CINXE.COM
What is DevSecOps? · GitHub
<!DOCTYPE html> <html lang="en" data-color-mode="light" data-light-theme="light" data-dark-theme="dark" data-a11y-animated-images="system" data-a11y-link-underlines="true" > <head> <meta charset="utf-8"> <link rel="dns-prefetch" href="https://github.githubassets.com"> <link rel="dns-prefetch" href="https://avatars.githubusercontent.com"> <link rel="dns-prefetch" href="https://github-cloud.s3.amazonaws.com"> <link rel="dns-prefetch" href="https://user-images.githubusercontent.com/"> <link rel="preconnect" href="https://github.githubassets.com" crossorigin> <link rel="preconnect" href="https://avatars.githubusercontent.com"> <link rel="preload" href="https://github.githubassets.com/assets/global-banner-disable-f988792be49f.js" as="script" crossorigin> <link rel="preload" href="https://github.githubassets.com/assets/mona-sans-d1bf285e9b9b.woff2" as="font" type="font/woff2" crossorigin> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/light-3e154969b9f9.css" /><link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/dark-9c5b7a476542.css" /><link data-color-theme="light" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/light-3e154969b9f9.css" /><link data-color-theme="dark" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark-9c5b7a476542.css" /><link data-color-theme="dark_dimmed" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_dimmed-afda8eb0fb33.css" /><link data-color-theme="dark_high_contrast" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_high_contrast-2494e44ccdc5.css" /><link data-color-theme="dark_colorblind" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_colorblind-56fff47acadc.css" /><link data-color-theme="light_colorblind" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/light_colorblind-71cd4cc132ec.css" /><link data-color-theme="light_high_contrast" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/light_high_contrast-fd5499848985.css" /><link data-color-theme="light_tritanopia" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/light_tritanopia-31d17ba3e139.css" /><link data-color-theme="dark_tritanopia" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_tritanopia-68d6b2c79663.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/primer-primitives-4cf0d59ab51a.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/primer-af846850481e.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/global-e41ff91f8baa.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/github-d3b66f11d613.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/site-0293a3496b30.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/resources-94793b5b4d40.css" /> <script type="application/json" id="client-env">{"locale":"en","featureFlags":["copilot_new_references_ui","copilot_beta_features_opt_in","copilot_chat_static_thread_suggestions","copilot_conversational_ux_history_refs","copilot_implicit_context","copilot_smell_icebreaker_ux","experimentation_azure_variant_endpoint","failbot_handle_non_errors","geojson_azure_maps","ghost_pilot_confidence_truncation_25","ghost_pilot_confidence_truncation_40","hovercard_accessibility","issues_react_new_timeline","issues_react_avatar_refactor","issues_react_remove_placeholders","issues_react_cache_fix_workaround","issues_react_blur_item_picker_on_close","marketing_pages_search_explore_provider","remove_child_patch","sample_network_conn_type","site_metered_billing_update","issues_react_first_time_contribution_banner","jk_navigation_in_list_view","ui_commands_respect_modals","lifecycle_label_name_updates"]}</script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/wp-runtime-118ecaabd77e.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-aff936e590ed.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-740e4ddd559d.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-a46544e9ee5e.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/environment-cd35650c2e9c.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-53781cbc550f.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-6afc16-3cdfa69a0406.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-f5498b8d4e5d.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-492b5042c841.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1f651a-1e3d784c897c.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-7671f1-dc6cac136d88.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/github-elements-71486356f507.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/element-registry-e3ab8405ef80.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-6f3c4f0189d8.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-0b5e12-889cec8cf448.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-eae9df0dd562.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-18d1c91a7872.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-0e9fa537dc4f.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-c89801ebbe15.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/behaviors-93287f4de493.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/notifications-global-3366f6b6298e.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-bae876-7b3addcd24c5.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/marketing-b679596fd7f0.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/primer-react-765944243383.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/react-core-cd0a67881543.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-62da9f-54c0c921f04b.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-285fc29e9fa5.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_primer_react-brand_lib_index_js-node_modules_primer_live-region-element_-9942a0-de27d252afa0.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_contentful_rich-text-react-renderer_dist_rich-text-react-renderer_es5_js-1ac0d3-dbeda44e0ce1.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_contentful_rich-text-html-renderer_dist_rich-text-html-renderer_es5_js-b83fdb5d31e7.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-e1792bd5a31e.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_swp-core_lib_utils_images_ts-u-9e4972-2636adf4661d.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/resources-035285cd0f72.js"></script> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/primer-react.9fa170e9435ed4b922b9.module.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/resources.1157820b9572cf8d6ed2.module.css" /> <title>What is DevSecOps? · GitHub</title> <meta name="route-pattern" content="/resources/articles/:topic/:path(.:format)" data-turbo-transient> <meta name="route-controller" content="site_resources_articles" data-turbo-transient> <meta name="route-action" content="show" data-turbo-transient> <meta name="current-catalog-service-hash" content="3b3a86e94adb1936974b9e80c6c5c959f35b1d5f75b93677737ffa36daf92bbd"> <meta name="request-id" content="90FA:5C7C3:533336:5B0B22:6741F4D5" data-pjax-transient="true"/><meta name="html-safe-nonce" content="13e777697743ddd1472bd3d46a9ef2c1c05e63111d6979a49cbb2e24de643ec7" data-pjax-transient="true"/><meta name="visitor-payload" content="eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI5MEZBOjVDN0MzOjUzMzMzNjo1QjBCMjI6Njc0MUY0RDUiLCJ2aXNpdG9yX2lkIjoiNDgwNDA3MTkyOTA2MzUzNTgyOSIsInJlZ2lvbl9lZGdlIjoic291dGhlYXN0YXNpYSIsInJlZ2lvbl9yZW5kZXIiOiJzb3V0aGVhc3Rhc2lhIn0=" data-pjax-transient="true"/><meta name="visitor-hmac" content="785c64ef7742c066b3f74da786dc021c1494e457be25d8d1de56381f0318a7d1" data-pjax-transient="true"/> <meta name="github-keyboard-shortcuts" content="copilot" data-turbo-transient="true" /> <meta name="selected-link" value="/resources/articles/devops/devsecops" data-turbo-transient> <link rel="assets" href="https://github.githubassets.com/"> <meta name="google-site-verification" content="Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I"> <meta name="octolytics-url" content="https://collector.github.com/github/collect" /> <meta name="user-login" content=""> <meta name="viewport" content="width=device-width"> <meta name="description" content="DevSecOps combines development, security, and operations to automate security integration across all phases of the software development lifecycle (SDLC)."