successfully adopt AI</a><p class="mb-3 f5 color-fg-muted">Learn how to bring AI to your engineering teams and maximize the value that you get from it.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78840"><a href="https://github.blog/news-insights/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78840-dropdown" aria-expanded="false" aria-haspopup="true" role="button">News & insights<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="News & insights sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78840-dropdown" tabindex="-1"> <li id="menu-item-78871" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/news-insights/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">News & insights<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Keep up with what’s new and notable from inside GitHub.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="News & insights sub-menu"> <li id="menu-item-78841" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/news-insights/company-news/" class="d-block f4 color-fg-default text-bold">Company news</a><p class="mb-0 f5 color-fg-muted">An inside look at news and product updates from GitHub.</p></li> <li id="menu-item-78844" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/news-insights/product-news/" class="d-block f4 color-fg-default text-bold">Product</a><p class="mb-0 f5 color-fg-muted">The latest on GitHub’s platform, products, and tools.</p></li> <li id="menu-item-78842" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/news-insights/octoverse/" class="d-block f4 color-fg-default text-bold">Octoverse</a><p class="mb-0 f5 color-fg-muted">Insights into the state of open source on GitHub.</p></li> <li id="menu-item-78843" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/news-insights/policy-news-and-insights/" class="d-block f4 color-fg-default text-bold">Policy</a><p class="mb-0 f5 color-fg-muted">The latest policy and regulatory changes in software.</p></li> <li id="menu-item-78845" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/news-insights/research/" class="d-block f4 color-fg-default text-bold">Research</a><p class="mb-0 f5 color-fg-muted">Data-driven insights around the developer ecosystem.</p></li> <li id="menu-item-78847" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/news-insights/the-library/" class="d-block f4 color-fg-default text-bold">The library</a><p class="mb-0 f5 color-fg-muted">Older news and updates from GitHub.</p></li> </ul> </li> <li id="menu-item-78872" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=300 300w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://github.blog/ai-and-ml/llms/unlocking-the-power-of-unstructured-data-with-rag/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">Unlocking the power of unstructured data with RAG</a><p class="mb-3 f5 color-fg-muted">Learn how to use retrieval-augmented generation (RAG) to capture more insights.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78848"><a href="https://github.blog/open-source/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78848-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Open Source<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Open Source sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78848-dropdown" tabindex="-1"> <li id="menu-item-78873" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/open-source/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Open Source<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Everything open source on GitHub.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Open Source sub-menu"> <li id="menu-item-78851" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/open-source/git/" class="d-block f4 color-fg-default text-bold">Git</a><p class="mb-0 f5 color-fg-muted">The latest Git updates.</p></li> <li id="menu-item-78853" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/open-source/maintainers/" class="d-block f4 color-fg-default text-bold">Maintainers</a><p class="mb-0 f5 color-fg-muted">Spotlighting open source maintainers.</p></li> <li id="menu-item-78854" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/open-source/social-impact/" class="d-block f4 color-fg-default text-bold">Social impact</a><p class="mb-0 f5 color-fg-muted">How open source is driving positive change.</p></li> <li id="menu-item-78850" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/open-source/gaming/" class="d-block f4 color-fg-default text-bold">Gaming</a><p class="mb-0 f5 color-fg-muted">Explore open source games on GitHub.</p></li> </ul> </li> <li id="menu-item-78874" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://resources.github.com/software-development/innersource/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">An introduction to innersource</a><p class="mb-3 f5 color-fg-muted">Organizations worldwide are incorporating open source methodologies into the way they build and ship their own software.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78859"><a href="https://github.blog/security/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78859-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Security<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Security sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78859-dropdown" tabindex="-1"> <li id="menu-item-78875" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/security/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Security<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Stay up to date on everything security.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Security sub-menu"> <li id="menu-item-78860" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/security/application-security/" class="d-block f4 color-fg-default text-bold">Application security</a><p class="mb-0 f5 color-fg-muted">Application security, explained.</p></li> <li id="menu-item-78861" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/security/supply-chain-security/" class="d-block f4 color-fg-default text-bold">Supply chain security</a><p class="mb-0 f5 color-fg-muted">Demystifying supply chain security.</p></li> <li id="menu-item-78855" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/security/vulnerability-research/" class="d-block f4 color-fg-default text-bold">Vulnerability research</a><p class="mb-0 f5 color-fg-muted">Updates from the GitHub Security Lab.</p></li> <li id="menu-item-78862" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/security/web-application-security/" class="d-block f4 color-fg-default text-bold">Web application security</a><p class="mb-0 f5 color-fg-muted">Helpful tips on securing web applications.</p></li> </ul> </li> <li id="menu-item-78876" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://resources.github.com/security/the-enterprise-guide-to-ai-powered-devsecops/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">The enterprise guide to AI-powered DevSecOps</a><p class="mb-3 f5 color-fg-muted">Learn about core challenges in DevSecOps, and how you can start addressing them with AI and automation.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> </ul> </div> </nav> </div> <form id="mobile-search" role="search" method="get" class="mobile-search" action="https://github.blog" aria-hidden="true" aria-label="Search form"> <div class="d-flex flex-1 p-3 color-bg-inset"> <div class="d-flex flex-1 position-relative color-bg-transparent" data-color-mode="light" data-light-theme="light" data-dark-theme="dark" > <svg height="20" class="d-flex position-absolute z-3 octicon height-full ml-2 color-fg-subtle" aria-hidden="true" viewBox="0 0 16 16" version="1.1" width="20" role="img"><path fill-rule="evenodd" d="M11.5 7a4.499 4.499 0 11-8.998 0A4.499 4.499 0 0111.5 7zm-.82 4.74a6 6 0 111.06-1.06l3.04 3.04a.75.75 0 11-1.06 1.06l-3.04-3.04z"></path></svg> <input aria-label="Search the blog" type="search" class="pl-6 search-field form-control p-2 flex-1" placeholder="Search the blog…" value="" name="s" id="search-input"> </div> <button type="submit" class="btn-mktg btn-muted-mktg font-weight-semibold ml-2 border-1 color-fg-default"> Search </button> </div> </form> <nav id="mobile-menu" class="mobile-menu position-relative overflow-y-auto flex-1 width-full rounded-top-3" aria-label="Navigation menu" aria-hidden="true" data-color-mode="light" data-light-theme="light" data-dark-theme="dark_dimmed"> <div class="p-5"> <h2 class="mb-5 text-bold color-fg-subtle">Categories</h2> <ul id="menu-new-primary-navigation" class="list-style-none"><li class="mb-5"><a href="https://github.blog/ai-and-ml/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78814-dropdown" aria-expanded="false" aria-haspopup="true" role="button">AI & ML<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="AI & ML sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78814-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78814-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/ai-and-ml/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">AI & ML<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Learn about artificial intelligence and machine learning across the GitHub ecosystem and the wider industry.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/ai-and-ml/generative-ai/" class="text-bold lh-condensed-ultra color-fg-default">Generative AI</a><p class="mb-0 f5 color-fg-muted">Learn how to build with generative AI.</p></li> <li class="mt-4"><a href="https://github.blog/ai-and-ml/github-copilot/" class="text-bold lh-condensed-ultra color-fg-default">GitHub Copilot</a><p class="mb-0 f5 color-fg-muted">Change how you work with GitHub Copilot.</p></li> <li class="mt-4"><a href="https://github.blog/ai-and-ml/llms/" class="text-bold lh-condensed-ultra color-fg-default">LLMs</a><p class="mb-0 f5 color-fg-muted">Everything developers need to know about LLMs.</p></li> <li class="mt-4"><a href="https://github.blog/ai-and-ml/machine-learning/" class="text-bold lh-condensed-ultra color-fg-default">Machine learning</a><p class="mb-0 f5 color-fg-muted">Machine learning tips, tricks, and best practices.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://github.blog/ai-and-ml/generative-ai/how-ai-code-generation-works/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">How AI code generation works</a><p class="mb-3 f5 color-fg-muted">Explore the capabilities and benefits of AI code generation and how it can improve your developer experience.</p><a href="https://github.blog/ai-and-ml/generative-ai/how-ai-code-generation-works/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/developer-skills/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78819-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Developer skills<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Developer skills sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78819-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78819-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/developer-skills/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Developer skills<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Resources for developers to grow in their skills and careers.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/developer-skills/application-development/" class="text-bold lh-condensed-ultra color-fg-default">Application development</a><p class="mb-0 f5 color-fg-muted">Insights and best practices for building apps.</p></li> <li class="mt-4"><a href="https://github.blog/developer-skills/career-growth/" class="text-bold lh-condensed-ultra color-fg-default">Career growth</a><p class="mb-0 f5 color-fg-muted">Tips & tricks to grow as a professional developer.</p></li> <li class="mt-4"><a href="https://github.blog/developer-skills/github/" class="text-bold lh-condensed-ultra color-fg-default">GitHub</a><p class="mb-0 f5 color-fg-muted">Improve how you use GitHub at work.</p></li> <li class="mt-4"><a href="https://github.blog/developer-skills/github-education/" class="text-bold lh-condensed-ultra color-fg-default">GitHub Education</a><p class="mb-0 f5 color-fg-muted">Learn how to move into your first professional role.</p></li> <li class="mt-4"><a href="https://github.blog/developer-skills/programming-languages-and-frameworks/" class="text-bold lh-condensed-ultra color-fg-default">Programming languages & frameworks</a><p class="mb-0 f5 color-fg-muted">Stay current on what’s new (or new again).</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://docs.github.com/en/get-started" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Get started with GitHub documentation</a><p class="mb-3 f5 color-fg-muted">Learn how to start building, shipping, and maintaining software with GitHub.</p><a href="https://docs.github.com/en/get-started" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/engineering/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78825-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Engineering<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Engineering sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78825-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78825-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/engineering/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Engineering<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Get an inside look at how we’re building the home for all developers.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/engineering/architecture-optimization/" class="text-bold lh-condensed-ultra color-fg-default">Architecture & optimization</a><p class="mb-0 f5 color-fg-muted">Discover how we deliver a performant and highly available experience across the GitHub platform.</p></li> <li class="mt-4"><a href="https://github.blog/engineering/engineering-principles/" class="text-bold lh-condensed-ultra color-fg-default">Engineering principles</a><p class="mb-0 f5 color-fg-muted">Explore best practices for building software at scale with a majority remote team.</p></li> <li class="mt-4"><a href="https://github.blog/engineering/infrastructure/" class="text-bold lh-condensed-ultra color-fg-default">Infrastructure</a><p class="mb-0 f5 color-fg-muted">Get a glimpse at the technology underlying the world’s leading AI-powered developer platform.</p></li> <li class="mt-4"><a href="https://github.blog/engineering/platform-security/" class="text-bold lh-condensed-ultra color-fg-default">Platform security</a><p class="mb-0 f5 color-fg-muted">Learn how we build security into everything we do across the developer lifecycle.</p></li> <li class="mt-4"><a href="https://github.blog/engineering/user-experience/" class="text-bold lh-condensed-ultra color-fg-default">User experience</a><p class="mb-0 f5 color-fg-muted">Find out what goes into making GitHub the home for all developers.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://github.blog/engineering/how-we-use-github-to-be-more-productive-collaborative-and-secure/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">How we use GitHub to be more productive, collaborative, and secure</a><p class="mb-3 f5 color-fg-muted">Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.</p><a href="https://github.blog/engineering/how-we-use-github-to-be-more-productive-collaborative-and-secure/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/enterprise-software/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78832-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Enterprise software<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Enterprise software sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78832-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78832-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/enterprise-software/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Enterprise software<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Explore how to write, build, and deploy enterprise software at scale.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/enterprise-software/automation/" class="text-bold lh-condensed-ultra color-fg-default">Automation</a><p class="mb-0 f5 color-fg-muted">Automating your way to faster and more secure ships.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/ci-cd/" class="text-bold lh-condensed-ultra color-fg-default">CI/CD</a><p class="mb-0 f5 color-fg-muted">Guides on continuous integration and delivery.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/collaboration/" class="text-bold lh-condensed-ultra color-fg-default">Collaboration</a><p class="mb-0 f5 color-fg-muted">Tips, tools, and tricks to improve developer collaboration.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/devops/" class="text-bold lh-condensed-ultra color-fg-default">DevOps</a><p class="mb-0 f5 color-fg-muted">DevOps resources for enterprise engineering teams.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/devsecops/" class="text-bold lh-condensed-ultra color-fg-default">DevSecOps</a><p class="mb-0 f5 color-fg-muted">How to integrate security into the SDLC.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/governance-and-compliance/" class="text-bold lh-condensed-ultra color-fg-default">Governance & compliance</a><p class="mb-0 f5 color-fg-muted">Ensuring your builds stay clean.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://resources.github.com/artificial-intelligence/how-enterprise-engineering-teams-can-successfully-adopt-ai/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">How enterprise engineering teams can successfully adopt AI</a><p class="mb-3 f5 color-fg-muted">Learn how to bring AI to your engineering teams and maximize the value that you get from it.</p><a href="https://resources.github.com/artificial-intelligence/how-enterprise-engineering-teams-can-successfully-adopt-ai/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/news-insights/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78840-dropdown" aria-expanded="false" aria-haspopup="true" role="button">News & insights<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="News & insights sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78840-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78840-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/news-insights/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">News & insights<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Keep up with what’s new and notable from inside GitHub.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/news-insights/company-news/" class="text-bold lh-condensed-ultra color-fg-default">Company news</a><p class="mb-0 f5 color-fg-muted">An inside look at news and product updates from GitHub.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/product-news/" class="text-bold lh-condensed-ultra color-fg-default">Product</a><p class="mb-0 f5 color-fg-muted">The latest on GitHub’s platform, products, and tools.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/octoverse/" class="text-bold lh-condensed-ultra color-fg-default">Octoverse</a><p class="mb-0 f5 color-fg-muted">Insights into the state of open source on GitHub.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/policy-news-and-insights/" class="text-bold lh-condensed-ultra color-fg-default">Policy</a><p class="mb-0 f5 color-fg-muted">The latest policy and regulatory changes in software.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/research/" class="text-bold lh-condensed-ultra color-fg-default">Research</a><p class="mb-0 f5 color-fg-muted">Data-driven insights around the developer ecosystem.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/the-library/" class="text-bold lh-condensed-ultra color-fg-default">The library</a><p class="mb-0 f5 color-fg-muted">Older news and updates from GitHub.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://github.blog/ai-and-ml/llms/unlocking-the-power-of-unstructured-data-with-rag/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Unlocking the power of unstructured data with RAG</a><p class="mb-3 f5 color-fg-muted">Learn how to use retrieval-augmented generation (RAG) to capture more insights.</p><a href="https://github.blog/ai-and-ml/llms/unlocking-the-power-of-unstructured-data-with-rag/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/open-source/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78848-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Open Source<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Open Source sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78848-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78848-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/open-source/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Open Source<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Everything open source on GitHub.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/open-source/git/" class="text-bold lh-condensed-ultra color-fg-default">Git</a><p class="mb-0 f5 color-fg-muted">The latest Git updates.</p></li> <li class="mt-4"><a href="https://github.blog/open-source/maintainers/" class="text-bold lh-condensed-ultra color-fg-default">Maintainers</a><p class="mb-0 f5 color-fg-muted">Spotlighting open source maintainers.</p></li> <li class="mt-4"><a href="https://github.blog/open-source/social-impact/" class="text-bold lh-condensed-ultra color-fg-default">Social impact</a><p class="mb-0 f5 color-fg-muted">How open source is driving positive change.</p></li> <li class="mt-4"><a href="https://github.blog/open-source/gaming/" class="text-bold lh-condensed-ultra color-fg-default">Gaming</a><p class="mb-0 f5 color-fg-muted">Explore open source games on GitHub.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://resources.github.com/software-development/innersource/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">An introduction to innersource</a><p class="mb-3 f5 color-fg-muted">Organizations worldwide are incorporating open source methodologies into the way they build and ship their own software.</p><a href="https://resources.github.com/software-development/innersource/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/security/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78859-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Security<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Security sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78859-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78859-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/security/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Security<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Stay up to date on everything security.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/security/application-security/" class="text-bold lh-condensed-ultra color-fg-default">Application security</a><p class="mb-0 f5 color-fg-muted">Application security, explained.</p></li> <li class="mt-4"><a href="https://github.blog/security/supply-chain-security/" class="text-bold lh-condensed-ultra color-fg-default">Supply chain security</a><p class="mb-0 f5 color-fg-muted">Demystifying supply chain security.</p></li> <li class="mt-4"><a href="https://github.blog/security/vulnerability-research/" class="text-bold lh-condensed-ultra color-fg-default">Vulnerability research</a><p class="mb-0 f5 color-fg-muted">Updates from the GitHub Security Lab.</p></li> <li class="mt-4"><a href="https://github.blog/security/web-application-security/" class="text-bold lh-condensed-ultra color-fg-default">Web application security</a><p class="mb-0 f5 color-fg-muted">Helpful tips on securing web applications.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://resources.github.com/security/the-enterprise-guide-to-ai-powered-devsecops/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">The enterprise guide to AI-powered DevSecOps</a><p class="mb-3 f5 color-fg-muted">Learn about core challenges in DevSecOps, and how you can start addressing them with AI and automation.</p><a href="https://resources.github.com/security/the-enterprise-guide-to-ai-powered-devsecops/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> </ul><ul id="menu-secondary-navigation" class="pt-5 border-top list-style-none"><li class="mb-5"><a href="https://github.blog/changelog/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default">Changelog</a></li> <li class="mb-5"><a href="https://docs.github.com/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default">Docs<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-link-external d-block mt-1 color-fg-subtle" role="presentation"><path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path></svg></a></li> <li class="mb-5"><a href="https://github.com/customer-stories" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default">Customer stories<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-link-external d-block mt-1 color-fg-subtle" role="presentation"><path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path></svg></a></li> </ul> <a data-analytics-click="Blog, click on button, text: Contact sales; ref_location:top nav;" class="d-block no-wrap my-3 btn-mktg btn-muted-mktg font-weight-semibold" href="https://github.com/enterprise/contact?ref_cta=contact%2520sales&ref_loc=banner&ref_page=blog" target="_blank">Contact sales</a> <a data-analytics-click="Blog, click on button, text: Try GitHub Copilot; ref_location:top nav;" class="d-block no-wrap btn-mktg font-weight-semibold" href="https://docs.github.com/en/copilot/quickstart?utm_source=github&utm_medium=blog&utm_campaign=topnav" target="_blank">Try GitHub Copilot</a> </div> </nav> </header> </div> <main id="start-of-content"> <div class="gh-changelog-archive-hero d-flex flex-md-items-center position-relative overflow-hidden"> <div class="position-absolute width-full height-full top-0 right-0 events-none"> <img width="1600" height="356" class="object-fit-cover d-none d-md-block width-full height-full" alt="" aria-hidden="true" srcset="https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-desktop.jpg, https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-desktop@2x.jpg 2x" src="https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-desktop.jpg" /> <img width="943" height="514" class="object-fit-cover d-block d-md-none float-left width-fit height-full" alt="" aria-hidden="true" srcset="https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-mobile.jpg, https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-mobile@2x.jpg 2x" src="https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-mobile.jpg" /> </div> <div class="container-xl mx-auto p-responsive-blog width-full position-relative z-1"> <div class="d-flex flex-wrap flex-md-items-center gutter-spacious"> <div class="col-12 col-md-6"> <h1 class="h3-mktg m-0 text-capitalize" style="overflow-wrap: normal;">codeql</h1> <p class="f3-mktg col-9-max mt-3 mt-md-4 mb-8 mb-md-0">Subscribe to all <span class="text-capitalize">“codeql”</span> posts via <a class="cl-label-hero__text_link cl-label-hero__text_link_rss" href="https://github.blog/changelog/label/codeql/feed/">RSS</a> or follow GitHub Changelog on <a class="cl-label-hero__text_link cl-label-hero__text_link_twitter" href="https://twitter.com/ghchangelog">Twitter</a> to stay updated on everything we ship.