> <link rel="search" type="application/opensearchdescription+xml" href="/opensearch.xml" title="GitHub"> <link rel="fluid-icon" href="https://github.com/fluidicon.png" title="GitHub"> <meta property="fb:app_id" content="1401488693436528"> <meta name="apple-itunes-app" content="app-id=1477376905, app-argument=https://github.com/resources/articles/devops/devsecops" /> <meta name="twitter:image" content="https://images.ctfassets.net/8aevphvgewt8/6aEF0LnKI9Tjgv81ggzpCD/b1af8fd613a72ba9644ec3a1650d8b79/github-logo-productivity-theme.webp" /><meta name="twitter:site" content="@github" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="What is DevSecOps?" /><meta name="twitter:description" content="DevSecOps combines development, security, and operations to automate security integration across all phases of the software development lifecycle (SDLC)." /> <meta property="og:image" content="https://images.ctfassets.net/8aevphvgewt8/6aEF0LnKI9Tjgv81ggzpCD/b1af8fd613a72ba9644ec3a1650d8b79/github-logo-productivity-theme.webp" /><meta property="og:image:alt" content="DevSecOps combines development, security, and operations to automate security integration across all phases of the software development lifecycle (SDLC)." /><meta property="og:site_name" content="GitHub" /><meta property="og:type" content="object" /><meta property="og:title" content="What is DevSecOps?" /><meta property="og:url" content="https://github.com/resources/articles/devops/devsecops" /><meta property="og:description" content="DevSecOps combines development, security, and operations to automate security integration across all phases of the software development lifecycle (SDLC)." /> <meta name="hostname" content="github.com"> <meta name="expected-hostname" content="github.com"> <meta http-equiv="x-pjax-version" content="a42d925fc18d45bc8fa85aa1450e54bf1a2f16c20c74df952d87e47fd8f01f5a" data-turbo-track="reload"> <meta http-equiv="x-pjax-csp-version" content="f93828411aae0064e47190f8211490328b42fbdba5468d9b52a5ed2d1c8b40ce" data-turbo-track="reload"> <meta http-equiv="x-pjax-css-version" content="8968ee26e93ec8c6d3c4e91c77fb9d206091689d451ebbcddeca3832587a5b30" data-turbo-track="reload"> <meta http-equiv="x-pjax-js-version" content="c4972ae1cf5d4607c47252349fc1b47a24ff0ea303e5a8fbbe18ec27725a87ee" data-turbo-track="reload"> <meta name="turbo-cache-control" content="no-preview" data-turbo-transient=""> <meta name="turbo-cache-control" content="no-cache" data-turbo-transient> <meta name="is_logged_out_page" content="true"> <meta name="octolytics-page-type" content="marketing"> <meta name="octolytics-revenue-play" content="Security"> <link rel="canonical" href="https://github.com/resources/articles/devops/devsecops" data-turbo-transient> <meta name="turbo-body-classes" content="logged-out env-production page-responsive"> <meta name="browser-stats-url" content="https://api.github.com/_private/browser/stats"> <meta name="browser-errors-url" content="https://api.github.com/_private/browser/errors"> <link rel="mask-icon" href="https://github.githubassets.com/assets/pinned-octocat-093da3e6fa40.svg" color="#000000"> <link rel="alternate icon" class="js-site-favicon" type="image/png" href="https://github.githubassets.com/favicons/favicon.png"> <link rel="icon" class="js-site-favicon" type="image/svg+xml" href="https://github.githubassets.com/favicons/favicon.svg" data-base-href="https://github.githubassets.com/favicons/favicon"> <meta name="theme-color" content="#1e2327"> <meta name="color-scheme" content="light dark" /> <link rel="manifest" href="/manifest.json" crossOrigin="use-credentials"> </head> <body class="logged-out env-production page-responsive" style="word-wrap: break-word;" data-turbo="false"> <div data-turbo-body class="logged-out env-production page-responsive" style="word-wrap: break-word;"> <div class="position-relative header-wrapper js-header-wrapper "> <a href="#start-of-content" data-skip-target-assigned="false" class="px-2 py-4 color-bg-accent-emphasis color-fg-on-emphasis show-on-focus js-skip-to-content">Skip to content</a> <span data-view-component="true" class="progress-pjax-loader Progress position-fixed width-full"> <span style="width: 0%;" data-view-component="true" class="Progress-item progress-pjax-loader-bar left-0 top-0 color-bg-accent-emphasis"></span> </span> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-4896ddd4b7bb.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-d25fac54a6bc.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/keyboard-shortcuts-dialog-ed30662f9578.js"></script> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/primer-react.9fa170e9435ed4b922b9.module.css" /> <react-partial partial-name="keyboard-shortcuts-dialog" data-ssr="false" data-attempted-ssr="false" > <script type="application/json" data-target="react-partial.embeddedData">{"props":{"docsUrl":"https://docs.github.com/get-started/accessibility/keyboard-shortcuts"}}</script> <div data-target="react-partial.reactRoot"></div> </react-partial> <script type="text/javascript" src="https://github.githubassets.com/assets/global-banner-disable-f988792be49f.js" crossorigin></script> <active-global-banners data-banners=""></active-global-banners> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-cf3dd69d89eb.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/sessions-8fa3b694f335.js"></script> <header class="HeaderMktg header-logged-out js-details-container js-header Details f4 py-3" role="banner" data-is-top="true" data-color-mode=light data-light-theme=light data-dark-theme=dark> <h2 class="sr-only">Navigation Menu</h2> <button type="button" class="HeaderMktg-backdrop d-lg-none border-0 position-fixed top-0 left-0 width-full height-full js-details-target" aria-label="Toggle navigation"> <span class="d-none">Toggle navigation</span> </button> <div class="d-flex flex-column flex-lg-row flex-items-center px-3 px-md-4 px-lg-5 height-full position-relative z-1"> <div class="d-flex flex-justify-between flex-items-center width-full width-lg-auto"> <div class="flex-1"> <button aria-label="Toggle navigation" aria-expanded="false" type="button" data-view-component="true" class="js-details-target js-nav-padding-recalculate js-header-menu-toggle Button--link Button--medium Button d-lg-none color-fg-inherit p-1"> <span class="Button-content"> <span class="Button-label"><div class="HeaderMenu-toggle-bar rounded my-1"></div> <div class="HeaderMenu-toggle-bar rounded my-1"></div> <div class="HeaderMenu-toggle-bar rounded my-1"></div></span> </span> </button> </div> <a class="mr-lg-3 color-fg-inherit flex-order-2 js-prevent-focus-on-mobile-nav" href="/" aria-label="Homepage" data-analytics-event="{"category":"Marketing nav","action":"click to go to homepage","label":"ref_page:Marketing;ref_cta:Logomark;ref_loc:Header"}"> <svg height="32" aria-hidden="true" viewBox="0 0 24 24" version="1.1" width="32" data-view-component="true" class="octicon octicon-mark-github"> <path d="M12.5.75C6.146.75 1 5.896 1 12.25c0 5.089 3.292 9.387 7.863 10.91.575.101.79-.244.79-.546 0-.273-.014-1.178-.014-2.142-2.889.532-3.636-.704-3.866-1.35-.13-.331-.69-1.352-1.18-1.625-.402-.216-.977-.748-.014-.762.906-.014 1.553.834 1.769 1.179 1.035 1.74 2.688 1.25 3.349.948.1-.747.402-1.25.733-1.538-2.559-.287-5.232-1.279-5.232-5.678 0-1.25.445-2.285 1.178-3.09-.115-.288-.517-1.467.115-3.048 0 0 .963-.302 3.163 1.179.92-.259 1.897-.388 2.875-.388.977 0 1.955.13 2.875.388 2.2-1.495 3.162-1.179 3.162-1.179.633 1.581.23 2.76.115 3.048.733.805 1.179 1.825 1.179 3.09 0 4.413-2.688 5.39-5.247 5.678.417.36.776 1.05.776 2.128 0 1.538-.014 2.774-.014 3.162 0 .302.216.662.79.547C20.709 21.637 24 17.324 24 12.25 24 5.896 18.854.75 12.5.75Z"></path> </svg> </a> <div class="flex-1 flex-order-2 text-right"> <a href="/login?return_to=https%3A%2F%2Fgithub.com%2Fresources%2Farticles%2Fdevops%2Fdevsecops" class="HeaderMenu-link HeaderMenu-button d-inline-flex d-lg-none flex-order-1 f5 no-underline border color-border-default rounded-2 px-2 py-1 color-fg-inherit js-prevent-focus-on-mobile-nav" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"site header menu","repository_id":null,"auth_type":"SIGN_UP","originating_url":"https://github.com/resources/articles/devops/devsecops","user_id":null}}" data-hydro-click-hmac="d351781544c972973bb127b43d3eed6f67d978ae414fb5473e47bc4cf5e21b32" data-analytics-event="{"category":"Marketing nav","action":"click to Sign in","label":"ref_page:Marketing;ref_cta:Sign in;ref_loc:Header"}" > Sign in </a> </div> </div> <div class="HeaderMenu js-header-menu height-fit position-lg-relative d-lg-flex flex-column flex-auto top-0"> <div class="HeaderMenu-wrapper d-flex flex-column flex-self-start flex-lg-row flex-auto rounded rounded-lg-0"> <nav class="HeaderMenu-nav" aria-label="Global"> <ul class="d-lg-flex list-style-none"> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Product <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 pb-2 pb-lg-4 d-lg-flex flex-wrap dropdown-menu-wide"> <div class="HeaderMenu-column px-lg-4 border-lg-right mb-4 mb-lg-0 pr-lg-7"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0"> <ul class="list-style-none f5" > <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"github_copilot","context":"product","tag":"link","label":"github_copilot_link_product_navbar"}" href="https://github.com/features/copilot"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-copilot color-fg-subtle mr-3"> <path d="M23.922 16.992c-.861 1.495-5.859 5.023-11.922 5.023-6.063 0-11.061-3.528-11.922-5.023A.641.641 0 0 1 0 16.736v-2.869a.841.841 0 0 1 .053-.22c.372-.935 1.347-2.292 2.605-2.656.167-.429.414-1.055.644-1.517a10.195 10.195 0 0 1-.052-1.086c0-1.331.282-2.499 1.132-3.368.397-.406.89-.717 1.474-.952 1.399-1.136 3.392-2.093 6.122-2.093 2.731 0 4.767.957 6.166 2.093.584.235 1.077.546 1.474.952.85.869 1.132 2.037 1.132 3.368 0 .368-.014.733-.052 1.086.23.462.477 1.088.644 1.517 1.258.364 2.233 1.721 2.605 2.656a.832.832 0 0 1 .053.22v2.869a.641.641 0 0 1-.078.256ZM12.172 11h-.344a4.323 4.323 0 0 1-.355.508C10.703 12.455 9.555 13 7.965 13c-1.725 0-2.989-.359-3.782-1.259a2.005 2.005 0 0 1-.085-.104L4 11.741v6.585c1.435.779 4.514 2.179 8 2.179 3.486 0 6.565-1.4 8-2.179v-6.585l-.098-.104s-.033.045-.085.104c-.793.9-2.057 1.259-3.782 1.259-1.59 0-2.738-.545-3.508-1.492a4.323 4.323 0 0 1-.355-.508h-.016.016Zm.641-2.935c.136 1.057.403 1.913.878 2.497.442.544 1.134.938 2.344.938 1.573 0 2.292-.337 2.657-.751.384-.435.558-1.15.558-2.361 