</p> </div> <div class="col-12 col-md-6"> <div class="changelog-terminal rounded-2 overflow-hidden position-md-relative top-md-8 float-md-right mx-auto mx-md-0 d-flex flex-column"> <div class="gh-terminal-handlebar"> <span class="gh-terminal-handlebar-buttons d-flex flex-row"></span> </div> <div class="gh-terminal-content terminal-mktg text-mono color-bg-default height-full p-3 p-md-4 js-type-in build-in-animate" data-type-delay="80" data-type-row-delay="400" data-color-mode="dark" data-light-theme="light" data-dark-theme="dark"> <div class="js-type-row"> <strong class="code-pink">→</strong> <strong class="color-fg-success">~</strong> <span class="js-type-letters">cd github-changelog</span> </div> <div class="js-type-row"> <strong class="code-pink">→</strong> <strong class="color-fg-success">~/github-changelog|<span class="color-fg-done">main</span></strong> <span class="js-type-letters">git log main</span> </div> <div class="js-type-row"> <span>showing all changes successfully</span> </div> </div> </div> </div> </div> </div> </div> <div class="py-4 border-bottom color-border-subtle" style="border-bottom-color: #EAEEF2 !important;"> <div class="container-xl mx-auto p-responsive-blog"> <form id="changelog-category-select" action="" method="get" class="gh-select-wrap d-inline-block position-relative"> <button type="button" class="gh-select js-changelog-category-dropdown-toggle position-relative" aria-expanded="false" aria-controls="changelog-categories"> codeql <svg class="octicon octicon-triangle-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path d="M4.427 7.427l3.396 3.396a.25.25 0 00.354 0l3.396-3.396A.25.25 0 0011.396 7H4.604a.25.25 0 00-.177.427z" fill="currentColor"></path></svg> </button> <select class="gh-select-fallback js-changelog-category-dropdown-fallback" onchange="const clgform = document.getElementById('changelog-category-select'); clgform.action = this.value; clgform.submit();"> <option value="https://github.blog/changelog">All categories</option> <option value="https://github.blog/changelog/label/2fa/">2fa</option> <option value="https://github.blog/changelog/label/accessibility/">accessibility</option> <option value="https://github.blog/changelog/label/actions/">actions</option> <option value="https://github.blog/changelog/label/actions-importer/">actions-importer</option> <option value="https://github.blog/changelog/label/admin/">admin</option> <option value="https://github.blog/changelog/label/advanced-security/">advanced-security</option> <option value="https://github.blog/changelog/label/advisory-database/">advisory-database</option> <option value="https://github.blog/changelog/label/api/">api</option> <option value="https://github.blog/changelog/label/apps/">apps</option> <option value="https://github.blog/changelog/label/audit-log/">audit-log</option> <option value="https://github.blog/changelog/label/authentication/">authentication</option> <option value="https://github.blog/changelog/label/billing/">billing</option> <option value="https://github.blog/changelog/label/branches/">branches</option> <option value="https://github.blog/changelog/label/branchprotections/">branchprotections</option> <option value="https://github.blog/changelog/label/brownout/">brownout</option> <option value="https://github.blog/changelog/label/cache/">cache</option> <option value="https://github.blog/changelog/label/chatops/">chatops</option> <option value="https://github.blog/changelog/label/cli/">cli</option> <option value="https://github.blog/changelog/label/closing-down/">closing-down</option> <option value="https://github.blog/changelog/label/code/">code</option> <option value="https://github.blog/changelog/label/code-navigation/">code-navigation</option> <option value="https://github.blog/changelog/label/code-scanning/">code-scanning</option> <option value="https://github.blog/changelog/label/codeql/" selected>codeql</option> <option value="https://github.blog/changelog/label/codesearch/">codesearch</option> <option value="https://github.blog/changelog/label/codespaces/">codespaces</option> <option value="https://github.blog/changelog/label/comments/">comments</option> <option value="https://github.blog/changelog/label/commits/">commits</option> <option value="https://github.blog/changelog/label/community/">community</option> <option value="https://github.blog/changelog/label/compliance/">compliance</option> <option value="https://github.blog/changelog/label/containers/">containers</option> <option value="https://github.blog/changelog/label/copilot/">copilot</option> <option value="https://github.blog/changelog/label/copilot-business/">copilot-business</option> <option value="https://github.blog/changelog/label/copilot-chat/">copilot-chat</option> <option value="https://github.blog/changelog/label/copilot-enterprise/">copilot-enterprise</option> <option value="https://github.blog/changelog/label/dark-mode/">dark-mode</option> <option value="https://github.blog/changelog/label/dependabot/">dependabot</option> <option value="https://github.blog/changelog/label/dependency-graph/">dependency-graph</option> <option value="https://github.blog/changelog/label/deployments/">deployments</option> <option value="https://github.blog/changelog/label/desktop/">desktop</option> <option value="https://github.blog/changelog/label/discussions/">discussions</option> <option value="https://github.blog/changelog/label/docs/">docs</option> <option value="https://github.blog/changelog/label/education/">education</option> <option value="https://github.blog/changelog/label/enterprise/">enterprise</option> <option value="https://github.blog/changelog/label/features/">features</option> <option value="https://github.blog/changelog/label/feed/">feed</option> <option value="https://github.blog/changelog/label/forks/">forks</option> <option value="https://github.blog/changelog/label/ghec/">ghec</option> <option value="https://github.blog/changelog/label/gists/">gists</option> <option value="https://github.blog/changelog/label/git/">git</option> <option value="https://github.blog/changelog/label/innersource/">innersource</option> <option value="https://github.blog/changelog/label/insights/">insights</option> <option value="https://github.blog/changelog/label/issues/">issues</option> <option value="https://github.blog/changelog/label/licensing/">licensing</option> <option value="https://github.blog/changelog/label/markdown/">markdown</option> <option value="https://github.blog/changelog/label/merge-queue/">merge-queue</option> <option value="https://github.blog/changelog/label/metrics/">metrics</option> <option value="https://github.blog/changelog/label/microsoft-teams-2/">microsoft-teams</option> <option value="https://github.blog/changelog/label/migrations/">migrations</option> <option value="https://github.blog/changelog/label/mobile/">mobile</option> <option value="https://github.blog/changelog/label/moderation/">moderation</option> <option value="https://github.blog/changelog/label/navigation/">navigation</option> <option value="https://github.blog/changelog/label/notifications/">notifications</option> <option value="https://github.blog/changelog/label/npm/">npm</option> <option value="https://github.blog/changelog/label/oidc/">oidc</option> <option value="https://github.blog/changelog/label/open-source/">open-source</option> <option value="https://github.blog/changelog/label/organizations/">organizations</option> <option value="https://github.blog/changelog/label/packages/">packages</option> <option value="https://github.blog/changelog/label/pages/">pages</option> <option value="https://github.blog/changelog/label/payments/">payments</option> <option value="https://github.blog/changelog/label/policies/">policies</option> <option value="https://github.blog/changelog/label/product/">product</option> <option value="https://github.blog/changelog/label/profile/">profile</option> <option value="https://github.blog/changelog/label/projects/">projects</option> <option value="https://github.blog/changelog/label/public-preview/">public-preview</option> <option value="https://github.blog/changelog/label/pull-requests/">pull-requests</option> <option value="https://github.blog/changelog/label/releases/">releases</option> <option value="https://github.blog/changelog/label/repos/">repos</option> <option value="https://github.blog/changelog/label/repositories/">repositories</option> <option value="https://github.blog/changelog/label/rules/">rules</option> <option value="https://github.blog/changelog/label/runners/">runners</option> <option value="https://github.blog/changelog/label/search/">search</option> <option value="https://github.blog/changelog/label/secret-scanning/">secret-scanning</option> <option value="https://github.blog/changelog/label/security/">security</option> <option value="https://github.blog/changelog/label/security-and-compliance/">security-and-compliance</option> <option value="https://github.blog/changelog/label/security-overview/">security-overview</option> <option value="https://github.blog/changelog/label/slack/">slack</option> <option value="https://github.blog/changelog/label/sponsors/">sponsors</option> <option value="https://github.blog/changelog/label/ssh/">ssh</option> <option value="https://github.blog/changelog/label/sunset/">sunset</option> <option value="https://github.blog/changelog/label/supply-chain/">supply-chain</option> <option value="https://github.blog/changelog/label/support/">support</option> <option value="https://github.blog/changelog/label/themes/">themes</option> <option value="https://github.blog/changelog/label/ui/">ui</option> <option value="https://github.blog/changelog/label/upload/">upload</option> <option value="https://github.blog/changelog/label/user-management/">user-management</option> <option value="https://github.blog/changelog/label/ux/">ux</option> <option value="https://github.blog/changelog/label/vs-code/">vs-code</option> <option value="https://github.blog/changelog/label/webhooks/">webhooks</option> <option value="https://github.blog/changelog/label/wikis/">wikis</option> <option value="https://github.blog/changelog/label/workflows/">workflows</option> </select> <nav id="changelog-categories" class="js-changelog-category-dropdown position-absolute mt-12px rounded-2 color-bg-default box-shadow-card-border-mktg pl-4 pr-3 py-3 z-3" style="text-transform: capitalize;" hidden> <div class="changelog-category-dropdown-content styled-scrollbar"> <a href="https://github.blog/changelog" class="d-block text-semibold Link--primary mb-12px mr-4">All categories</a> <a href="https://github.blog/changelog/label/2fa/" class="d-block text-semibold Link--primary mb-12px mr-4">2fa</a> <a href="https://github.blog/changelog/label/accessibility/" class="d-block text-semibold Link--primary mb-12px mr-4">accessibility</a> <a href="https://github.blog/changelog/label/actions/" class="d-block text-semibold Link--primary mb-12px mr-4">actions</a> <a href="https://github.blog/changelog/label/actions-importer/" class="d-block text-semibold Link--primary mb-12px mr-4">actions-importer</a> <a href="https://github.blog/changelog/label/admin/" class="d-block text-semibold Link--primary mb-12px mr-4">admin</a> <a href="https://github.blog/changelog/label/advanced-security/" class="d-block text-semibold Link--primary mb-12px mr-4">advanced-security</a> <a href="https://github.blog/changelog/label/advisory-database/" class="d-block text-semibold Link--primary mb-12px mr-4">advisory-database</a> <a href="https://github.blog/changelog/label/api/" class="d-block text-semibold Link--primary mb-12px mr-4">api</a> <a href="https://github.blog/changelog/label/apps/" class="d-block text-semibold Link--primary mb-12px mr-4">apps</a> <a href="https://github.blog/changelog/label/audit-log/" class="d-block text-semibold Link--primary mb-12px mr-4">audit-log</a> <a href="https://github.blog/changelog/label/authentication/" class="d-block text-semibold Link--primary mb-12px mr-4">authentication</a> <a href="https://github.blog/changelog/label/billing/" class="d-block text-semibold Link--primary mb-12px mr-4">billing</a> <a href="https://github.blog/changelog/label/branches/" class="d-block text-semibold Link--primary mb-12px mr-4">branches</a> <a href="https://github.blog/changelog/label/branchprotections/" class="d-block text-semibold Link--primary mb-12px mr-4">branchprotections</a> <a href="https://github.blog/changelog/label/brownout/" class="d-block text-semibold Link--primary mb-12px mr-4">brownout</a> <a href="https://github.blog/changelog/label/cache/" class="d-block text-semibold Link--primary mb-12px mr-4">cache</a> <a href="https://github.blog/changelog/label/chatops/" class="d-block text-semibold Link--primary mb-12px mr-4">chatops</a> <a href="https://github.blog/changelog/label/cli/" class="d-block text-semibold Link--primary mb-12px mr-4">cli</a> <a href="https://github.blog/changelog/label/closing-down/" class="d-block text-semibold Link--primary mb-12px mr-4">closing-down</a> <a href="https://github.blog/changelog/label/code/" class="d-block text-semibold Link--primary mb-12px mr-4">code</a> <a href="https://github.blog/changelog/label/code-navigation/" class="d-block text-semibold Link--primary mb-12px mr-4">code-navigation</a> <a href="https://github.blog/changelog/label/code-scanning/" class="d-block text-semibold Link--primary mb-12px mr-4">code-scanning</a> <a href="https://github.blog/changelog/label/codeql/" class="d-block text-semibold Link--primary mb-12px mr-4 text-gradient-purple-coral">codeql</a> <a href="https://github.blog/changelog/label/codesearch/" class="d-block text-semibold Link--primary mb-12px mr-4">codesearch</a> <a href="https://github.blog/changelog/label/codespaces/" class="d-block text-semibold Link--primary mb-12px mr-4">codespaces</a> <a href="https://github.blog/changelog/label/comments/" class="d-block text-semibold Link--primary mb-12px mr-4">comments</a> <a href="https://github.blog/changelog/label/commits/" class="d-block text-semibold Link--primary mb-12px mr-4">commits</a> <a href="https://github.blog/changelog/label/community/" class="d-block text-semibold Link--primary mb-12px mr-4">community</a> <a href="https://github.blog/changelog/label/compliance/" class="d-block text-semibold Link--primary mb-12px mr-4">compliance</a> <a href="https://github.blog/changelog/label/containers/" class="d-block text-semibold Link--primary mb-12px mr-4">containers</a> <a href="https://github.blog/changelog/label/copilot/" class="d-block text-semibold Link--primary mb-12px mr-4">copilot</a> <a href="https://github.blog/changelog/label/copilot-business/" class="d-block text-semibold Link--primary mb-12px mr-4">copilot-business</a> <a href="https://github.blog/changelog/label/copilot-chat/" class="d-block text-semibold Link--primary mb-12px mr-4">copilot-chat</a> <a href="https://github.blog/changelog/label/copilot-enterprise/" class="d-block text-semibold Link--primary mb-12px mr-4">copilot-enterprise</a> <a href="https://github.blog/changelog/label/dark-mode/" class="d-block text-semibold Link--primary mb-12px mr-4">dark-mode</a> <a href="https://github.blog/changelog/label/dependabot/" class="d-block text-semibold Link--primary mb-12px mr-4">dependabot</a> <a href="https://github.blog/changelog/label/dependency-graph/" class="d-block text-semibold Link--primary mb-12px mr-4">dependency-graph</a> <a href="https://github.blog/changelog/label/deployments/" class="d-block text-semibold Link--primary mb-12px mr-4">deployments</a> <a href="https://github.blog/changelog/label/desktop/" class="d-block text-semibold Link--primary mb-12px mr-4">desktop</a> <a href="https://github.blog/changelog/label/discussions/" class="d-block text-semibold Link--primary mb-12px mr-4">discussions</a> <a href="https://github.blog/changelog/label/docs/" class="d-block text-semibold Link--primary mb-12px mr-4">docs</a> <a href="https://github.blog/changelog/label/education/" class="d-block text-semibold Link--primary mb-12px mr-4">education</a> <a href="https://github.blog/changelog/label/enterprise/" class="d-block text-semibold Link--primary mb-12px mr-4">enterprise</a> <a href="https://github.blog/changelog/label/features/" class="d-block text-semibold Link--primary mb-12px mr-4">features</a> <a href="https://github.blog/changelog/label/feed/" class="d-block text-semibold Link--primary mb-12px mr-4">feed</a> <a href="https://github.blog/changelog/label/forks/" class="d-block text-semibold Link--primary mb-12px mr-4">forks</a> <a href="https://github.blog/changelog/label/ghec/" class="d-block text-semibold Link--primary mb-12px mr-4">ghec</a> <a href="https://github.blog/changelog/label/gists/" class="d-block text-semibold Link--primary mb-12px mr-4">gists</a> <a href="https://github.blog/changelog/label/git/" class="d-block text-semibold Link--primary mb-12px mr-4">git</a> <a href="https://github.blog/changelog/label/innersource/" class="d-block text-semibold Link--primary mb-12px mr-4">innersource</a> <a href="https://github.blog/changelog/label/insights/" class="d-block text-semibold Link--primary mb-12px mr-4">insights</a> <a href="https://github.blog/changelog/label/issues/" class="d-block text-semibold Link--primary mb-12px mr-4">issues</a> <a href="https://github.blog/changelog/label/licensing/" class="d-block text-semibold Link--primary mb-12px mr-4">licensing</a> <a href="https://github.blog/changelog/label/markdown/" class="d-block text-semibold Link--primary mb-12px mr-4">markdown</a> <a href="https://github.blog/changelog/label/merge-queue/" class="d-block text-semibold Link--primary mb-12px mr-4">merge-queue</a> <a href="https://github.blog/changelog/label/metrics/" class="d-block text-semibold Link--primary mb-12px mr-4">metrics</a> <a href="https://github.blog/changelog/label/microsoft-teams-2/" class="d-block text-semibold Link--primary mb-12px mr-4">microsoft-teams</a> <a href="https://github.blog/changelog/label/migrations/" class="d-block text-semibold Link--primary mb-12px mr-4">migrations</a> <a href="https://github.blog/changelog/label/mobile/" class="d-block text-semibold Link--primary mb-12px mr-4">mobile</a> <a href="https://github.blog/changelog/label/moderation/" class="d-block text-semibold Link--primary mb-12px mr-4">moderation</a> <a href="https://github.blog/changelog/label/navigation/" class="d-block text-semibold Link--primary mb-12px mr-4">navigation</a> <a href="https://github.blog/changelog/label/notifications/" class="d-block text-semibold Link--primary mb-12px mr-4">notifications</a> <a href="https://github.blog/changelog/label/npm/" class="d-block text-semibold Link--primary mb-12px mr-4">npm</a> <a href="https://github.blog/changelog/label/oidc/" class="d-block text-semibold Link--primary mb-12px mr-4">oidc</a> <a href="https://github.blog/changelog/label/open-source/" class="d-block text-semibold Link--primary mb-12px mr-4">open-source</a> <a href="https://github.blog/changelog/label/organizations/" class="d-block text-semibold Link--primary mb-12px mr-4">organizations</a> <a href="https://github.blog/changelog/label/packages/" class="d-block text-semibold Link--primary mb-12px mr-4">packages</a> <a href="https://github.blog/changelog/label/pages/" class="d-block text-semibold Link--primary mb-12px mr-4">pages</a> <a href="https://github.blog/changelog/label/payments/" class="d-block text-semibold Link--primary mb-12px mr-4">payments</a> <a href="https://github.blog/changelog/label/policies/" class="d-block text-semibold Link--primary mb-12px mr-4">policies</a> <a href="https://github.blog/changelog/label/product/" class="d-block text-semibold Link--primary mb-12px mr-4">product</a> <a href="https://github.blog/changelog/label/profile/" class="d-block text-semibold Link--primary mb-12px mr-4">profile</a> <a href="https://github.blog/changelog/label/projects/" class="d-block text-semibold Link--primary mb-12px mr-4">projects</a> <a href="https://github.blog/changelog/label/public-preview/" class="d-block text-semibold Link--primary mb-12px mr-4">public-preview</a> <a href="https://github.blog/changelog/label/pull-requests/" class="d-block text-semibold Link--primary mb-12px mr-4">pull-requests</a> <a href="https://github.blog/changelog/label/releases/" class="d-block text-semibold Link--primary mb-12px mr-4">releases</a> <a href="https://github.blog/changelog/label/repos/" class="d-block text-semibold Link--primary mb-12px mr-4">repos</a> <a href="https://github.blog/changelog/label/repositories/" class="d-block text-semibold Link--primary mb-12px mr-4">repositories</a> <a href="https://github.blog/changelog/label/rules/" class="d-block text-semibold Link--primary mb-12px mr-4">rules</a> <a href="https://github.blog/changelog/label/runners/" class="d-block text-semibold Link--primary mb-12px mr-4">runners</a> <a href="https://github.blog/changelog/label/search/" class="d-block text-semibold Link--primary mb-12px mr-4">search</a> <a href="https://github.blog/changelog/label/secret-scanning/" class="d-block text-semibold Link--primary mb-12px mr-4">secret-scanning</a> <a href="https://github.blog/changelog/label/security/" class="d-block text-semibold Link--primary mb-12px mr-4">security</a> <a href="https://github.blog/changelog/label/security-and-compliance/" class="d-block text-semibold Link--primary mb-12px mr-4">security-and-compliance</a> <a href="https://github.blog/changelog/label/security-overview/" class="d-block text-semibold Link--primary mb-12px mr-4">security-overview</a> <a href="https://github.blog/changelog/label/slack/" class="d-block text-semibold Link--primary mb-12px mr-4">slack</a> <a href="https://github.blog/changelog/label/sponsors/" class="d-block text-semibold Link--primary mb-12px mr-4">sponsors</a> <a href="https://github.blog/changelog/label/ssh/" class="d-block text-semibold Link--primary mb-12px mr-4">ssh</a> <a href="https://github.blog/changelog/label/sunset/" class="d-block text-semibold Link--primary mb-12px mr-4">sunset</a> <a href="https://github.blog/changelog/label/supply-chain/" class="d-block text-semibold Link--primary mb-12px mr-4">supply-chain</a> <a href="https://github.blog/changelog/label/support/" class="d-block text-semibold Link--primary mb-12px mr-4">support</a> <a href="https://github.blog/changelog/label/themes/" class="d-block text-semibold Link--primary mb-12px mr-4">themes</a> <a href="https://github.blog/changelog/label/ui/" class="d-block text-semibold Link--primary mb-12px mr-4">ui</a> <a href="https://github.blog/changelog/label/upload/" class="d-block text-semibold Link--primary mb-12px mr-4">upload</a> <a href="https://github.blog/changelog/label/user-management/" class="d-block text-semibold Link--primary mb-12px mr-4">user-management</a> <a href="https://github.blog/changelog/label/ux/" class="d-block text-semibold Link--primary mb-12px mr-4">ux</a> <a href="https://github.blog/changelog/label/vs-code/" class="d-block text-semibold Link--primary mb-12px mr-4">vs-code</a> <a href="https://github.blog/changelog/label/webhooks/" class="d-block text-semibold Link--primary mb-12px mr-4">webhooks</a> <a href="https://github.blog/changelog/label/wikis/" class="d-block text-semibold Link--primary mb-12px mr-4">wikis</a> <a href="https://github.blog/changelog/label/workflows/" class="d-block text-semibold Link--primary mb-12px mr-4">workflows</a> </div> </nav> </form> </div> </div> <div class="js-ajax-root mt-md-7 mb-9 mb-md-12"> <div class="container-xl mx-auto p-responsive-blog js-ajax-landing"> <article id="changelog-81042" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-81042 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security-and-compliance changelog-label-security-overview"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-31-sast-vulnerabilities-summary-now-available-on-the-security-overview-dashboard" rel="bookmark">SAST vulnerabilities summary now available on the security overview dashboard</a></h2> <time datetime="2024-10-31" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 31, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-overview/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-overview</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-81042" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Now you can better manage and mitigate your security vulnerabilities with a new SAST vulnerabilities summary table, available directly on the security overview dashboard. This feature highlights your top 10 CodeQL and third-party open alerts by count, grouped by vulnerability type.</p> <p align="center" class="has-image"> <img decoding="async" width="700" alt="The SAST vulnerabilities table on the Detection tab of the overview dashboard" src="https://github.com/user-attachments/assets/2036a904-3728-4bf5-bb46-58127e57ad21" loading="lazy"> </p> <p>When prioritizing which alerts to address first, it’s crucial to consider various factors. One significant factor is the number of instances of a vulnerability across your codebase. The more areas of code affected by a vulnerability, the higher the potential risk for exploitation.</p> <p>To access the new SAST vulnerabilities table, click your profile photo in the top-right corner of GitHub.com and select the organization or enterprise you want to view. For organizations, go to the <strong>Security</strong> tab and scroll to the bottom of the <strong>Detection</strong> view on the <strong>Overview</strong> dashboard. For enterprises, click <strong>Code Security</strong> in the sidebar, then select <strong>Overview</strong> and scroll to the bottom of the <strong>Detection</strong> view.</p> <p>The SAST vulnerabilities summary is now generally available on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.16.</p> <p><a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/security-overview/viewing-security-insights">Learn more about security overview insights</a> and join the discussion within the <a href="https://github.com/github-community/community/discussions/categories/code-security">GitHub Community</a></p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-31-sast-vulnerabilities-summary-now-available-on-the-security-overview-dashboard" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-81042"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-31-sast-vulnerabilities-summary-now-available-on-the-security-overview-dashboard" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80940" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80940 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-copilot changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-29-security-campaigns-with-copilot-autofix-are-now-in-public-preview" rel="bookmark">Security campaigns with Copilot Autofix are now in public preview</a></h2> <time datetime="2024-10-29" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 29, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80940" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Security campaigns with Copilot Autofix are now in public preview. Available as part of <a href="https://github.com/enterprise/advanced-security">GitHub Advanced Security</a>, security campaigns rapidly reduce your backlog of application security debt. By using Copilot Autofix to generate contextual explanations and code suggestions for up to 1,000 historical code scanning alerts at a time, security campaigns help developers and security teams collaborate to fix vulnerabilities with speed and confidence.</p> <p>Code scanning detection engines such as <a href="https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql">GitHub’s CodeQL</a> are incredibly effective at automatically notifying developers about potential security vulnerabilities in their code in the form of code scanning alerts. Most developers fix these vulnerabilities with the help of <a href="https://github.blog/news-insights/product-news/secure-code-more-than-three-times-faster-with-copilot-autofix/">Copilot Autofix</a> when they’re <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests">flagged pull requests</a>. However, in situations where these alerts aren’t remediated in a timely manner, security debt can build up and pose a serious risk to deployed applications. Using security campaigns, security teams and developers can easily collaborate to remediate and eradicate security debt at scale, with the help of Copilot Autofix.</p> <p>A security campaign on GitHub can contain a large number of code scanning alerts, prioritized by your security team to be fixed within a chosen timeframe. When a campaign is created, Copilot Autofix automatically suggests fixes for all supported alerts, and developers who are most familiar with the code are notified. From there, they can review the fixes, open pull requests, and remediate the security debt.</p> <p>Security teams can monitor the progress of the campaign and track the number of alerts that have been fixed. Using security campaigns, security and developer teams work together with Copilot Autofix to remove security debt in targeted efforts aimed at maximizing impact by focusing on the alerts that matter.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/051a9919-87c1-4ff0-ac21-e3aca05c0d3e" alt="Organization-level view of a security campaign to remediate SQL injection alerts" loading="lazy"></p> <p>Security campaigns are available for users of GitHub Advanced Security on GitHub Enterprise Cloud. For more information about security campaigns, see <a href="https://docs.github.com/enterprise-cloud@latest/code-security/securing-your-organization/fixing-security-alerts-at-scale/about-security-campaigns">About security campaigns</a> in the GitHub documentation.</p> <p>If you have any feedback on security campaigns: join the discussion in the <a href="https://gh.io/security-campaigns-feedback">GitHub Community</a>.</p> <script type="text/javascript">window.NREUM||(NREUM={});NREUM.info={"beacon":"bam.nr-data.net","licenseKey":"229f494c49","applicationID":"177966165","transactionName":"NgFSYBZXCxJTUEVfCQ9LcVcQXwoPHUdQTgkPC11NSVUNAFxUVFoJBklcVQZTCQ==","queueTime":0,"applicationTime":293,"atts":"GkZFFl5NGE0QUhMMHRwZ","errorBeacon":"bam.nr-data.net","agent":""}</script></body></html> </div> <a href="https://github.blog/changelog/2024-10-29-security-campaigns-with-copilot-autofix-are-now-in-public-preview" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80940"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-29-security-campaigns-with-copilot-autofix-are-now-in-public-preview" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80905" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80905 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-copilot changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-29-copilot-autofix-now-supports-partner-code-scanning-tools" rel="bookmark">Copilot Autofix now supports partner code scanning tools</a></h2> <time datetime="2024-10-29" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 29, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80905" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p><a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/responsible-use-autofix-code-scanning">Copilot Autofix</a> now supports fix suggestions for problems detected by <a href="https://eslint.org/">ESLint</a>, a partner code scanning tool. Autofixes are available both in pull requests and for historical alerts.