0-1.14-.243-1.847-.705-2.319-.477-.488-1.319-.862-2.824-1.025-1.487-.161-2.192.138-2.533.529-.269.307-.437.808-.438 1.578v.021c0 .265.021.562.063.893Zm-1.626 0c.042-.331.063-.628.063-.894v-.02c-.001-.77-.169-1.271-.438-1.578-.341-.391-1.046-.69-2.533-.529-1.505.163-2.347.537-2.824 1.025-.462.472-.705 1.179-.705 2.319 0 1.211.175 1.926.558 2.361.365.414 1.084.751 2.657.751 1.21 0 1.902-.394 2.344-.938.475-.584.742-1.44.878-2.497Z"></path><path d="M14.5 14.25a1 1 0 0 1 1 1v2a1 1 0 0 1-2 0v-2a1 1 0 0 1 1-1Zm-5 0a1 1 0 0 1 1 1v2a1 1 0 0 1-2 0v-2a1 1 0 0 1 1-1Z"></path> </svg> <div> <div class="color-fg-default h4">GitHub Copilot</div> Write better code with AI </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"security","context":"product","tag":"link","label":"security_link_product_navbar"}" href="https://github.com/features/security"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-shield-check color-fg-subtle mr-3"> <path d="M16.53 9.78a.75.75 0 0 0-1.06-1.06L11 13.19l-1.97-1.97a.75.75 0 0 0-1.06 1.06l2.5 2.5a.75.75 0 0 0 1.06 0l5-5Z"></path><path d="m12.54.637 8.25 2.675A1.75 1.75 0 0 1 22 4.976V10c0 6.19-3.771 10.704-9.401 12.83a1.704 1.704 0 0 1-1.198 0C5.77 20.705 2 16.19 2 10V4.976c0-.758.489-1.43 1.21-1.664L11.46.637a1.748 1.748 0 0 1 1.08 0Zm-.617 1.426-8.25 2.676a.249.249 0 0 0-.173.237V10c0 5.46 3.28 9.483 8.43 11.426a.199.199 0 0 0 .14 0C17.22 19.483 20.5 15.461 20.5 10V4.976a.25.25 0 0 0-.173-.237l-8.25-2.676a.253.253 0 0 0-.154 0Z"></path> </svg> <div> <div class="color-fg-default h4">Security</div> Find and fix vulnerabilities </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"actions","context":"product","tag":"link","label":"actions_link_product_navbar"}" href="https://github.com/features/actions"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-workflow color-fg-subtle mr-3"> <path d="M1 3a2 2 0 0 1 2-2h6.5a2 2 0 0 1 2 2v6.5a2 2 0 0 1-2 2H7v4.063C7 16.355 7.644 17 8.438 17H12.5v-2.5a2 2 0 0 1 2-2H21a2 2 0 0 1 2 2V21a2 2 0 0 1-2 2h-6.5a2 2 0 0 1-2-2v-2.5H8.437A2.939 2.939 0 0 1 5.5 15.562V11.5H3a2 2 0 0 1-2-2Zm2-.5a.5.5 0 0 0-.5.5v6.5a.5.5 0 0 0 .5.5h6.5a.5.5 0 0 0 .5-.5V3a.5.5 0 0 0-.5-.5ZM14.5 14a.5.5 0 0 0-.5.5V21a.5.5 0 0 0 .5.5H21a.5.5 0 0 0 .5-.5v-6.5a.5.5 0 0 0-.5-.5Z"></path> </svg> <div> <div class="color-fg-default h4">Actions</div> Automate any workflow </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"codespaces","context":"product","tag":"link","label":"codespaces_link_product_navbar"}" href="https://github.com/features/codespaces"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-codespaces color-fg-subtle mr-3"> <path d="M3.5 3.75C3.5 2.784 4.284 2 5.25 2h13.5c.966 0 1.75.784 1.75 1.75v7.5A1.75 1.75 0 0 1 18.75 13H5.25a1.75 1.75 0 0 1-1.75-1.75Zm-2 12c0-.966.784-1.75 1.75-1.75h17.5c.966 0 1.75.784 1.75 1.75v4a1.75 1.75 0 0 1-1.75 1.75H3.25a1.75 1.75 0 0 1-1.75-1.75ZM5.25 3.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h13.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Zm-2 12a.25.25 0 0 0-.25.25v4c0 .138.112.25.25.25h17.5a.25.25 0 0 0 .25-.25v-4a.25.25 0 0 0-.25-.25Z"></path><path d="M10 17.75a.75.75 0 0 1 .75-.75h6.5a.75.75 0 0 1 0 1.5h-6.5a.75.75 0 0 1-.75-.75Zm-4 0a.75.75 0 0 1 .75-.75h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1-.75-.75Z"></path> </svg> <div> <div class="color-fg-default h4">Codespaces</div> Instant dev environments </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"issues","context":"product","tag":"link","label":"issues_link_product_navbar"}" href="https://github.com/features/issues"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-issue-opened color-fg-subtle mr-3"> <path d="M12 1c6.075 0 11 4.925 11 11s-4.925 11-11 11S1 18.075 1 12 5.925 1 12 1ZM2.5 12a9.5 9.5 0 0 0 9.5 9.5 9.5 9.5 0 0 0 9.5-9.5A9.5 9.5 0 0 0 12 2.5 9.5 9.5 0 0 0 2.5 12Zm9.5 2a2 2 0 1 1-.001-3.999A2 2 0 0 1 12 14Z"></path> </svg> <div> <div class="color-fg-default h4">Issues</div> Plan and track work </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"code_review","context":"product","tag":"link","label":"code_review_link_product_navbar"}" href="https://github.com/features/code-review"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-code-review color-fg-subtle mr-3"> <path d="M10.3 6.74a.75.75 0 0 1-.04 1.06l-2.908 2.7 2.908 2.7a.75.75 0 1 1-1.02 1.1l-3.5-3.25a.75.75 0 0 1 0-1.1l3.5-3.25a.75.75 0 0 1 1.06.04Zm3.44 1.06a.75.75 0 1 1 1.02-1.1l3.5 3.25a.75.75 0 0 1 0 1.1l-3.5 3.25a.75.75 0 1 1-1.02-1.1l2.908-2.7-2.908-2.7Z"></path><path d="M1.5 4.25c0-.966.784-1.75 1.75-1.75h17.5c.966 0 1.75.784 1.75 1.75v12.5a1.75 1.75 0 0 1-1.75 1.75h-9.69l-3.573 3.573A1.458 1.458 0 0 1 5 21.043V18.5H3.25a1.75 1.75 0 0 1-1.75-1.75ZM3.25 4a.25.25 0 0 0-.25.25v12.5c0 .138.112.25.25.25h2.5a.75.75 0 0 1 .75.75v3.19l3.72-3.72a.749.749 0 0 1 .53-.22h10a.25.25 0 0 0 .25-.25V4.25a.25.25 0 0 0-.25-.25Z"></path> </svg> <div> <div class="color-fg-default h4">Code Review</div> Manage code changes </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"discussions","context":"product","tag":"link","label":"discussions_link_product_navbar"}" href="https://github.com/features/discussions"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-comment-discussion color-fg-subtle mr-3"> <path d="M1.75 1h12.5c.966 0 1.75.784 1.75 1.75v9.5A1.75 1.75 0 0 1 14.25 14H8.061l-2.574 2.573A1.458 1.458 0 0 1 3 15.543V14H1.75A1.75 1.75 0 0 1 0 12.25v-9.5C0 1.784.784 1 1.75 1ZM1.5 2.75v9.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h6.5a.25.25 0 0 0 .25-.25v-9.5a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25Z"></path><path d="M22.5 8.75a.25.25 0 0 0-.25-.25h-3.5a.75.75 0 0 1 0-1.5h3.5c.966 0 1.75.784 1.75 1.75v9.5A1.75 1.75 0 0 1 22.25 20H21v1.543a1.457 1.457 0 0 1-2.487 1.03L15.939 20H10.75A1.75 1.75 0 0 1 9 18.25v-1.465a.75.75 0 0 1 1.5 0v1.465c0 .138.112.25.25.25h5.5a.75.75 0 0 1 .53.22l2.72 2.72v-2.19a.75.75 0 0 1 .75-.75h2a.25.25 0 0 0 .25-.25v-9.5Z"></path> </svg> <div> <div class="color-fg-default h4">Discussions</div> Collaborate outside of code </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"code_search","context":"product","tag":"link","label":"code_search_link_product_navbar"}" href="https://github.com/features/code-search"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-code-square color-fg-subtle mr-3"> <path d="M10.3 8.24a.75.75 0 0 1-.04 1.06L7.352 12l2.908 2.7a.75.75 0 1 1-1.02 1.1l-3.5-3.25a.75.75 0 0 1 0-1.1l3.5-3.25a.75.75 0 0 1 1.06.04Zm3.44 1.06a.75.75 0 1 1 1.02-1.1l3.5 3.25a.75.75 0 0 1 0 1.1l-3.5 3.25a.75.75 0 1 1-1.02-1.1l2.908-2.7-2.908-2.7Z"></path><path d="M2 3.75C2 2.784 2.784 2 3.75 2h16.5c.966 0 1.75.784 1.75 1.75v16.5A1.75 1.75 0 0 1 20.25 22H3.75A1.75 1.75 0 0 1 2 20.25Zm1.75-.25a.25.25 0 0 0-.25.25v16.5c0 .138.112.25.25.25h16.5a.25.25 0 0 0 .25-.25V3.75a.25.25 0 0 0-.25-.25Z"></path> </svg> <div> <div class="color-fg-default h4">Code Search</div> Find more, search less </div> </a></li> </ul> </div> </div> <div class="HeaderMenu-column px-lg-4"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0 border-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="product-explore-heading">Explore</span> <ul class="list-style-none f5" aria-labelledby="product-explore-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"all_features","context":"product","tag":"link","label":"all_features_link_product_navbar"}" href="https://github.com/features"> All features </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"documentation","context":"product","tag":"link","label":"documentation_link_product_navbar"}" href="https://docs.github.com"> Documentation <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"github_skills","context":"product","tag":"link","label":"github_skills_link_product_navbar"}" href="https://skills.github.com"> GitHub Skills <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"blog","context":"product","tag":"link","label":"blog_link_product_navbar"}" href="https://github.blog"> Blog <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> </ul> </div> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Solutions <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 d-lg-flex flex-wrap dropdown-menu-wide"> <div class="HeaderMenu-column px-lg-4 border-lg-right mb-4 mb-lg-0 pr-lg-7"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0 pb-lg-3 mb-3 mb-lg-0"> <span class="d-block h4 color-fg-default my-1" id="solutions-by-company-size-heading">By company size</span> <ul class="list-style-none f5" aria-labelledby="solutions-by-company-size-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"enterprises","context":"solutions","tag":"link","label":"enterprises_link_solutions_navbar"}" href="https://github.com/enterprise"> Enterprises </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"small_and_medium_teams","context":"solutions","tag":"link","label":"small_and_medium_teams_link_solutions_navbar"}" href="https://github.com/team"> Small and medium teams </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"startups","context":"solutions","tag":"link","label":"startups_link_solutions_navbar"}" href="https://github.com/enterprise/startups"> Startups </a></li> </ul> </div> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="solutions-by-use-case-heading">By use case</span> <ul class="list-style-none