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/8b110e6c-4cee-482b-a09e-4dfb7274cba4" alt="Setting up ESLint using a starter workflow" width="700" loading="lazy"></p> <p>ESLint is the first partner tool supported by Copilot Autofix. Support for additional partner tools, such as JFrog SAST and Black Duck’s Polaris™ platform powered by Coverity®, will be announced by future changelogs when available. To opt out of fix suggestions for third-party tools, you can disable this feature from the code scanning settings page.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/5407a8e4-a3b1-47a2-bbd7-286e526cb8ef" alt="Example of a fix suggestion for an existing ESLint alert" width="700" loading="lazy"></p> <p>In order for Copilot Autofix to pick up ESLint alerts, you need to enable ESLint as a code scanning tool in the target repository. For reference, you can select an updated starter workflow when setting up a new GitHub Actions workflow in your repository. You can use both ESLint scanning and the CodeQL analysis in the same repository.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/4b9a860f-869b-4adb-97d4-6ea588d84957" alt="Disabling fix suggestions for third-party tools" width="700" loading="lazy"></p> <p>For more information, see: <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/responsible-use-autofix-code-scanning">Responsible use of Copilot Autofix for code scanning</a>. If you have feedback for Copilot Autofix for code scanning, please join the discussion <a href="https://github.com/orgs/community/discussions/142424">here</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-29-copilot-autofix-now-supports-partner-code-scanning-tools" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80905"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-29-copilot-autofix-now-supports-partner-code-scanning-tools" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80373" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80373 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-copilot changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-10-now-you-can-choose-a-specific-branch-when-using-copilot-autofix-for-code-scanning" rel="bookmark">Now you can choose a specific branch when using Copilot Autofix for code scanning</a></h2> <time datetime="2024-10-10" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 10, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80373" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>When using Copilot Autofix for historical alerts, you can now choose the branch to which you want to commit an autofix. You can also decide whether to then open a pull request, check out the branch locally, or open it in GitHub Desktop.</p> <p>Copilot Autofix provides automatic fix suggestions for code scanning alerts in your codebase.</p> <p class="has-image"><img decoding="async" width="700" alt="Example of committing Copilot Autofix to branch" src="https://github.com/user-attachments/assets/cfcacb96-b197-4c3f-b1f0-44db703e551d" loading="lazy"></p> <p>This update integrates Autofix more closely within the developer workflow, so you can quickly iterate on fix suggestions and collaborate on those with your team.</p> <p>For more information, see: <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning">About Copilot Autofix for CodeQL code scanning</a>. If you have feedback for Copilot Autofix for code scanning, please join the discussion <a href="https://github.com/orgs/community/discussions/111094">here</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-10-now-you-can-choose-a-specific-branch-when-using-copilot-autofix-for-code-scanning" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80373"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-10-now-you-can-choose-a-specific-branch-when-using-copilot-autofix-for-code-scanning" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-79992" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-79992 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-09-25-codeql-2-19-0-typescript-5-6-and-go-1-23-support-new-queries-for-javascript-and-ruby" rel="bookmark">CodeQL 2.19.0: TypeScript 5.6 and Go 1.23 support, new queries for JavaScript and Ruby</a></h2> <time datetime="2024-09-25" class="d-block f5-mktg text-medium color-fg-muted mt-14px">September 25, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-79992" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>CodeQL version 2.19.0 has been released and has now been rolled out to code scanning users on GitHub.com. CodeQL is the static analysis engine that powers GitHub code scanning.</p> <p>Important changes by version include:</p> <ul> <li><strong>CodeQL 2.18.2</strong> <ul> <li>Support for scanning Java codebases without needing a build is <a href="https://github.blog/changelog/2024-08-28-codeql-code-scanning-can-analyze-java-and-c-codebases-without-needing-a-build-ga/">generally available</a>.</li> <li>The Python <code>py/cookie-injection</code> query, which finds instances of cookies being constructed from user input, is now part of the main query pack.</li> <li>One new query for Ruby <code>rb/weak-sensitive-data-hashing</code>, to detect cases where sensitive data is hashed using a weak cryptographic hashing algorithm.</li> </ul> </li> <li><strong>CodeQL 2.18.3</strong> <ul> <li>New C# <a href="https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/#customizing-library-models-for-c">models</a> for local sources from <code>System.IO.Path.GetTempPath</code> and <code>System.Environment.GetFolderPath</code>.</li> </ul> </li> <li><strong>CodeQL 2.18.4</strong> <ul> <li>Support for scanning C# codebases without needing a build is <a href="https://github.blog/changelog/2024-08-28-codeql-code-scanning-can-analyze-java-and-c-codebases-without-needing-a-build-ga/">generally available</a>.</li> <li>Support for Go 1.23.</li> </ul> </li> <li><strong>CodeQL 2.19.0</strong> <ul> <li>Support for TypeScript 5.6.</li> <li>One new query for JavaScript <code>js/actions/actions-artifact-leak</code> to detect GitHub Actions artifacts that may leak the <code>GITHUB_TOKEN</code> token.</li> <li>A 13.7% evaluator speed improvement over CodeQL <code>2.17.0</code> release.</li> </ul> </li> </ul> <p>For a full list of changes, please refer to the complete changelog for versions <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.2/">2.18.2</a>, <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.3/">2.18.3</a>, <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.4/">2.18.4</a> and <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.19.0/">2.19.0</a>.</p> <p>All new functionality from <code>2.18.Z</code> releases will be included in GHES 3.15, while functionality from <code>2.19.0</code> will be included in GHES 3.16. If you use GHES 3.14 or older, you can <a href="https://docs.github.com/en/enterprise-server@3.14/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access">upgrade your CodeQL version</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-09-25-codeql-2-19-0-typescript-5-6-and-go-1-23-support-new-queries-for-javascript-and-ruby" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-79992"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-09-25-codeql-2-19-0-typescript-5-6-and-go-1-23-support-new-queries-for-javascript-and-ruby" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-79863" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-79863 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security-and-compliance changelog-label-security-overview"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-09-19-enhanced-security-overview-dashboard-detection-remediation-and-prevention-at-the-forefront" rel="bookmark">Enhanced security overview dashboard – detection, remediation, and prevention at the forefront</a></h2> <time datetime="2024-09-19" class="d-block f5-mktg text-medium color-fg-muted mt-14px">September 19, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-overview/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-overview</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-79863" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Now, you can view <strong>Prevention</strong> metrics alongside <strong>Detection</strong> and <strong>Remediation</strong> metrics and in an enhanced security overview dashboard. This update is available at both the organization and enterprise levels.</p> <p align="center" class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/dbb4192c-a46a-4d44-ad0b-ee4756d26d36" alt="New prevention tab on the security overview dashboard" width="600" loading="lazy"></p> <p>New to the dashboard, the <strong>Prevention</strong> insights tab highlights CodeQL pull requests alerts and will soon include secret scanning push protection insights. It’s designed to help you shift from merely responding to vulnerabilities to actively preventing them, the ultimate goal in application security. With this dashboard, you and your team can proactively keep vulnerabilities at bay, successfully blocking threats before they ever reach production.</p> <h4 id="deep-dive-into-the-codeql-pull-request-alerts">Deep dive into the CodeQL pull request alerts<a href="#deep-dive-into-the-codeql-pull-request-alerts" class="heading-link pl-2 text-italic text-bold" aria-label="Deep dive into the CodeQL pull request alerts"></a></h4> <p>For a deeper analysis, the new <strong>CodeQL pull request alerts</strong> report is also available at both the organization and enterprise levels. This report allows you to:</p> <ul> <li>Track historical metrics for CodeQL pull request alerts</li> <li>Monitor code as it progresses from feature branches to the default branch</li> <li>Analyze metrics by CodeQL rule, autofix status, and repository</li> </ul> <p>The enhanced dashboard is now generally available on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.16.</p> <p><a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-pull-request-alerts">Learn more about pull request alerts</a> and join the discussion within the <a href="https://github.com/orgs/community/discussions/139243">GitHub Community</a></p> </body></html> </div> <a href="https://github.blog/changelog/2024-09-19-enhanced-security-overview-dashboard-detection-remediation-and-prevention-at-the-forefront" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-79863"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-09-19-enhanced-security-overview-dashboard-detection-remediation-and-prevention-at-the-forefront" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-79832" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-79832 changelog type-changelog status-publish hentry changelog-label-code-scanning changelog-label-codeql changelog-label-copilot changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-09-18-now-available-for-free-on-all-public-repositories-copilot-autofix-for-codeql-code-scanning-alerts" rel="bookmark">Now available for free on all public repositories: Copilot Autofix for CodeQL code scanning alerts</a></h2> <time datetime="2024-09-18" class="d-block f5-mktg text-medium color-fg-muted mt-14px">September 18, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-79832" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Now you can remediate existing security issues in your public repositories faster with Copilot Autofix for CodeQL alerts. Following our <a href="https://github.blog/changelog/2024-08-14-copilot-autofix-for-codeql-code-scanning-alerts-is-now-generally-available/">general availability release for all Advanced Security customers</a>, Copilot Autofix for CodeQL alerts is now generally available (GA) for all public repositories, for free.</p> <p>Powered by GitHub Copilot, this feature provides automatic fixes for vulnerabilities found by CodeQL, both on pull requests and for historical alerts that already exist in a codebase.</p> <p>Importantly, you stay in full control of your codebase: Copilot Autofix will try and suggest fixes for CodeQL alerts in pull requests, but it’s ultimately up to you to decide whether you wish to accept Copilot’s suggestion wholly, partially, or not at all. The same applies to historical alerts in a codebase: you can request an autofix from Copilot, then review it, and decide whether you want to open a PR with the fix suggestion or commit straight to the affected branch (or neither).</p> <p class="has-image"><img decoding="async" width="700" alt="Example of Copilot Autofix generation on the alert page" src="https://github.com/user-attachments/assets/4e4db6c5-6f5b-4fbc-b428-0ca8db9fb60b" loading="lazy"></p> <p>Copilot Autofix is available for all public repositories that use code scanning CodeQL, and is enabled by default for alerts on PRs. It does not generate additional notifications. If you would like to enable Copilot Autofix on your organization’s private repositories, please have a look at <a href="https://github.blog/news-insights/product-news/secure-code-more-than-three-times-faster-with-copilot-autofix/">this blog post where we announce Autofix for GitHub Advanced Security</a>.</p> <p>For more information, see: <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning">About Copilot Autofix for CodeQL code scanning</a>. If you have feedback for Copilot Autofix for code scanning, please join the discussion <a href="https://github.com/orgs/community/discussions/111094">here</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-09-18-now-available-for-free-on-all-public-repositories-copilot-autofix-for-codeql-code-scanning-alerts" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-79832"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-09-18-now-available-for-free-on-all-public-repositories-copilot-autofix-for-codeql-code-scanning-alerts" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-79782" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-79782 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security-and-compliance changelog-label-security-overview"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-09-16-csv-exports-for-the-codeql-pull-request-alerts-report" rel="bookmark">CSV exports for the CodeQL pull request alerts report</a></h2> <time datetime="2024-09-16" class="d-block f5-mktg text-medium color-fg-muted mt-14px">September 16, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-overview/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-overview</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-79782" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p align="center" class="has-image"> <img decoding="async" width="600" alt="New Export CSV button highlighted on the CodeQL pull request alerts report" src="https://github.com/user-attachments/assets/fc0227e5-87aa-48ae-8424-a4f48dff0d7f" loading="lazy"> </p> <p>You can now export data from the CodeQL pull request alerts report in CSV format, enabling you to analyze prevention and autofix metrics offline or archive the data for future use. This functionality is available at both the organization and enterprise levels. Exports will respect all filters applied, allowing you to focus on the specific data most relevant to your needs. You can download all data where you have an appropriate level of <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/security-overview/about-security-overview#organization-level-overview">access</a>.</p> <p><a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-pull-request-alerts">Learn more about tracking metrics on CodeQL pull request alerts</a> and join the discussion within the <a href="https://github.com/github-community/community/discussions/categories/code-security">GitHub Community</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-09-16-csv-exports-for-the-codeql-pull-request-alerts-report" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-79782"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-09-16-csv-exports-for-the-codeql-pull-request-alerts-report" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-79602" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-79602 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-08-28-codeql-code-scanning-can-analyze-java-and-c-codebases-without-needing-a-build-ga" rel="bookmark">CodeQL code scanning can analyze Java and C# codebases without needing a build (GA)</a></h2> <time datetime="2024-08-28" class="d-block f5-mktg text-medium color-fg-muted mt-14px">August 28, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-79602" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>CodeQL code scanning can now analyze Java and C# code without having to observe a build. This makes it easier to roll out the security analysis on large numbers of repositories, especially when enabling and managing repositories with <a href="https://docs.github.com/en/code-security/securing-your-organization/">GHAS security configurations</a>.</p> <p><a href="https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql">CodeQL</a> is the analysis engine that powers GitHub code scanning. When analyzing source code, it is important that the analysis engine has detailed knowledge of all aspects of the codebase. Now, the analysis engine no longer depends on observing the build process for Java and C# code, resulting in higher setup success and adoption rates for CodeQL code scanning (Java and C#).</p> <p>During the testing of this feature, we validated that the analysis results were as accurate as the previous methodology. This feature was previously in public beta earlier this year (<a href="https://github.blog/changelog/2024-03-26-codeql-can-scan-java-projects-without-a-build/">Java</a>, <a href="https://github.blog/changelog/2024-06-20-codeql-can-scan-c-projects-without-requiring-working-builds-public-beta/">C#</a>), when it became the new default analysis mode for new users of CodeQL code scanning for these languages. Some customers experienced time significant savings as some tasks that previously took weeks now are achievable in minutes.</p> <p>CodeQL’s new zero-configuration analysis mechanisms for both Java and C# are available on GitHub.com. If you are setting up CodeQL code scanning for these repositories, you will benefit from this analysis mechanism by default. If you set up CodeQL code scanning for Java or C# before their respective public beta releases of this feature, your analysis will remain unchanged (but can be migrated by disabling the current configuration and re-enabling code scanning using <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning">default setup</a>). This new functionality will also be released to our GitHub Enterprise Server (GHES) customers starting with version 3.14 for Java and 3.15 for C#.</p> <p>Repositories that use code scanning <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning">advanced setup</a> will continue to use whichever analysis mechanism is specified in the Actions workflow file. The template for new analysis configurations now uses the new analysis mechanism by specifying `build-mode: none`. The <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages%5C#codeql-build-modes">old analysis mechanisms</a> remain available. Users of the CodeQL CLI can find more documentation <a href="https://docs.github.com/en/code-security/codeql-cli/codeql-cli-manual/database-create%5C#--build-modemode">here</a>.</p> <p>Learn more about <a href="https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning">GitHub code scanning</a>. If you have any feedback about these new analysis mechanisms for Java and C#, please join the discussion <a href="https://github.com/orgs/community/discussions/113548">here</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-08-28-codeql-code-scanning-can-analyze-java-and-c-codebases-without-needing-a-build-ga" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-79602"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-08-28-codeql-code-scanning-can-analyze-java-and-c-codebases-without-needing-a-build-ga" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-79503" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-79503 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security-and-compliance changelog-label-security-overview"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-08-19-prevention-and-autofix-insights-for-codeql-pull-request-alerts" rel="bookmark">Prevention and autofix insights for CodeQL pull request alerts</a></h2> <time datetime="2024-08-19" class="d-block f5-mktg text-medium color-fg-muted mt-14px">August 19, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-overview/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-overview</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-79503" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>You can now track prevention metrics for CodeQL pull request alerts with the new CodeQL pull request alerts report—available at both the organization and enterprise level. These insights empower you to proactively identify and mitigate security risks before they reach your default branch.</p> <p align="center" class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/dec97197-b70e-4abd-aef9-46e443864801" alt="Enterprise-level CodeQL pull request alerts report" width="600" loading="lazy"></p> <p>With this report, you can historically track metrics for CodeQL pull request alerts as code moves from feature branches to the default branch. Gain insights into:</p> <ul> <li><strong>Unresolved and merged alerts:</strong> Understand what security vulnerabilities made it to the default branch.</li> <li><strong>Fixes (autofix and manual):</strong> Track which alerts were addressed before merging.</li> <li><strong>Dismissed alerts:</strong> See which alerts were deemed false positive or risk accepted.</li> </ul> <p>Additionally, analyze metrics by CodeQL rule, autofix status, and repository.</p> <p>Historical data is available starting from May 1, 2024.</p> <p>To access these reports, click your profile photo in the top-right corner of GitHub.com and select the organization or enterprise you want to view. For organizations, go to the <strong>Security</strong> tab and find <strong>CodeQL pull request alerts</strong> in the sidebar. For enterprises, click <strong>Code Security</strong> in the sidebar, then select <strong>CodeQL pull request alerts</strong>.</p> <p>These reports are now generally available on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.15.</p> <p><a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/security-overview/about-security-overview">Learn more about security overview</a> and <a href="https://github.com/orgs/community/discussions/138517">join the discussion</a> within the GitHub Community.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-08-19-prevention-and-autofix-insights-for-codeql-pull-request-alerts" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-79503"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-08-19-prevention-and-autofix-insights-for-codeql-pull-request-alerts" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-79328" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-79328 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-copilot changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-08-14-copilot-autofix-for-codeql-code-scanning-alerts-is-now-generally-available" rel="bookmark">Copilot Autofix for CodeQL code scanning alerts is now generally available</a></h2> <time datetime="2024-08-14" class="d-block f5-mktg text-medium color-fg-muted mt-14px">August 14, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-79328" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Today, we’ve <a href="https://github.blog/news-insights/product-news/secure-code-more-than-three-times-faster-with-copilot-autofix/">announced</a> the general availability of Copilot Autofix for CodeQL alerts in GitHub code scanning! Powered by GitHub Copilot, this feature brings automatic fixes for vulnerabilities found by CodeQL into the developer workflow.</p> <p>Through a deep integration in GitHub pull requests, autofixes help developers to fix vulnerabilities quickly and early in the development process, thereby preventing new vulnerabilities from entering your codebase. Data from our beta programme shows that vulnerabilities with a fix suggestion are fixed <a href="https://github.blog/news-insights/product-news/secure-code-more-than-three-times-faster-with-copilot-autofix/">3x faster across all vulnerability types</a>, and even faster for complicated vulnerability types like cross-site scripting (7x faster) and SQL injection (12x faster). For security debt that already exists in your codebases, Copilot Autofix can help you with on-demand autofixes for historical alerts. Copilot Autofix for CodeQL code scanning was previously called <a href="https://github.blog/news-insights/product-news/found-means-fixed-introducing-code-scanning-autofix-powered-by-github-copilot-and-codeql/">“code scanning autofix”</a>, and is now generally available for all <a href="http://www.github.com/enterprise/advanced-security">GitHub Advanced Security</a> customers on GitHub.com.</p> <p>As developers start using autofixes, security teams can see an overview of how their organisation adopts autofixes generated by Copilot on their <a href="https://docs.github.com/en/code-security/security-overview/about-security-overview">security overview dashboard</a>. This includes detailed information about remediation rates.</p> <p>For more information, see: <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning">About Copilot Autofix for CodeQL code scanning</a>. If you have feedback for Copilot Autofix for code scanning, please join the discussion <a href="https://github.com/orgs/community/discussions/111094">here</a>.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/ed749919-6405-4263-a4c6-732f181fdc39" alt="Example of Copilot Autofix operating on a CodeQL alert in a pull request" width="700" loading="lazy"></p> </body></html> </div> <a href="https://github.blog/changelog/2024-08-14-copilot-autofix-for-codeql-code-scanning-alerts-is-now-generally-available" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-79328"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-08-14-copilot-autofix-for-codeql-code-scanning-alerts-is-now-generally-available" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-79023" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-79023 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-07-26-codeql-2-18-1-kotlin-swift-mobile-support-is-generally-available-typescript-5-5-support-c-build-mode-none-public-beta" rel="bookmark">CodeQL 2.18.1: Kotlin & Swift mobile support is generally available, TypeScript 5.5 support, C# build-mode: none public beta</a></h2> <time datetime="2024-07-26" class="d-block f5-mktg text-medium color-fg-muted mt-14px">July 26, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-79023" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>CodeQL is the static analysis engine that powers GitHub code scanning. CodeQL version 2.18.1 has been released and has now been rolled out to code scanning users on GitHub.com.</p> <p>Important changes by version include:</p> <ul> <li>For CodeQL <code>2.17.6</code>: <ul> <li>C# can now use <code>build-mode: none</code>, which allows <a href="https://github.blog/changelog/2024-06-20-codeql-can-scan-c-projects-without-requiring-working-builds-public-beta/">scanning C# code without requiring working builds</a>.</li> </ul> </li> <li>For CodeQL <code>2.18.0</code>: <ul> <li>Support for TypeScript 5.5.</li> </ul> </li> <li>For CodeQL <code>2.18.1</code>: <ul> <li>Kotlin & Swift support for mobile applications is now <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.1#swift-1">generally available</a>.</li> <li>Java <code>build-mode: none</code> analyses now only report a warning on the <a href="https://docs.github.com/en/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page#about-the-tool-status-page">tool status page</a> when <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.1#java-2">significant analysis problems</a> are detected.</li> <li>Two <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.1#javascript-typescript">new JavaScript queries</a> <code>js/functionality-from-untrusted-domain</code> has been added to detect usage of scripts from untrusted domains, including <code>polyfill.io</code> content delivery network and <code>js/insecure-helmet-configuration</code> to detect instances where important <a href="https://github.com/helmetjs/helmet">Helmet</a> security features are disabled.