f5" aria-labelledby="solutions-by-use-case-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"devsecops","context":"solutions","tag":"link","label":"devsecops_link_solutions_navbar"}" href="/solutions/use-case/devsecops"> DevSecOps </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"devops","context":"solutions","tag":"link","label":"devops_link_solutions_navbar"}" href="/solutions/use-case/devops"> DevOps </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"ci_cd","context":"solutions","tag":"link","label":"ci_cd_link_solutions_navbar"}" href="/solutions/use-case/ci-cd"> CI/CD </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"view_all_use_cases","context":"solutions","tag":"link","label":"view_all_use_cases_link_solutions_navbar"}" href="/solutions/use-case"> View all use cases </a></li> </ul> </div> </div> <div class="HeaderMenu-column px-lg-4"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="solutions-by-industry-heading">By industry</span> <ul class="list-style-none f5" aria-labelledby="solutions-by-industry-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"healthcare","context":"solutions","tag":"link","label":"healthcare_link_solutions_navbar"}" href="/solutions/industry/healthcare"> Healthcare </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"financial_services","context":"solutions","tag":"link","label":"financial_services_link_solutions_navbar"}" href="/solutions/industry/financial-services"> Financial services </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"manufacturing","context":"solutions","tag":"link","label":"manufacturing_link_solutions_navbar"}" href="/solutions/industry/manufacturing"> Manufacturing </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"government","context":"solutions","tag":"link","label":"government_link_solutions_navbar"}" href="/solutions/industry/government"> Government </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"view_all_industries","context":"solutions","tag":"link","label":"view_all_industries_link_solutions_navbar"}" href="/solutions/industry"> View all industries </a></li> </ul> </div> </div> <div class="HeaderMenu-trailing-link rounded-bottom-2 flex-shrink-0 mt-lg-4 px-lg-4 py-4 py-lg-3 f5 text-semibold"> <a href="/solutions"> View all solutions <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-right HeaderMenu-trailing-link-icon"> <path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path> </svg> </a> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Resources <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 pb-2 pb-lg-4 d-lg-flex flex-wrap dropdown-menu-wide"> <div class="HeaderMenu-column px-lg-4 border-lg-right mb-4 mb-lg-0 pr-lg-7"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="resources-topics-heading">Topics</span> <ul class="list-style-none f5" aria-labelledby="resources-topics-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"ai","context":"resources","tag":"link","label":"ai_link_resources_navbar"}" href="/resources/articles/ai"> AI </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"devops","context":"resources","tag":"link","label":"devops_link_resources_navbar"}" href="/resources/articles/devops"> DevOps </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"security","context":"resources","tag":"link","label":"security_link_resources_navbar"}" href="/resources/articles/security"> Security </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"software_development","context":"resources","tag":"link","label":"software_development_link_resources_navbar"}" href="/resources/articles/software-development"> Software Development </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"view_all","context":"resources","tag":"link","label":"view_all_link_resources_navbar"}" href="/resources/articles"> View all </a></li> </ul> </div> </div> <div class="HeaderMenu-column px-lg-4"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0 border-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="resources-explore-heading">Explore</span> <ul class="list-style-none f5" aria-labelledby="resources-explore-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"learning_pathways","context":"resources","tag":"link","label":"learning_pathways_link_resources_navbar"}" href="https://resources.github.com/learn/pathways"> Learning Pathways <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"white_papers_ebooks_webinars","context":"resources","tag":"link","label":"white_papers_ebooks_webinars_link_resources_navbar"}" href="https://resources.github.com"> White papers, Ebooks, Webinars <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"customer_stories","context":"resources","tag":"link","label":"customer_stories_link_resources_navbar"}" href="https://github.com/customer-stories"> Customer Stories </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"partners","context":"resources","tag":"link","label":"partners_link_resources_navbar"}" href="https://partner.github.com"> Partners <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> </ul> </div> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Open Source <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 pb-2 pb-lg-4 px-lg-4"> <div class="HeaderMenu-column"> <div class="border-bottom pb-3 pb-lg-0 pb-lg-3 mb-3 mb-lg-0 mb-lg-3"> <ul class="list-style-none f5" > <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"github_sponsors","context":"open_source","tag":"link","label":"github_sponsors_link_open_source_navbar"}" href="/sponsors"> <div> <div class="color-fg-default h4">GitHub Sponsors</div> Fund open source developers </div> </a></li> </ul> </div> <div class="border-bottom pb-3 pb-lg-0 pb-lg-3 mb-3 mb-lg-0 mb-lg-3"> <ul class="list-style-none f5" > <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"the_readme_project","context":"open_source","tag":"link","label":"the_readme_project_link_open_source_navbar"}" href="https://github.com/readme"> <div> <div class="color-fg-default h4">The ReadME Project</div> GitHub community articles </div> </a></li> </ul> </div> <div class="border-bottom pb-3 pb-lg-0 border-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="open-source-repositories-heading">Repositories</span> <ul class="list-style-none f5" aria-labelledby="open-source-repositories-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"topics","context":"open_source","tag":"link","label":"topics_link_open_source_navbar"}" href="https://github.com/topics"> Topics </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"trending","context":"open_source","tag":"link","label":"trending_link_open_source_navbar"}" href="https://github.com/trending"> Trending </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"collections","context":"open_source","tag":"link","label":"collections_link_open_source_navbar"}" href="https://github.com/collections"> Collections </a></li> </ul> </div> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Enterprise <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 pb-2 pb-lg-4 px-lg-4"> <div class="HeaderMenu-column"> <div class="border-bottom pb-3 pb-lg-0 pb-lg-3 mb-3 mb-lg-0 mb-lg-3"> <ul class="list-style-none f5" > <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"enterprise_platform","context":"enterprise","tag":"link","label":"enterprise_platform_link_enterprise_navbar"}" href="/enterprise"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-stack color-fg-subtle mr-3"> <path d="M11.063 1.456a1.749 1.749 0 0 1 1.874 0l8.383 5.316a1.751 1.751 0 0 1 0 2.956l-8.383 5.316a1.749 1.749 0 0 1-1.874 0L2.68 9.728a1.751 1.751 0 0 1 0-2.956Zm1.071 1.267a.25.25 0 0 0-.268 0L3.483 8.039a.25.25 0 0 0 0 .422l8.383 5.316a.25.25 0 0 0 .268 0l8.383-5.316a.25.25 0 0 0 0-.422Z"></path><path d="M1.867 12.324a.75.75 0 0 1 1.035-.232l8.964 5.685a.25.25 0 0 0 .268 0l8.964-5.685a.75.75 0 0 1 .804 1.267l-8.965 5.685a1.749 1.749 0 0 1-1.874 0l-8.965-5.685a.75.75 0 0 1-.231-1.035Z"></path><path d="M1.867 16.324a.75.75 0 0 1 1.035-.232l8.964 5.685a.25.25 0 0 0 .268 0l8.964-5.685a.75.75 0 0 1 .804 1.267l-8.965 5.685a1.749 1.749 0 0 1-1.874 0l-8.965-5.685a.75.75 0 0 1-.231-1.035Z"></path> </svg> <div> <div class="color-fg-default h4">Enterprise platform</div> AI-powered developer platform </div> </a></li> </ul> </div> <div class="border-bottom pb-3 pb-lg-0 border-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="enterprise-available-add-ons-heading">Available add-ons</span> <ul class="list-style-none f5" aria-labelledby="enterprise-available-add-ons-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"advanced_security","context":"enterprise","tag":"link","label":"advanced_security_link_enterprise_navbar"}" href="https://github.com/enterprise/advanced-security"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-shield-check color-fg-subtle mr-3"> <path d="M16.53 9.78a.75.75 0 0 0-1.06-1.06L11 13.19l-1.97-1.97a.75.75 0 0 0-1.06 1.06l2.5 2.5a.75.75 0 0 0 1.06 0l5-5Z"></path><path d="m12.54.637 8.25 2.675A1.75 1.75 0 0 1 22 4.976V10c0 6.19-3.771 10.704-9.401 12.83a1.704 1.704 0 0 1-1.198 0C5.77 20.705 2 16.19 2 10V4.976c0-.758.489-1.43 1.21-1.664L11.46.637a1.748 1.748 0 0 1 1.08 0Zm-.617 1.426-8.25 2.676a.249.249 0 0 0-.173.237V10c0 5.46 3.28 9.483 8.43 11.426a.199.199 0 0 0 .14 0C17.22 19.483 20.5 15.461 20.5 10V4.976a.25.25 0 0 0-.173-.237l-8.25-2.676a.253.253 0 0 0-.154 0Z"></path> </svg> <div> <div class="color-fg-default h4">Advanced Security</div> Enterprise-grade security features </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"github_copilot","context":"enterprise","tag":"link","label":"github_copilot_link_enterprise_navbar"}" href="/features/copilot#enterprise"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-copilot color-fg-subtle mr-3"> <path d="M23.922 16.992c-.861 1.495-5.859 5.023-11.922 5.023-6.063 0-11.061-3.528-11.922-5.023A.641.641 0 0 1 0 16.736v-2.869a.841.841 0 0 1 .053-.22c.372-.935 1.347-2.292 2.605-2.656.167-.429.414-1.055.644-1.517a10.195 10.195 0 0 1-.052-1.086c0-1.331.282-2.499 1.132-3.368.397-.406.89-.717 1.474-.952 1.399-1.136 3.392-2.093 6.122-2.093 2.731 0 4.767.957 6.166 2.093.584.235 1.077.546 1.474.952.85.869 1.132 2.037 1.132 3.368 0 .368-.014.733-.052 1.086.23.462.477 1.088.644 1.517 1.258.364 2.233 1.721 2.605 2.656a.832.832 0 0 1 .053.22v2.869a.641.641 0 0 1-.078.256ZM12.172 11h-.344a4.323 4.323 0 0 1-.355.508C10.703 12.455 9.555 13 7.965 13c-1.725 0-2.989-.359-3.782-1.259a2.005 2.005 0 0 1-.085-.104L4 11.741v6.585c1.435.779 4.514 2.179 8 2.179 3.486 0 6.565-1.4 8-2.179v-6.585l-.098-.104s-.033.045-.085.104c-.793.9-2.057 1.259-3.782 1.259-1.59 0-2.738-.545-3.508-1.492a4.323 4.323 0 0 1-.355-.508h-.016.016Zm.641-2.935c.136 1.057.403 1.913.878 2.497.442.544 1.134.938 2.344.938 1.573 0 2.292-.337 2.657-.751.384-.435.558-1.15.558-2.361 0-1.14-.243-1.847-.705-2.319-.477-.488-1.319-.862-2.824-1.025-1.487-.161-2.192.138-2.533.529-.269.307-.437.808-.438 1.578v.021c0 .265.021.562.063.893Zm-1.626 0c.042-.331.063-.628.063-.894v-.02c-.001-.77-.169-1.271-.438-1.578-.341-.391-1.046-.69-2.533-.529-1.505.163-2.347.537-2.824 1.025-.462.472-.705 1.179-.705 2.319 0 1.211.175 1.926.558 2.361.365.414 1.084.751 2.657.751 1.21 0 1.902-.394 2.344-.938.475-.584.742-1.44.878-2.497Z"></path><path d="M14.5 14.25a1 1 0 0 1 1 1v2a1 1 0 0 1-2 0v-2a1 1 0 0 1 1-1Zm-5 0a1 1 0 0 1 1 1v2a1 1 0 0 1-2 0v-2a1 1 0 0 1 1-1Z"></path> </svg> <div> <div class="color-fg-default h4">GitHub Copilot</div> Enterprise-grade AI features </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"premium_support","context":"enterprise","tag":"link","label":"premium_support_link_enterprise_navbar"}" href="/premium-support"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-comment-discussion color-fg-subtle mr-3"> <path d="M1.75 1h12.5c.966 0 1.75.784 1.75 1.75v9.5A1.75 1.75 0 0 1 14.25 14H8.061l-2.574 2.573A1.458 1.458 0 0 1 3 15.543V14H1.75A1.75 1.75 0 0 1 0 12.25v-9.5C0 1.784.784 1 1.75 1ZM1.5 2.75v9.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h6.5a.25.25 0 0 0 .25-.25v-9.5a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25Z"></path><path d="M22.5 8.75a.25.25 0 0 0-.25-.25h-3.5a.75.75 0 0 1 0-1.5h3.5c.966 0 1.75.784 1.75 1.75v9.5A1.75 1.75 0 0 1 22.25 20H21v1.543a1.457 1.457 0 0 1-2.487 1.03L15.939 20H10.75A1.75 1.75 0 0 1 9 18.25v-1.465a.75.75 0 0 1 1.5 0v1.465c0 .138.112.25.25.25h5.5a.75.75 0 0 1 .53.22l2.72 2.72v-2.19a.75.75 0 0 1 .75-.75h2a.25.25 0 0 0 .25-.25v-9.5Z"></path> </svg> <div> <div class="color-fg-default h4">Premium Support</div> Enterprise-grade 24/7 support </div> </a></li> </ul> </div> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <a class="HeaderMenu-link no-underline px-0 px-lg-2 py-3 py-lg-2 d-block d-lg-inline-block" data-analytics-event="{"location":"navbar","action":"pricing","context":"global","tag":"link","label":"pricing_link_global_navbar"}" href="https://github.com/pricing">Pricing</a> </li> </ul> </nav> <div class="d-flex flex-column flex-lg-row width-full flex-justify-end flex-lg-items-center text-center mt-3 mt-lg-0 text-lg-left ml-lg-3"> <qbsearch-input class="search-input" data-scope="" data-custom-scopes-path="/search/custom_scopes" data-delete-custom-scopes-csrf="fVGNc7sf1dRgGBBz11p3-AtQ_WEpn7TjNa6gadwfCtp9Fju-GQ-8jGbWo1kY3HfxNHHamokLNrl8diDLgCpLqg" data-max-custom-scopes="10" data-header-redesign-enabled="false" data-initial-value="" data-blackbird-suggestions-path="/search/suggestions" data-jump-to-suggestions-path="/_graphql/GetSuggestedNavigationDestinations" data-current-repository="" data-current-org="" data-current-owner="" data-logged-in="false" data-copilot-chat-enabled="false" data-nl-search-enabled="false" data-retain-scroll-position="true"> <div class="search-input-container search-with-dialog position-relative d-flex flex-row flex-items-center mr-4 rounded" data-action="click:qbsearch-input#searchInputContainerClicked" > <button type="button" class="header-search-button placeholder input-button form-control d-flex flex-1 flex-self-stretch flex-items-center no-wrap width-full py-0 pl-2 pr-0 text-left border-0 box-shadow-none" data-target="qbsearch-input.inputButton" aria-label="Search or jump to…" aria-haspopup="dialog" placeholder="Search or jump to..." data-hotkey=s,/ autocapitalize="off" data-analytics-event="{"location":"navbar","action":"searchbar","context":"global","tag":"input","label":"searchbar_input_global_navbar"}" data-action="click:qbsearch-input#handleExpand" > <div class="mr-2 color-fg-muted"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search"> <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path> </svg> </div> <span class="flex-1" data-target="qbsearch-input.inputButtonText">Search or jump to...</span> <div class="d-flex" data-target="qbsearch-input.hotkeyIndicator"> <svg xmlns="http://www.w3.org/2000/svg" width="22" height="20" aria-hidden="true" class="mr-1"><path fill="none" stroke="#979A9C" opacity=".4" d="M3.5.5h12c1.7 0 3 1.3 3 3v13c0 1.7-1.3 3-3 3h-12c-1.7 0-3-1.3-3-3v-13c0-1.7 1.3-3 3-3z"></path><path fill="#979A9C" d="M11.8 6L8 15.1h-.9L10.8 6h1z"></path></svg> </div> </button> <input type="hidden" name="type" class="js-site-search-type-field"> <div class="Overlay--hidden " data-modal-dialog-overlay> <modal-dialog data-action="close:qbsearch-input#handleClose cancel:qbsearch-input#handleClose" data-target="qbsearch-input.searchSuggestionsDialog" role="dialog" id="search-suggestions-dialog" aria-modal="true" aria-labelledby="search-suggestions-dialog-header" data-view-component="true" class="Overlay Overlay--width-large Overlay--height-auto"> <h1 id="search-suggestions-dialog-header" class="sr-only">Search code, repositories, users, issues, pull requests...</h1> <div class="Overlay-body Overlay-body--paddingNone"> <div data-view-component="true"> <div class="search-suggestions position-fixed width-full color-shadow-large border color-fg-default color-bg-default overflow-hidden d-flex flex-column query-builder-container" style="border-radius: 12px;" data-target="qbsearch-input.queryBuilderContainer" hidden > <!-- '"` --><!-- </textarea></xmp> --></option></form><form id="query-builder-test-form" action="" accept-charset="UTF-8" method="get"> <query-builder data-target="qbsearch-input.queryBuilder" id="query-builder-query-builder-test" data-filter-key=":" data-view-component="true" class="QueryBuilder search-query-builder"> <div class="FormControl FormControl--fullWidth"> <label id="query-builder-test-label" for="query-builder-test" class="FormControl-label sr-only"> Search </label> <div class="QueryBuilder-StyledInput width-fit " data-target="query-builder.styledInput" > <span id="query-builder-test-leadingvisual-wrap" class="FormControl-input-leadingVisualWrap QueryBuilder-leadingVisualWrap"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search FormControl-input-leadingVisual"> <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path> </svg> </span> <div data-target="query-builder.styledInputContainer" class="QueryBuilder-StyledInputContainer"> <div aria-hidden="true" class="QueryBuilder-StyledInputContent" data-target="query-builder.styledInputContent" ></div> <div class="QueryBuilder-InputWrapper"> <div aria-hidden="true" class="QueryBuilder-Sizer" data-target="query-builder.sizer"></div> <input id="query-builder-test" name="query-builder-test" value="" autocomplete="off" type="text" role="combobox" spellcheck="false" aria-expanded="false" aria-describedby="validation-5b816fa3-e128-49cb-a93b-44e550fe6c9c" data-target="query-builder.input" data-action=" input:query-builder#inputChange blur:query-builder#inputBlur keydown:query-builder#inputKeydown focus:query-builder#inputFocus " data-view-component="true" class="FormControl-input QueryBuilder-Input FormControl-medium" /> </div> </div> <span class="sr-only" id="query-builder-test-clear">Clear</span> <button role="button" id="query-builder-test-clear-button" aria-labelledby="query-builder-test-clear query-builder-test-label" data-target="query-builder.clearButton" data-action=" click:query-builder#clear focus:query-builder#clearButtonFocus blur:query-builder#clearButtonBlur " variant="small" hidden="hidden" type="button" data-view-component="true" class="Button Button--iconOnly Button--invisible Button--medium mr-1 px-2 py-0 d-flex flex-items-center rounded-1 color-fg-muted"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x-circle-fill Button-visual"> <path d="M2.343 13.657A8 8 0 1 1 13.658 2.343 8 8 0 0 1 2.343 13.657ZM6.03 4.97a.751.751 0 0 0-1.042.018.751.751 0 0 0-.018 1.042L6.94 8 4.97 9.97a.749.749 0 0 0 .326 1.275.749.749 0 0 0 .734-.215L8 9.06l1.97 1.97a.749.749 0 0 0 1.275-.326.749.749 0 0 0-.215-.734L9.06 8l1.97-1.97a.749.749 0 0 0-.326-1.275.749.749 0 0 0-.734.215L8 6.94Z"></path> </svg> </button> </div> <template id="search-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search"> <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path> </svg> </template> <template