</li> <li>The precision of <code>cpp/iterator-to-expired-container</code> & <code>cpp/unsafe-strncat</code> <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.1/#c-c-1">have been increased</a> to <code>high</code>. They have been moved to the <a href="https://docs.github.com/en/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites#default-query-suite">default query suite</a>. </li> </ul> </li> </ul> <p>For a full list of changes, please refer to the complete changelog for versions <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.17.6">2.17.6</a>, <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.0">2.18.0</a>, and <a href="https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.18.1">2.18.1</a>. All new functionality will be included in GHES 3.15. Users of GHES 3.14 or older can upgrade their <a href="https://docs.github.com/en/enterprise-server@3.13/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access">CodeQL version</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-07-26-codeql-2-18-1-kotlin-swift-mobile-support-is-generally-available-typescript-5-5-support-c-build-mode-none-public-beta" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-79023"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-07-26-codeql-2-18-1-kotlin-swift-mobile-support-is-generally-available-typescript-5-5-support-c-build-mode-none-public-beta" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-78764" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-78764 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-07-16-ai-powered-autofixes-for-historical-codeql-alerts-are-now-in-public-beta" rel="bookmark">AI-powered autofixes for historical CodeQL alerts are now in public beta</a></h2> <time datetime="2024-07-16" class="d-block f5-mktg text-medium color-fg-muted mt-14px">July 16, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-78764" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Code scanning autofix for alerts in default branch is now available in public beta for all <a href="https://github.com/enterprise/advanced-security">GitHub Advanced Security</a> customers. This feature empowers developers to reduce the time and effort spent remediating existing alerts and reduce the number of vulnerabilities in the code base.</p> <p>Powered by GitHub Copilot, code scanning generates fixes for alerts in <a href="https://docs.github.com/en/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites#query-lists-for-the-default-query-suites">all CodeQL supported languages</a>.</p> <p class="has-image"><img decoding="async" width="700" alt="Example autofix page for a Missing regular expression anchor vulnerability detected with CodeQL" src="https://github.com/user-attachments/assets/7cc8de86-4baa-402b-8e13-b57a49673099" loading="lazy"></p> <p>With code scanning autofix, you can reduce security debt by generating fixes for alerts that are detected on the main or default branches of your repository. On the alert pages where autofix is available, press the ‘Generate fix’ button to get a natural language explanation of the suggested fix, along with a preview of the code suggestion. You can accept the fix by creating a PR with the fix and even edit the fix as part of the PR flow. These code suggestions can include changes to multiple files, and where needed, autofix may also add or modify dependencies.</p> <p class="has-image"><img decoding="async" width="700" alt="Example of the autofix generation process, showing the Generate fix button" src="https://github.com/user-attachments/assets/494eeb82-0931-4ada-8835-9948d171dc6f" loading="lazy"></p> <p>Code scanning autofix is automatically enabled on private repositories for all <a href="https://github.com/enterprise/advanced-security">GitHub Advanced Security</a> customers.</p> <p>You can configure code scanning autofix for a repository or organisation. You can also use ‘Policies for Code security and analysis’ to allow autofix for CodeQL code scanning for an enterprise.</p> <p class="has-image"><img decoding="async" width="700" alt="Enterprise level settings view of Autofix for CodeQL" src="https://github.com/github/release-assets/assets/54394529/fc3f7d61-c7e2-456d-9a45-755aaf0294b6" loading="lazy"></p> <p>The fix generation for any given alert depends on the context and location of the alert. In some cases, code scanning won’t display a fix suggestion for an alert if the suggested code change fails syntax tests or safety filtering.</p> <p>You do not need a Copilot license to use autofix for existing alerts. For more information, see <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning">About code scanning autofix.</a></p> <p>Provide feedback for code scanning autofix <a href="https://github.com/orgs/community/discussions/111094">here.</a></p> </body></html> </div> <a href="https://github.blog/changelog/2024-07-16-ai-powered-autofixes-for-historical-codeql-alerts-are-now-in-public-beta" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-78764"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-07-16-ai-powered-autofixes-for-historical-codeql-alerts-are-now-in-public-beta" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-78726" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-78726 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-07-10-improved-detection-of-existing-codeql-setups-during-at-scale-rollouts" rel="bookmark">Improved detection of existing CodeQL setups during at scale rollouts</a></h2> <time datetime="2024-07-10" class="d-block f5-mktg text-medium color-fg-muted mt-14px">July 10, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-78726" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>When rolling out code scanning default setup at scale (e.g., via <a href="https://github.blog/changelog/2024-04-02-code-security-configurations-let-organizations-easily-roll-out-github-security-products-at-scale/">code security configurations</a>), GitHub checks if an <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning">advanced CodeQL setup</a> already exists for each repository. If an advanced setup exists, GitHub retains it and does not enable the default setup.</p> <p>Starting today, it will be easier to understand if a repository will be converted during an at scale rollout.</p> <p>Previously, GitHub would consider a repository to be using an advanced setup if the repository had ever had a CodeQL analysis. After this change, a repository is now considered as using an advanced CodeQL setup only if:</p> <ul> <li>In the last 90 days, there has been a CodeQL analysis for the default branch, and</li> <li>the workflow file associated with the latest CodeQL analysis in the default branch has not been deleted or disabled.</li> </ul> <h2 id="how-does-this-affect-me">How does this affect me?<a href="#how-does-this-affect-me" class="heading-link pl-2 text-italic text-bold" aria-label="How does this affect me?"></a></h2> <p>The improvements to the detection of existing CodeQL setups impacts you only if you are doing a rollout of code scanning at scale using (e.g.,) code security configurations and had previously used CodeQL via an advanced setup on some of your repositories.</p> <p>If you are doing a rollout at scale, and want a repository to be considered for conversion to default setup, you can now delete or disable the associated yml file or you can <a href="https://github.blog/changelog/2023-03-10-delete-stale-code-scanning-configurations-to-close-outdated-alerts/">delete the associated configurations</a> for API-based advanced setups.</p> <p>These changes will simplify enabling default setup at scale by increasing the number of repositories that are converted from advanced to default setup during an at scale rollout.</p> <h3 id="how-do-i-convert-my-repo-from-advanced-setup-to-default-setup">How do I convert my repo from advanced setup to default setup?<a href="#how-do-i-convert-my-repo-from-advanced-setup-to-default-setup" class="heading-link pl-2 text-italic text-bold" aria-label="How do I convert my repo from advanced setup to default setup?"></a></h3> <p>You can always enable default setup at the repository level. If there is a yml workflow file in the repository, GitHub will disable it for you. If you are doing API uploads, however, you need to adjust your CI/CD systems to stop submitting analyses. Note that while default setup is enabled, all CodeQL uploads via the API will be rejected.</p> <h3 id="how-do-i-convert-my-repos-from-advanced-setup-to-default-setup-at-scale">How do I convert my repos from advanced setup to default setup at scale?<a href="#how-do-i-convert-my-repos-from-advanced-setup-to-default-setup-at-scale" class="heading-link pl-2 text-italic text-bold" aria-label="How do I convert my repos from advanced setup to default setup at scale?"></a></h3> <p>To convert multiple repos you have two options.<br> 1. Use the <a href="https://docs.github.com/en/rest/code-scanning/code-scanning?apiVersion=2022-11-28#update-a-code-scanning-default-setup-configuration">default setup repository-level API</a>, or<br> 2. Use organization-level <a href="https://docs.github.com/en/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale">code security configurations</a> to configure all the GHAS products in one go.</p> <p>Note that repositories will be <a href="https://docs.github.com/en/code-security/securing-your-organization/troubleshooting-security-configurations/a-repository-is-using-advanced-setup-for-code-scanning">converted from default to advance only if they meet any of following criteria</a>:</p> <ul> <li>The latest CodeQL analysis on the default branch is older than 90 days old. </li> <li>All CodeQL <a href="https://github.blog/changelog/2023-03-10-delete-stale-code-scanning-configurations-to-close-outdated-alerts/">configurations have been deleted</a>.</li> <li>(Exclusively for yml-based advanced setups) The workflow file has been deleted or disabled.</li> </ul> <h3 id="can-i-use-an-api-to-bulk-disable-advanced-setups-that-use-yml-workflow-files">Can I use an API to bulk disable advanced setups that use yml workflow files?<a href="#can-i-use-an-api-to-bulk-disable-advanced-setups-that-use-yml-workflow-files" class="heading-link pl-2 text-italic text-bold" aria-label="Can I use an API to bulk disable advanced setups that use yml workflow files?"></a></h3> <p>Yes. You can directly disable the associated workflow file by calling the <a href="https://docs.github.com/en/rest/actions/workflows?apiVersion=2022-11-28#disable-a-workflow">Actions endpoint via the REST API</a>. To do so, you will need to know the name of the workflow file. The name of the workflow file can be found in the <a href="https://docs.github.com/en/rest/code-scanning/code-scanning?apiVersion=2022-11-28#list-code-scanning-analyses-for-a-repository">code scanning <code>/analyses</code> endpoint</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-07-10-improved-detection-of-existing-codeql-setups-during-at-scale-rollouts" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-78726"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-07-10-improved-detection-of-existing-codeql-setups-during-at-scale-rollouts" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-78584" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-78584 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-06-20-codeql-can-scan-c-projects-without-requiring-working-builds-public-beta" rel="bookmark">CodeQL can scan C# projects without requiring working builds (public beta)</a></h2> <time datetime="2024-06-20" class="d-block f5-mktg text-medium color-fg-muted mt-14px">June 20, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-78584" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>CodeQL, the static analysis engine that powers GitHub code scanning, can now analyze C# projects without needing a build. This public beta capability enables organizations to more easily roll out CodeQL at scale. Previously, CodeQL required a working build to analyze C# projects. By removing that requirement, our large-scale testing has shown that CodeQL can be successfully enabled for over 90% of C# repos without manual intervention.<br> This new way of analyzing C# codebases is now enabled by default for all code scanning users on GitHub.com. CodeQL CLI users can enable this feature using the <code>build-mode: none</code> flag, starting with version <code>2.17.6</code>.</p> <p>Repositories with an <em>existing</em> code scanning setup, <a href="https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#about-default-setup">default</a> or <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#about-advanced-setup-for-code-scanning">advanced</a>, will not experience any changes. If code scanning is working for you today it will continue to work as-is, and there is no need to change your configuration.</p> <ul> <li>Repositories using code scanning default setup will automatically benefit from this new analysis approach.</li> <li>Repositories using advanced setup for code scanning via workflow files will have the option to choose a <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes"><code>build-mode</code></a>. The default value for newly configured C# repositories will be <code>build-mode: none</code>.</li> <li><a href="https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/about-the-codeql-cli">CodeQL CLI</a> users will not experience any change in the default behaviour, for compatibility with existing workflows. Users that want to enable this feature can now use the <a href="https://docs.github.com/en/code-security/codeql-cli/codeql-cli-manual/database-create#--build-modemode"><code>--build-mode none</code></a> option. Generally, you should set the <code>--build-mode</code> option when using the CLI to make it easier to debug and persist the configuration should default behaviour change at any point in the future.