id="code-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code"> <path d="m11.28 3.22 4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L13.94 8l-3.72-3.72a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215Zm-6.56 0a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L2.06 8l3.72 3.72a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L.47 8.53a.75.75 0 0 1 0-1.06Z"></path> </svg> </template> <template id="file-code-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-file-code"> <path d="M4 1.75C4 .784 4.784 0 5.75 0h5.586c.464 0 .909.184 1.237.513l2.914 2.914c.329.328.513.773.513 1.237v8.586A1.75 1.75 0 0 1 14.25 15h-9a.75.75 0 0 1 0-1.5h9a.25.25 0 0 0 .25-.25V6h-2.75A1.75 1.75 0 0 1 10 4.25V1.5H5.75a.25.25 0 0 0-.25.25v2.5a.75.75 0 0 1-1.5 0Zm1.72 4.97a.75.75 0 0 1 1.06 0l2 2a.75.75 0 0 1 0 1.06l-2 2a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734l1.47-1.47-1.47-1.47a.75.75 0 0 1 0-1.06ZM3.28 7.78 1.81 9.25l1.47 1.47a.751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018l-2-2a.75.75 0 0 1 0-1.06l2-2a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042Zm8.22-6.218V4.25c0 .138.112.25.25.25h2.688l-.011-.013-2.914-2.914-.013-.011Z"></path> </svg> </template> <template id="history-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-history"> <path d="m.427 1.927 1.215 1.215a8.002 8.002 0 1 1-1.6 5.685.75.75 0 1 1 1.493-.154 6.5 6.5 0 1 0 1.18-4.458l1.358 1.358A.25.25 0 0 1 3.896 6H.25A.25.25 0 0 1 0 5.75V2.104a.25.25 0 0 1 .427-.177ZM7.75 4a.75.75 0 0 1 .75.75v2.992l2.028.812a.75.75 0 0 1-.557 1.392l-2.5-1A.751.751 0 0 1 7 8.25v-3.5A.75.75 0 0 1 7.75 4Z"></path> </svg> </template> <template id="repo-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-repo"> <path d="M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z"></path> </svg> </template> <template id="bookmark-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-bookmark"> <path d="M3 2.75C3 1.784 3.784 1 4.75 1h6.5c.966 0 1.75.784 1.75 1.75v11.5a.75.75 0 0 1-1.227.579L8 11.722l-3.773 3.107A.751.751 0 0 1 3 14.25Zm1.75-.25a.25.25 0 0 0-.25.25v9.91l3.023-2.489a.75.75 0 0 1 .954 0l3.023 2.49V2.75a.25.25 0 0 0-.25-.25Z"></path> </svg> </template> <template id="plus-circle-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-plus-circle"> <path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Zm7.25-3.25v2.5h2.5a.75.75 0 0 1 0 1.5h-2.5v2.5a.75.75 0 0 1-1.5 0v-2.5h-2.5a.75.75 0 0 1 0-1.5h2.5v-2.5a.75.75 0 0 1 1.5 0Z"></path> </svg> </template> <template id="circle-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-dot-fill"> <path d="M8 4a4 4 0 1 1 0 8 4 4 0 0 1 0-8Z"></path> </svg> </template> <template id="trash-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-trash"> <path d="M11 1.75V3h2.25a.75.75 0 0 1 0 1.5H2.75a.75.75 0 0 1 0-1.5H5V1.75C5 .784 5.784 0 6.75 0h2.5C10.216 0 11 .784 11 1.75ZM4.496 6.675l.66 6.6a.25.25 0 0 0 .249.225h5.19a.25.25 0 0 0 .249-.225l.66-6.6a.75.75 0 0 1 1.492.149l-.66 6.6A1.748 1.748 0 0 1 10.595 15h-5.19a1.75 1.75 0 0 1-1.741-1.575l-.66-6.6a.75.75 0 1 1 1.492-.15ZM6.5 1.75V3h3V1.75a.25.25 0 0 0-.25-.25h-2.5a.25.25 0 0 0-.25.25Z"></path> </svg> </template> <template id="team-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-people"> <path d="M2 5.5a3.5 3.5 0 1 1 5.898 2.549 5.508 5.508 0 0 1 3.034 4.084.75.75 0 1 1-1.482.235 4 4 0 0 0-7.9 0 .75.75 0 0 1-1.482-.236A5.507 5.507 0 0 1 3.102 8.05 3.493 3.493 0 0 1 2 5.5ZM11 4a3.001 3.001 0 0 1 2.22 5.018 5.01 5.01 0 0 1 2.56 3.012.749.749 0 0 1-.885.954.752.752 0 0 1-.549-.514 3.507 3.507 0 0 0-2.522-2.372.75.75 0 0 1-.574-.73v-.352a.75.75 0 0 1 .416-.672A1.5 1.5 0 0 0 11 5.5.75.75 0 0 1 11 4Zm-5.5-.5a2 2 0 1 0-.001 3.999A2 2 0 0 0 5.5 3.5Z"></path> </svg> </template> <template id="project-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-project"> <path d="M1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0ZM1.5 1.75v12.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25ZM11.75 3a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75Zm-8.25.75a.75.75 0 0 1 1.5 0v5.5a.75.75 0 0 1-1.5 0ZM8 3a.75.75 0 0 1 .75.75v3.5a.75.75 0 0 1-1.5 0v-3.5A.75.75 0 0 1 8 3Z"></path> </svg> </template> <template id="pencil-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-pencil"> <path d="M11.013 1.427a1.75 1.75 0 0 1 2.474 0l1.086 1.086a1.75 1.75 0 0 1 0 2.474l-8.61 8.61c-.21.21-.47.364-.756.445l-3.251.93a.75.75 0 0 1-.927-.928l.929-3.25c.081-.286.235-.547.445-.758l8.61-8.61Zm.176 4.823L9.75 4.81l-6.286 6.287a.253.253 0 0 0-.064.108l-.558 1.953 1.953-.558a.253.253 0 0 0 .108-.064Zm1.238-3.763a.25.25 0 0 0-.354 0L10.811 3.75l1.439 1.44 1.263-1.263a.25.25 0 0 0 0-.354Z"></path> </svg> </template> <template id="copilot-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-copilot"> <path d="M7.998 15.035c-4.562 0-7.873-2.914-7.998-3.749V9.338c.085-.628.677-1.686 1.588-2.065.013-.07.024-.143.036-.218.029-.183.06-.384.126-.612-.201-.508-.254-1.084-.254-1.656 0-.87.128-1.769.693-2.484.579-.733 1.494-1.124 2.724-1.261 1.206-.134 2.262.034 2.944.765.05.053.096.108.139.165.044-.057.094-.112.143-.165.682-.731 1.738-.899 2.944-.765 1.23.137 2.145.528 2.724 1.261.566.715.693 1.614.693 2.484 0 .572-.053 1.148-.254 1.656.066.228.098.429.126.612.012.076.024.148.037.218.924.385 1.522 1.471 1.591 2.095v1.872c0 .766-3.351 3.795-8.002 3.795Zm0-1.485c2.28 0 4.584-1.11 5.002-1.433V7.862l-.023-.116c-.49.21-1.075.291-1.727.291-1.146 0-2.059-.327-2.71-.991A3.222 3.222 0 0 1 8 6.303a3.24 3.24 0 0 1-.544.743c-.65.664-1.563.991-2.71.991-.652 0-1.236-.081-1.727-.291l-.023.116v4.255c.419.323 2.722 1.433 5.002 1.433ZM6.762 2.83c-.193-.206-.637-.413-1.682-.297-1.019.113-1.479.404-1.713.7-.247.312-.369.789-.369 1.554 0 .793.129 1.171.308 1.371.162.181.519.379 1.442.379.853 0 1.339-.235 1.638-.54.315-.322.527-.827.617-1.553.117-.935-.037-1.395-.241-1.614Zm4.155-.297c-1.044-.116-1.488.091-1.681.297-.204.219-.359.679-.242 1.614.091.726.303 1.231.618 1.553.299.305.784.54 1.638.54.922 0 1.28-.198 1.442-.379.179-.2.308-.578.308-1.371 0-.765-.123-1.242-.37-1.554-.233-.296-.693-.587-1.713-.7Z"></path><path d="M6.25 9.037a.75.75 0 0 1 .75.75v1.501a.75.75 0 0 1-1.5 0V9.787a.75.75 0 0 1 .75-.75Zm4.25.75v1.501a.75.75 0 0 1-1.5 0V9.787a.75.75 0 0 1 1.5 0Z"></path> </svg> </template> <template id="copilot-error-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-copilot-error"> <path d="M16 11.24c0 .112-.072.274-.21.467L13 9.688V7.862l-.023-.116c-.49.21-1.075.291-1.727.291-.198 0-.388-.009-.571-.029L6.833 5.226a4.01 4.01 0 0 0 .17-.782c.117-.935-.037-1.395-.241-1.614-.193-.206-.637-.413-1.682-.297-.683.076-1.115.231-1.395.415l-1.257-.91c.579-.564 1.413-.877 2.485-.996 1.206-.134 2.262.034 2.944.765.05.053.096.108.139.165.044-.057.094-.112.143-.165.682-.731 1.738-.899 2.944-.765 1.23.137 2.145.528 2.724 1.261.566.715.693 1.614.693 2.484 0 .572-.053 1.148-.254 1.656.066.228.098.429.126.612.012.076.024.148.037.218.924.385 1.522 1.471 1.591 2.095Zm-5.083-8.707c-1.044-.116-1.488.091-1.681.297-.204.219-.359.679-.242 1.614.091.726.303 1.231.618 1.553.299.305.784.54 1.638.54.922 0 1.28-.198 1.442-.379.179-.2.308-.578.308-1.371 0-.765-.123-1.242-.37-1.554-.233-.296-.693-.587-1.713-.7Zm2.511 11.074c-1.393.776-3.272 1.428-5.43 1.428-4.562 0-7.873-2.914-7.998-3.749V9.338c.085-.628.677-1.686 1.588-2.065.013-.07.024-.143.036-.218.029-.183.06-.384.126-.612-.18-.455-.241-.963-.252-1.475L.31 4.107A.747.747 0 0 1 0 3.509V3.49a.748.748 0 0 1 .625-.73c.156-.026.306.047.435.139l14.667 10.578a.592.592 0 0 1 .227.264.752.752 0 0 1 .046.249v.022a.75.75 0 0 1-1.19.596Zm-1.367-.991L5.635 7.964a5.128 5.128 0 0 1-.889.073c-.652 0-1.236-.081-1.727-.291l-.023.116v4.255c.419.323 2.722 1.433 5.002 1.433 1.539 0 3.089-.505 4.063-.934Z"></path> </svg> </template> <template id="workflow-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-workflow"> <path d="M0 1.75C0 .784.784 0 1.75 0h3.5C6.216 0 7 .784 7 1.75v3.5A1.75 1.75 0 0 1 5.25 7H4v4a1 1 0 0 0 1 1h4v-1.25C9 9.784 9.784 9 10.75 9h3.5c.966 0 1.75.784 1.75 1.75v3.5A1.75 1.75 0 0 1 14.25 16h-3.5A1.75 1.75 0 0 1 9 14.25v-.75H5A2.5 2.5 0 0 1 2.5 11V7h-.75A1.75 1.75 0 0 1 0 5.25Zm1.75-.25a.25.25 0 0 0-.25.25v3.5c0 .138.112.25.25.25h3.5a.25.25 0 0 0 .25-.25v-3.5a.25.25 0 0 0-.25-.25Zm9 9a.25.25 0 0 0-.25.25v3.5c0 .138.112.25.25.25h3.5a.25.25 0 0 0 .25-.25v-3.5a.25.25 0 0 0-.25-.25Z"></path> </svg> </template> <template id="book-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-book"> <path d="M0 1.75A.75.75 0 0 1 .75 1h4.253c1.227 0 2.317.59 3 1.501A3.743 3.743 0 0 1 11.006 1h4.245a.75.75 0 0 1 .75.75v10.5a.75.75 0 0 1-.75.75h-4.507a2.25 2.25 0 0 0-1.591.659l-.622.621a.75.75 0 0 1-1.06 0l-.622-.621A2.25 2.25 0 0 0 5.258 13H.75a.75.75 0 0 1-.75-.75Zm7.251 10.324.004-5.073-.002-2.253A2.25 2.25 0 0 0 5.003 2.5H1.5v9h3.757a3.75 3.75 0 0 1 1.994.574ZM8.755 4.75l-.004 7.322a3.752 3.752 0 0 1 1.992-.572H14.5v-9h-3.495a2.25 2.25 0 0 0-2.25 2.25Z"></path> </svg> </template> <template id="code-review-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code-review"> <path d="M1.75 1h12.5c.966 0 1.75.784 1.75 1.75v8.5A1.75 1.75 0 0 1 14.25 13H8.061l-2.574 2.573A1.458 1.458 0 0 1 3 14.543V13H1.75A1.75 1.75 0 0 1 0 11.25v-8.5C0 1.784.784 1 1.75 1ZM1.5 2.75v8.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h6.5a.25.25 0 0 0 .25-.25v-8.5a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25Zm5.28 1.72a.75.75 0 0 1 0 1.06L5.31 7l1.47 1.47a.751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018l-2-2a.75.75 0 0 1 0-1.06l2-2a.75.75 0 0 1 1.06 0Zm2.44 0a.75.75 0 0 1 1.06 0l2 2a.75.75 0 0 1 0 1.06l-2 2a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L10.69 7 9.22 5.53a.75.75 0 0 1 0-1.06Z"></path> </svg> </template> <template id="codespaces-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-codespaces"> <path d="M0 11.25c0-.966.784-1.75 1.75-1.75h12.5c.966 0 1.75.784 1.75 1.75v3A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25Zm2-9.5C2 .784 2.784 0 3.75 0h8.5C13.216 0 14 .784 14 1.75v5a1.75 1.75 0 0 1-1.75 1.75h-8.5A1.75 1.75 0 0 1 2 6.75Zm1.75-.25a.25.25 0 0 0-.25.25v5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-5a.25.25 0 0 0-.25-.25Zm-2 9.5a.25.25 0 0 0-.25.25v3c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25v-3a.25.25 0 0 0-.25-.25Z"></path><path d="M7 12.75a.75.75 0 0 1 .75-.75h4.5a.75.75 0 0 1 0 1.5h-4.5a.75.75 0 0 1-.75-.75Zm-4 0a.75.75 0 0 1 .75-.75h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1-.75-.75Z"></path> </svg> </template> <template id="comment-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-comment"> <path d="M1 2.75C1 1.784 1.784 1 2.75 1h10.5c.966 0 1.75.784 1.75 1.75v7.5A1.75 1.75 0 0 1 13.25 12H9.06l-2.573 2.573A1.458 1.458 0 0 1 4 13.543V12H2.75A1.75 1.75 0 0 1 1 10.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h4.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path> </svg> </template> <template id="comment-discussion-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-comment-discussion"> <path d="M1.75 1h8.5c.966 0 1.75.784 1.75 1.75v5.5A1.75 1.75 0 0 1 10.25 10H7.061l-2.574 2.573A1.458 1.458 0 0 1 2 11.543V10h-.25A1.75 1.75 0 0 1 0 8.25v-5.5C0 1.784.784 1 1.75 1ZM1.5 2.75v5.5c0 .138.112.25.25.25h1a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h3.5a.25.25 0 0 0 .25-.25v-5.5a.25.25 0 0 0-.25-.25h-8.5a.25.25 0 0 0-.25.25Zm13 2a.25.25 0 0 0-.25-.25h-.5a.75.75 0 0 1 0-1.5h.5c.966 0 1.75.784 1.75 1.75v5.5A1.75 1.75 0 0 1 14.25 12H14v1.543a1.458 1.458 0 0 1-2.487 1.03L9.22 12.28a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215l2.22 2.22v-2.19a.75.75 0 0 1 .75-.75h1a.25.25 0 0 0 .25-.25Z"></path> </svg> </template> <template id="organization-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-organization"> <path d="M1.75 16A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0h8.5C11.216 0 12 .784 12 1.75v12.5c0 .085-.006.168-.018.25h2.268a.25.25 0 0 0 .25-.25V8.285a.25.25 0 0 0-.111-.208l-1.055-.703a.749.749 0 1 1 .832-1.248l1.055.703c.487.325.779.871.779 1.456v5.965A1.75 1.75 0 0 1 14.25 16h-3.5a.766.766 0 0 1-.197-.026c-.099.017-.2.026-.303.026h-3a.75.75 0 0 1-.75-.75V14h-1v1.25a.75.75 0 0 1-.75.75Zm-.25-1.75c0 .138.112.25.25.25H4v-1.25a.75.75 0 0 1 .75-.75h2.5a.75.75 0 0 1 .75.75v1.25h2.25a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25h-8.5a.25.25 0 0 0-.25.25ZM3.75 6h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5ZM3 3.75A.75.75 0 0 1 3.75 3h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 3 3.75Zm4 3A.75.75 0 0 1 7.75 6h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 7 6.75ZM7.75 3h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5ZM3 9.75A.75.75 0 0 1 3.75 9h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 3 9.75ZM7.75 9h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5Z"></path> </svg> </template> <template id="rocket-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-rocket"> <path d="M14.064 0h.186C15.216 0 16 .784 16 1.75v.186a8.752 8.752 0 0 1-2.564 6.186l-.458.459c-.314.314-.641.616-.979.904v3.207c0 .608-.315 1.172-.833 1.49l-2.774 1.707a.749.749 0 0 1-1.11-.418l-.954-3.102a1.214 1.214 0 0 1-.145-.125L3.754 9.816a1.218 1.218 0 0 1-.124-.145L.528 8.717a.749.749 0 0 1-.418-1.11l1.71-2.774A1.748 1.748 0 0 1 3.31 4h3.204c.288-.338.59-.665.904-.979l.459-.458A8.749 8.749 0 0 1 14.064 0ZM8.938 3.623h-.002l-.458.458c-.76.76-1.437 1.598-2.02 2.5l-1.5 2.317 2.143 2.143 2.317-1.5c.902-.583 1.74-1.26 2.499-2.02l.459-.458a7.25 7.25 0 0 0 2.123-5.127V1.75a.25.25 0 0 0-.25-.25h-.186a7.249 7.249 0 0 0-5.125 2.123ZM3.56 14.56c-.732.732-2.334 1.045-3.005 1.148a.234.234 0 0 1-.201-.064.234.234 0 0 1-.064-.201c.103-.671.416-2.273 1.15-3.003a1.502 1.502 0 1 1 2.12 2.12Zm6.94-3.935c-.088.06-.177.118-.266.175l-2.35 1.521.548 1.783 1.949-1.2a.25.25 0 0 0 .119-.213ZM3.678 8.116 5.2 5.766c.058-.09.117-.178.176-.266H3.309a.25.25 0 0 0-.213.119l-1.2 1.95ZM12 5a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path> </svg> </template> <template id="shield-check-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-shield-check"> <path d="m8.533.133 5.25 1.68A1.75 1.75 0 0 1 15 3.48V7c0 1.566-.32 3.182-1.303 4.682-.983 1.498-2.585 2.813-5.032 3.855a1.697 1.697 0 0 1-1.33 0c-2.447-1.042-4.049-2.357-5.032-3.855C1.32 10.182 1 8.566 1 7V3.48a1.75 1.75 0 0 1 1.217-1.667l5.25-1.68a1.748 1.748 0 0 1 1.066 0Zm-.61 1.429.001.001-5.25 1.68a.251.251 0 0 0-.174.237V7c0 1.36.275 2.666 1.057 3.859.784 1.194 2.121 2.342 4.366 3.298a.196.196 0 0 0 .154 0c2.245-.957 3.582-2.103 4.366-3.297C13.225 9.666 13.5 8.358 13.5 7V3.48a.25.25 0 0 0-.174-.238l-5.25-1.68a.25.25 0 0 0-.153 0ZM11.28 6.28l-3.5 3.5a.75.75 0 0 1-1.06 0l-1.5-1.5a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215l.97.97 2.97-2.97a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042Z"></path> </svg> </template> <template id="heart-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-heart"> <path d="m8 14.25.345.666a.75.75 0 0 1-.69 0l-.008-.004-.018-.01a7.152 7.152 0 0 1-.31-.17 22.055 22.055 0 0 1-3.434-2.414C2.045 10.731 0 8.35 0 5.5 0 2.836 2.086 1 4.25 1 5.797 1 7.153 1.802 8 3.02 8.847 1.802 10.203 1 11.75 1 13.914 1 16 2.836 16 5.5c0 2.85-2.045 5.231-3.885 6.818a22.066 22.066 0 0 1-3.744 2.584l-.018.01-.006.003h-.002ZM4.25 2.5c-1.336 0-2.75 1.164-2.75 3 0 2.15 1.58 4.144 3.365 5.682A20.58 20.58 0 0 0 8 13.393a20.58 20.58 0 0 0 3.135-2.211C12.92 9.644 14.5 7.65 14.5 5.5c0-1.836-1.414-3-2.75-3-1.373 0-2.609.986-3.029 2.456a.749.749 0 0 1-1.442 0C6.859 3.486 5.623 2.5 4.25 2.5Z"></path> </svg> </template> <template id="server-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-server"> <path d="M1.75 1h12.5c.966 0 1.75.784 1.75 1.75v4c0 .372-.116.717-.314 1 .198.283.314.628.314 1v4a1.75 1.75 0 0 1-1.75 1.75H1.75A1.75 1.75 0 0 1 0 12.75v-4c0-.358.109-.707.314-1a1.739 1.739 0 0 1-.314-1v-4C0 1.784.784 1 1.75 1ZM1.5 2.75v4c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25v-4a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25Zm.25 5.75a.25.25 0 0 0-.25.25v4c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25v-4a.25.25 0 0 0-.25-.25ZM7 4.75A.75.75 0 0 1 7.75 4h4.5a.75.75 0 0 1 0 1.5h-4.5A.75.75 0 0 1 7 4.75ZM7.75 10h4.5a.75.75 0 0 1 0 1.5h-4.5a.75.75 0 0 1 0-1.5ZM3 4.75A.75.75 0 0 1 3.75 4h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 3 4.75ZM3.75 10h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5Z"></path> </svg> </template> <template id="globe-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-globe"> <path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM5.78 8.75a9.64 9.64 0 0 0 1.363 4.177c.255.426.542.832.857 1.215.245-.296.551-.705.857-1.215A9.64 9.64 0 0 0 10.22 8.75Zm4.44-1.5a9.64 9.64 0 0 0-1.363-4.177c-.307-.51-.612-.919-.857-1.215a9.927 9.927 0 0 0-.857 1.215A9.64 9.64 0 0 0 5.78 7.25Zm-5.944 1.5H1.543a6.507 6.507 0 0 0 4.666 5.5c-.123-.181-.24-.365-.352-.552-.715-1.192-1.437-2.874-1.581-4.948Zm-2.733-1.5h2.733c.144-2.074.866-3.756 1.58-4.948.12-.197.237-.381.353-.552a6.507 6.507 0 0 0-4.666 5.5Zm10.181 1.5c-.144 2.074-.866 3.756-1.58 4.948-.12.197-.237.381-.353.552a6.507 6.507 0 0 0 4.666-5.5Zm2.733-1.5a6.507 6.507 0 0 0-4.666-5.5c.123.181.24.365.353.552.714 1.192 1.436 2.874 1.58 4.948Z"></path> </svg> </template> <template id="issue-opened-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-issue-opened"> <path d="M8 9.5a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Z"></path><path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Z"></path> </svg> </template> <template id="device-mobile-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-device-mobile"> <path d="M3.75 0h8.5C13.216 0 14 .784 14 1.75v12.5A1.75 1.75 0 0 1 12.25 16h-8.5A1.75 1.75 0 0 1 2 14.25V1.75C2 .784 2.784 0 3.75 0ZM3.5 1.75v12.