</li> </ul> <p>The new mechanism for scanning C# is available on GitHub.com and will be available with CodeQL CLI <code>2.17.6</code>. While in public beta, this feature will not be available on GitHub Enterprise Server for default setup or advanced setup for code scanning. As we continue to work on scanning C# projects without the need for working builds, <a href="https://github.com/orgs/community/discussions/113548">send us your feedback</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-06-20-codeql-can-scan-c-projects-without-requiring-working-builds-public-beta" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-78584"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-06-20-codeql-can-scan-c-projects-without-requiring-working-builds-public-beta" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> </div> <div class="container-xl mx-auto p-responsive-blog mt-6 mt-md-8"> <div class="d-flex gutter-spacious"> <div class="col-12 col-md-7 offset-md-5"> <a href="https://github.blog/changelog/label/codeql/page/2/" class="d-inline-block btn-mktg js-ajax-fetch changelog-single-content-wrap"> View more changes <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </div> </div> </main> <div data-color-mode="dark" data-light-theme="light" data-dark-theme="dark"> <footer class="footer pt-6"> <div class="container-xl p-responsive-blog"> <div class="d-flex flex-wrap py-5 mb-5"> <div class="col-12 col-lg-4 mb-5"> <a href="https://github.com/" data-ga-click="Resources, go to home, resources footer" class="color-fg-default" aria-label="Go to GitHub homepage"> <svg height="30" class="octicon octicon-logo-github" viewBox="0 0 45 16" version="1.1" width="84" aria-hidden="true"> <path fill-rule="evenodd" d="M18.53 12.03h-.02c.009 0 .015.01.024.011h.006l-.01-.01zm.004.011c-.093.001-.327.05-.574.05-.78 0-1.05-.36-1.05-.83V8.13h1.59c.09 0 .16-.08.16-.19v-1.7c0-.09-.08-.17-.16-.17h-1.59V3.96c0-.08-.05-.13-.14-.13h-2.16c-.09 0-.14.05-.14.13v2.17s-1.09.27-1.16.28c-.08.02-.13.09-.13.17v1.36c0 .11.08.19.17.19h1.11v3.28c0 2.44 1.7 2.69 2.86 2.69.53 0 1.17-.17 1.27-.22.06-.02.09-.09.09-.16v-1.5a.177.177 0 00-.146-.18zM42.23 9.84c0-1.81-.73-2.05-1.5-1.97-.6.04-1.08.34-1.08.34v3.52s.49.34 1.22.36c1.03.03 1.36-.34 1.36-2.25zm2.43-.16c0 3.43-1.11 4.41-3.05 4.41-1.64 0-2.52-.83-2.52-.83s-.04.46-.09.52c-.03.06-.08.08-.14.08h-1.48c-.1 0-.19-.08-.19-.17l.02-11.11c0-.09.08-.17.17-.17h2.13c.09 0 .17.08.17.17v3.77s.82-.53 2.02-.53l-.01-.02c1.2 0 2.97.45 2.97 3.88zm-8.72-3.61h-2.1c-.11 0-.17.08-.17.19v5.44s-.55.39-1.3.39-.97-.34-.97-1.09V6.25c0-.09-.08-.17-.17-.17h-2.14c-.09 0-.17.08-.17.17v5.11c0 2.2 1.23 2.75 2.92 2.75 1.39 0 2.52-.77 2.52-.77s.05.39.08.45c.02.05.09.09.16.09h1.34c.11 0 .17-.08.17-.17l.02-7.47c0-.09-.08-.17-.19-.17zm-23.7-.01h-2.13c-.09 0-.17.09-.17.2v7.34c0 .2.13.27.3.27h1.92c.2 0 .25-.09.25-.27V6.23c0-.09-.08-.17-.17-.17zm-1.05-3.38c-.77 0-1.38.61-1.38 1.38 0 .77.61 1.38 1.38 1.38.75 0 1.36-.61 1.36-1.38 0-.77-.61-1.38-1.36-1.38zm16.49-.25h-2.11c-.09 0-.17.08-.17.17v4.09h-3.31V2.6c0-.09-.08-.17-.17-.17h-2.13c-.09 0-.17.08-.17.17v11.11c0 .09.09.17.17.17h2.13c.09 0 .17-.08.17-.17V8.96h3.31l-.02 4.75c0 .09.08.17.17.17h2.13c.09 0 .17-.08.17-.17V2.6c0-.09-.08-.17-.17-.17zM8.81 7.35v5.74c0 .04-.01.11-.06.13 0 0-1.25.89-3.31.89-2.49 0-5.44-.78-5.44-5.92S2.58 1.99 5.1 2c2.18 0 3.06.49 3.2.58.04.05.06.09.06.14L7.94 4.5c0 .09-.09.2-.2.17-.36-.11-.9-.33-2.17-.33-1.47 0-3.05.42-3.05 3.73s1.5 3.7 2.58 3.7c.92 0 1.25-.11 1.25-.11v-2.3H4.88c-.11 0-.19-.08-.19-.17V7.35c0-.09.08-.17.19-.17h3.74c.11 0 .19.08.19.17z"></path> </svg> </a> </div> <div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"><h2 class="h5 mb-3 text-mono color-text-tertiary text-normal">Product</h2><ul class="list-style-none text-gray f5"><li class="lh-condensed mb-3"><a href="https://github.com/features" data-ga-click="Site Foundation Components, go to Features, site foundation components footer" class="Link--secondary">Features</a></li><li class="lh-condensed mb-3"><a href="https://github.com/security" data-ga-click="Site Foundation Components, go to Security, site foundation components footer" class="Link--secondary">Security</a></li><li class="lh-condensed mb-3"><a href="https://github.com/enterprise" data-ga-click="Site Foundation Components, go to Enterprise, site foundation components footer" class="Link--secondary">Enterprise</a></li><li class="lh-condensed mb-3"><a href="https://github.com/customer-stories?type=enterprise" data-ga-click="Site Foundation Components, go to Customer Stories, site foundation components footer" class="Link--secondary">Customer Stories</a></li><li class="lh-condensed mb-3"><a href="https://github.com/pricing" data-ga-click="Site Foundation Components, go to Pricing, site foundation components footer" class="Link--secondary">Pricing</a></li><li class="lh-condensed mb-3"><a href="https://resources.github.com/" data-ga-click="Site Foundation Components, go to Resources, site foundation components footer" class="Link--secondary">Resources</a></li></ul></div><div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"><h2 class="h5 mb-3 text-mono color-text-tertiary text-normal">Platform</h2><ul class="list-style-none text-gray f5"><li class="lh-condensed mb-3"><a href="https://developer.github.com/" data-ga-click="Site Foundation Components, go to Developer API, site foundation components footer" class="Link--secondary">Developer API</a></li><li class="lh-condensed mb-3"><a href="https://partner.github.com/" data-ga-click="Site Foundation Components, go to Partners, site foundation components footer" class="Link--secondary">Partners</a></li><li class="lh-condensed mb-3"><a href="https://atom.io/" data-ga-click="Site Foundation Components, go to Atom, site foundation components footer" class="Link--secondary">Atom</a></li><li class="lh-condensed mb-3"><a href="https://www.electronjs.org/" data-ga-click="Site Foundation Components, go to Electron, site foundation components footer" class="Link--secondary">Electron</a></li><li class="lh-condensed mb-3"><a href="https://desktop.github.com/" data-ga-click="Site Foundation Components, go to GitHub Desktop, site foundation components footer" class="Link--secondary">GitHub Desktop</a></li></ul></div><div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"><h2 class="h5 mb-3 text-mono color-text-tertiary text-normal">Support</h2><ul class="list-style-none text-gray f5"><li class="lh-condensed mb-3"><a href="https://docs.github.com/" data-ga-click="Site Foundation Components, go to Docs, site foundation components footer" class="Link--secondary">Docs</a></li><li class="lh-condensed mb-3"><a href="https://github.community/" data-ga-click="Site Foundation Components, go to Community Forum, site foundation components footer" class="Link--secondary">Community Forum</a></li><li class="lh-condensed mb-3"><a href="https://services.github.com/" data-ga-click="Site Foundation Components, go to Training, site foundation components footer" class="Link--secondary">Training</a></li><li class="lh-condensed mb-3"><a href="https://www.githubstatus.com/" data-ga-click="Site Foundation Components, go to Status, site foundation components footer" class="Link--secondary">Status</a></li><li class="lh-condensed mb-3"><a href="https://support.github.com/" data-ga-click="Site Foundation Components, go to Contact, site foundation components footer" class="Link--secondary">Contact</a></li></ul></div><div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"><h2 class="h5 mb-3 text-mono color-text-tertiary text-normal">Company</h2><ul class="list-style-none text-gray f5"><li class="lh-condensed mb-3"><a href="https://github.com/about" data-ga-click="Site Foundation Components, go to About, site foundation components footer" class="Link--secondary">About</a></li><li class="lh-condensed mb-3"><a href="https://github.blog/" data-ga-click="Site Foundation Components, go to Blog, site foundation components footer" class="Link--secondary">Blog</a></li><li class="lh-condensed mb-3"><a href="https://github.com/about/careers" data-ga-click="Site Foundation Components, go to Careers, site foundation components footer" class="Link--secondary">Careers</a></li><li class="lh-condensed mb-3"><a href="https://github.com/about/press" data-ga-click="Site Foundation Components, go to Press, site foundation components footer" class="Link--secondary">Press</a></li><li class="lh-condensed mb-3"><a href="https://shop.github.com/" data-ga-click="Site Foundation Components, go to Shop, site foundation components footer" class="Link--secondary">Shop</a></li></ul></div> </div> </div> <div class="color-bg-subtle"> <div class="container-xl p-responsive-blog f6 py-4 d-sm-flex flex-justify-between flex-row-reverse flex-items-center"> <ul class="list-style-none d-flex flex-items-center mb-3 mb-sm-0 lh-condensed-ultra"> <li class="mr-3"> <a href="https://twitter.com/github" data-ga-click="Blog, go to X, resources footer" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 1227" class="d-block" height="18"> <title>X icon</title> <path xmlns="http://www.w3.org/2000/svg" d="M714.163 519.284 1160.89 0h-105.86L667.137 450.887 357.328 0H0l468.492 681.821L0 1226.37h105.866l409.625-476.152 327.181 476.152H1200L714.137 519.284h.026ZM569.165 687.828l-47.468-67.894-377.686-540.24h162.604l304.797 435.991 47.468 67.894 396.2 566.721H892.476L569.165 687.854v-.026Z" fill="currentColor"></path> </svg> <span class="sr-only">GitHub on X</span> </a> </li> <li class="mr-3"> <a href="https://www.facebook.com/GitHub" data-ga-click="Blog, go to Facebook, resources footer" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 15.3 15.4" class="d-block" height="18"> <title>Facebook icon</title> <path d="M14.5 0H.8a.88.88 0 0 0-.8.9v13.6a.88.88 0 0 0 .8.9h7.3v-6h-2V7.1h2V5.4a2.87 2.87 0 0 1 2.5-3.1h.5a10.87 10.87 0 0 1 1.8.1v2.1h-1.3c-1 0-1.1.5-1.1 1.1v1.5h2.3l-.3 2.3h-2v5.9h3.9a.88.88 0 0 0 .9-.8V.8a.86.86 0 0 0-.8-.8z" fill="currentColor"></path> </svg> <span class="sr-only">GitHub on Facebook</span> </a> </li> <li class="mr-3"> <a href="https://www.youtube.com/github" data-ga-click="Blog, go to YouTube, resources footer" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.17 13.6" class="d-block" height="16"> <title>YouTube icon</title> <path d="M18.77 2.13A2.4 2.4 0 0 0 17.09.42C15.59 0 9.58 0 9.58 0a57.55 57.55 0 0 0-7.5.4A2.49 2.49 0 0 0 .39 2.13 26.27 26.27 0 0 0 0 6.8a26.15 26.15 0 0 0 .39 4.67 2.43 2.43 0 0 0 1.69 1.71c1.52.42 7.5.42 7.5.42a57.69 57.69 0 0 0 7.51-.4 2.4 2.4 0 0 0 1.68-1.71 25.63 25.63 0 0 0 .4-4.67 24 24 0 0 0-.4-4.69zM7.67 9.71V3.89l5 2.91z" fill="currentColor"></path> </svg> <span class="sr-only">GitHub on YouTube</span> </a> </li> <li class="mr-3 flex-self-start"> <a href="https://www.twitch.tv/github" data-ga-click="Blog, go to Twitch, resources footer" style="color: #959da5;"> <svg role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" class="d-block" height="18"> <title>Twitch icon</title> <path d="M11.571 4.714h1.715v5.143H11.57zm4.715 0H18v5.143h-1.714zM6 0L1.714 4.286v15.428h5.143V24l4.286-4.286h3.428L22.286 12V0zm14.571 11.143l-3.428 3.428h-3.429l-3 3v-3H6.857V1.714h13.714Z" fill="currentColor"/> </svg> <span class="sr-only">GitHub on Twitch</span> </a> </li> <li class="mr-3 flex-self-start"> <a href="https://www.tiktok.com/@github" data-ga-click="Blog, go to TikTok, resources footer" style="color: #959da5;"> <svg role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" class="d-block" height="18"> <title>TikTok icon</title> <path d="M12.525.02c1.31-.02 2.61-.01 3.91-.02.08 1.53.63 3.09 1.75 4.17 1.12 1.11 2.7 1.62 4.24 1.79v4.03c-1.44-.05-2.89-.35-4.2-.97-.57-.26-1.1-.59-1.62-.93-.01 2.92.01 5.84-.02 8.75-.08 1.4-.54 2.79-1.35 3.94-1.31 1.92-3.58 3.17-5.91 3.21-1.43.08-2.86-.31-4.08-1.03-2.02-1.19-3.44-3.37-3.65-5.71-.02-.5-.03-1-.01-1.49.18-1.9 1.12-3.72 2.58-4.96 1.66-1.44 3.98-2.13 6.15-1.72.02 1.48-.04 2.96-.04 4.44-.99-.32-2.15-.23-3.02.37-.63.41-1.11 1.04-1.36 1.75-.21.51-.15 1.07-.14 1.61.24 1.64 1.82 3.02 3.5 2.87 1.12-.01 2.19-.66 2.77-1.61.19-.33.4-.67.41-1.06.1-1.79.06-3.57.07-5.36.01-4.03-.01-8.05.02-12.07z" fill="currentColor"/> </svg> <span class="sr-only">GitHub on TikTok</span> </a> </li> <li class="mr-3 flex-self-start"> <a href="https://www.linkedin.com/company/github" data-ga-click="Blog, go to Linkedin, resources footer" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19 18" class="d-block" height="18"> <title>LinkedIn icon</title> <path d="M3.94 2A2 2 0 1 1 2 0a2 2 0 0 1 1.94 2zM4 5.48H0V18h4zm6.32 0H6.34V18h3.94v-6.57c0-3.66 4.77-4 4.77 0V18H19v-7.93c0-6.17-7.06-5.94-8.72-2.91z" fill="currentColor"></path> </svg> <span class="sr-only">GitHub on LinkedIn</span> </a> </li> <li> <a href="https://github.com/github" data-ga-click="Blog, go to github's org, resources footer" style="color: #959da5;"> <svg height="20" class="octicon octicon-mark-github d-block" alt="" viewBox="0 0 16 16" version="1.1" width="20" aria-hidden="true"> <title>GitHub icon</title> <path fill-rule="evenodd" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"></path> </svg> <span class="sr-only">GitHub’s organization on GitHub</span> </a> </li> </ul> <ul class="list-style-none d-flex flex-wrap text-gray"> <li class="mr-3">© 2024 GitHub, Inc.</li> <li class="mr-3"> <a href="https://docs.github.com/en/github/site-policy/github-terms-of-service" data-ga-click="Site Foundation Components, go to terms, site foundation components footer" class="Link--secondary">Terms</a> </li> <li class="mr-3"> <a href="https://docs.github.com/en/github/site-policy/github-privacy-statement" data-ga-click="Site Foundation Components, go to privacy, site foundation components footer" class="Link--secondary">Privacy</a> </li> <li class="mr-3"> <button type="button" class="btn-link Link--secondary" onClick="_ghcc.showPreferences()">Manage Cookies</button> </li> <li class="mr-3"> <button type="button" class="btn-link Link--secondary" onClick="_ghcc.showPreferences()">Do not share my personal information</button> </li> </ul> </div> </div> </footer> </div> <div id="ghcc" style="position: sticky; bottom: 0; z-index: 99999;"></div><script src="https://ghcc.githubassets.com/ghcc.min.js" id="github_cookie_consent-js"></script> <script src="https://js.monitor.azure.com/scripts/c/ms.analytics-web-4.js" id="github_microsoft_analytics-js"></script> <script type="text/javascript" src="https://github.blog/_static/??/wp-content/plugins/gh-cookie-consent-and-tracking/dist/js/cookie-consent-and-tracking.js,/wp-includes/js/dist/hooks.min.js?m=1732206009j" ></script><script src="https://github.blog/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6" id="wp-i18n-js"></script> <script id="wp-i18n-js-after"> wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } ); </script> <script type="text/javascript" src="https://github.blog/wp-includes/js/dist/url.min.js?m=1732206009g" ></script><script src="https://github.blog/wp-includes/js/dist/api-fetch.min.js?ver=4c185334c5ec26e149cc" id="wp-api-fetch-js"></script> <script id="wp-api-fetch-js-after"> wp.apiFetch.use( wp.apiFetch.createRootURLMiddleware( "https://github.blog/wp-json/" ) ); wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware( "7660532aa1" ); wp.apiFetch.use( wp.apiFetch.nonceMiddleware ); wp.apiFetch.use( wp.apiFetch.mediaUploadMiddleware ); wp.apiFetch.nonceEndpoint = "https://github.blog/wp-admin/admin-ajax.php?action=rest-nonce"; </script> <script type="text/javascript" src="https://github.blog/wp-content/themes/github-2021/dist/js/site-script.js?m=1732205351g" ></script><script integrity="sha256-kAnFXX7lCXF9K2o4g5q1lKyk167yRq6C4TiXWtbgvQw=" crossorigin="anonymous" src="https://analytics.githubassets.com/v1.1.0/hydro-marketing.min.js?ver=6.6.2" id="hydro-analytics-js"></script> <script src="https://stats.wp.com/e-202447.js" id="jetpack-stats-js" data-wp-strategy="defer"></script> <script id="jetpack-stats-js-after"> _stq = window._stq || []; _stq.push([ "view", JSON.parse("{\"v\":\"ext\",\"blog\":\"153214340\",\"post\":\"0\",\"tz\":\"-8\",\"srv\":\"github.blog\",\"hp\":\"vip\",\"j\":\"1:13.9.1\"}") ]); _stq.push([ "clickTrackerInit", "153214340", "0" ]); </script> </body> </html>