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25h-8.5a.25.25 0 0 0-.25.25ZM8 13a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path> </svg> </template> <template id="package-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-package"> <path d="m8.878.392 5.25 3.045c.54.314.872.89.872 1.514v6.098a1.75 1.75 0 0 1-.872 1.514l-5.25 3.045a1.75 1.75 0 0 1-1.756 0l-5.25-3.045A1.75 1.75 0 0 1 1 11.049V4.951c0-.624.332-1.201.872-1.514L7.122.392a1.75 1.75 0 0 1 1.756 0ZM7.875 1.69l-4.63 2.685L8 7.133l4.755-2.758-4.63-2.685a.248.248 0 0 0-.25 0ZM2.5 5.677v5.372c0 .09.047.171.125.216l4.625 2.683V8.432Zm6.25 8.271 4.625-2.683a.25.25 0 0 0 .125-.216V5.677L8.75 8.432Z"></path> </svg> </template> <template id="credit-card-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-credit-card"> <path d="M10.75 9a.75.75 0 0 0 0 1.5h1.5a.75.75 0 0 0 0-1.5h-1.5Z"></path><path d="M0 3.75C0 2.784.784 2 1.75 2h12.5c.966 0 1.75.784 1.75 1.75v8.5A1.75 1.75 0 0 1 14.25 14H1.75A1.75 1.75 0 0 1 0 12.25ZM14.5 6.5h-13v5.75c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25Zm0-2.75a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25V5h13Z"></path> </svg> </template> <template id="play-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-play"> <path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Zm4.879-2.773 4.264 2.559a.25.25 0 0 1 0 .428l-4.264 2.559A.25.25 0 0 1 6 10.559V5.442a.25.25 0 0 1 .379-.215Z"></path> </svg> </template> <template id="gift-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-gift"> <path d="M2 2.75A2.75 2.75 0 0 1 4.75 0c.983 0 1.873.42 2.57 1.232.268.318.497.668.68 1.042.183-.375.411-.725.68-1.044C9.376.42 10.266 0 11.25 0a2.75 2.75 0 0 1 2.45 4h.55c.966 0 1.75.784 1.75 1.75v2c0 .698-.409 1.301-1 1.582v4.918A1.75 1.75 0 0 1 13.25 16H2.75A1.75 1.75 0 0 1 1 14.25V9.332C.409 9.05 0 8.448 0 7.75v-2C0 4.784.784 4 1.75 4h.55c-.192-.375-.3-.8-.3-1.25ZM7.25 9.5H2.5v4.75c0 .138.112.25.25.25h4.5Zm1.5 0v5h4.5a.25.25 0 0 0 .25-.25V9.5Zm0-4V8h5.5a.25.25 0 0 0 .25-.25v-2a.25.25 0 0 0-.25-.25Zm-7 0a.25.25 0 0 0-.25.25v2c0 .138.112.25.25.25h5.5V5.5h-5.5Zm3-4a1.25 1.25 0 0 0 0 2.5h2.309c-.233-.818-.542-1.401-.878-1.793-.43-.502-.915-.707-1.431-.707ZM8.941 4h2.309a1.25 1.25 0 0 0 0-2.5c-.516 0-1 .205-1.43.707-.337.392-.646.975-.879 1.793Z"></path> </svg> </template> <template id="code-square-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code-square"> <path d="M0 1.75C0 .784.784 0 1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25Zm1.75-.25a.25.25 0 0 0-.25.25v12.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25Zm7.47 3.97a.75.75 0 0 1 1.06 0l2 2a.75.75 0 0 1 0 1.06l-2 2a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L10.69 8 9.22 6.53a.75.75 0 0 1 0-1.06ZM6.78 6.53 5.31 8l1.47 1.47a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215l-2-2a.75.75 0 0 1 0-1.06l2-2a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042Z"></path> </svg> </template> <template id="device-desktop-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-device-desktop"> <path d="M14.25 1c.966 0 1.75.784 1.75 1.75v7.5A1.75 1.75 0 0 1 14.25 12h-3.727c.099 1.041.52 1.872 1.292 2.757A.752.752 0 0 1 11.25 16h-6.5a.75.75 0 0 1-.565-1.243c.772-.885 1.192-1.716 1.292-2.757H1.75A1.75 1.75 0 0 1 0 10.25v-7.5C0 1.784.784 1 1.75 1ZM1.75 2.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25ZM9.018 12H6.982a5.72 5.72 0 0 1-.765 2.5h3.566a5.72 5.72 0 0 1-.765-2.5Z"></path> </svg> </template> <div class="position-relative"> <ul role="listbox" class="ActionListWrap QueryBuilder-ListWrap" aria-label="Suggestions" data-action=" combobox-commit:query-builder#comboboxCommit mousedown:query-builder#resultsMousedown " data-target="query-builder.resultsList" data-persist-list=false id="query-builder-test-results" ></ul> </div> <div class="FormControl-inlineValidation" id="validation-5b816fa3-e128-49cb-a93b-44e550fe6c9c" hidden="hidden"> <span class="FormControl-inlineValidation--visual"> <svg aria-hidden="true" height="12" viewBox="0 0 12 12" version="1.1" width="12" data-view-component="true" class="octicon octicon-alert-fill"> <path d="M4.855.708c.5-.896 1.79-.896 2.29 0l4.675 8.351a1.312 1.312 0 0 1-1.146 1.954H1.33A1.313 1.313 0 0 1 .183 9.058ZM7 7V3H5v4Zm-1 3a1 1 0 1 0 0-2 1 1 0 0 0 0 2Z"></path> </svg> </span> <span></span> </div> </div> <div data-target="query-builder.screenReaderFeedback" aria-live="polite" aria-atomic="true" class="sr-only"></div> </query-builder></form> <div class="d-flex flex-row color-fg-muted px-3 text-small color-bg-default search-feedback-prompt"> <a target="_blank" href="https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax" data-view-component="true" class="Link color-fg-accent text-normal ml-2"> Search syntax tips </a> <div class="d-flex flex-1"></div> </div> </div> </div> </div> </modal-dialog></div> </div> <div data-action="click:qbsearch-input#retract" class="dark-backdrop position-fixed" hidden data-target="qbsearch-input.darkBackdrop"></div> <div class="color-fg-default"> <dialog-helper> <dialog data-target="qbsearch-input.feedbackDialog" data-action="close:qbsearch-input#handleDialogClose cancel:qbsearch-input#handleDialogClose" id="feedback-dialog" aria-modal="true" aria-labelledby="feedback-dialog-title" aria-describedby="feedback-dialog-description" data-view-component="true" class="Overlay Overlay-whenNarrow Overlay--size-medium Overlay--motion-scaleFade Overlay--disableScroll"> <div data-view-component="true" class="Overlay-header"> <div class="Overlay-headerContentWrap"> <div class="Overlay-titleWrap"> <h1 class="Overlay-title " id="feedback-dialog-title"> Provide feedback </h1> </div> <div class="Overlay-actionWrap"> <button data-close-dialog-id="feedback-dialog" aria-label="Close" type="button" data-view-component="true" class="close-button Overlay-closeButton"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg></button> </div> </div> </div> <scrollable-region data-labelled-by="feedback-dialog-title"> <div data-view-component="true" class="Overlay-body"> <!-- '"` --><!-- </textarea></xmp> --></option></form><form id="code-search-feedback-form" data-turbo="false" action="/search/feedback" accept-charset="UTF-8" method="post"><input type="hidden" data-csrf="true" name="authenticity_token" value="gvITjoP0k3ffRy27Q8ES8GMAOUymH5qaARvE5mXITxMU3w5PFggIgSED5/08ya7m1C+CKeWCqtgcp3W4jN1gWQ==" /> <p>We read every piece of feedback, and take your input very seriously.</p> <textarea name="feedback" class="form-control width-full mb-2" style="height: 120px" id="feedback"></textarea> <input name="include_email" id="include_email" aria-label="Include my email address so I can be contacted" class="form-control mr-2" type="checkbox"> <label for="include_email" style="font-weight: normal">Include my email address so I can be contacted</label> </form></div> </scrollable-region> <div data-view-component="true" class="Overlay-footer Overlay-footer--alignEnd"> <button data-close-dialog-id="feedback-dialog" type="button" data-view-component="true" class="btn"> Cancel </button> <button form="code-search-feedback-form" data-action="click:qbsearch-input#submitFeedback" type="submit" data-view-component="true" class="btn-primary btn"> Submit feedback </button> </div> </dialog></dialog-helper> <custom-scopes data-target="qbsearch-input.customScopesManager"> <dialog-helper> <dialog data-target="custom-scopes.customScopesModalDialog" data-action="close:qbsearch-input#handleDialogClose cancel:qbsearch-input#handleDialogClose" id="custom-scopes-dialog" aria-modal="true" aria-labelledby="custom-scopes-dialog-title" aria-describedby="custom-scopes-dialog-description" data-view-component="true" class="Overlay Overlay-whenNarrow Overlay--size-medium Overlay--motion-scaleFade Overlay--disableScroll"> <div data-view-component="true" class="Overlay-header Overlay-header--divided"> <div class="Overlay-headerContentWrap"> <div class="Overlay-titleWrap"> <h1 class="Overlay-title " id="custom-scopes-dialog-title"> Saved searches </h1> <h2 id="custom-scopes-dialog-description" class="Overlay-description">Use saved searches to filter your results more quickly</h2> </div> <div class="Overlay-actionWrap"> <button data-close-dialog-id="custom-scopes-dialog" aria-label="Close" type="button" data-view-component="true" class="close-button Overlay-closeButton"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg></button> </div> </div> </div> <scrollable-region data-labelled-by="custom-scopes-dialog-title"> <div data-view-component="true" class="Overlay-body"> <div data-target="custom-scopes.customScopesModalDialogFlash"></div> <div hidden class="create-custom-scope-form" data-target="custom-scopes.createCustomScopeForm"> <!-- '"` --><!-- </textarea></xmp> --></option></form><form id="custom-scopes-dialog-form" data-turbo="false" action="/search/custom_scopes" accept-charset="UTF-8" method="post"><input type="hidden" data-csrf="true" name="authenticity_token" value="LPGjnWsV++/wJD+9s/4S/aZFvkEQ6/28c6MGwp8MTOLDn+pysD3J4LwnQWJLYtA0+xVgRC8hxBYbFV3eaoNeUw==" /> <div data-target="custom-scopes.customScopesModalDialogFlash"></div> <input type="hidden" id="custom_scope_id" name="custom_scope_id" data-target="custom-scopes.customScopesIdField"> <div class="form-group"> <label for="custom_scope_name">Name</label> <auto-check src="/search/custom_scopes/check_name" required> <input type="text" name="custom_scope_name" id="custom_scope_name" data-target="custom-scopes.customScopesNameField" class="form-control" autocomplete="off" placeholder="github-ruby" required maxlength="50"> <input type="hidden" data-csrf="true" value="LLZeXqFWpshcfI+gtrRSIRuxgzvQXA6jKrYvwVCR11d3wQpsyPAlAHYrhF3wboNvORnHLcTGtitFvZJkIM8N0A==" /> </auto-check> </div> <div class="form-group"> <label for="custom_scope_query">Query</label> <input type="text" name="custom_scope_query" id="custom_scope_query" data-target="custom-scopes.customScopesQueryField" class="form-control" autocomplete="off" placeholder="(repo:mona/a OR repo:mona/b) AND lang:python" required maxlength="500"> </div> <p class="text-small color-fg-muted"> To see all available qualifiers, see our <a class="Link--inTextBlock" href="https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax">documentation</a>. </p> </form> </div> <div data-target="custom-scopes.manageCustomScopesForm"> <div data-target="custom-scopes.list"></div> </div> </div> </scrollable-region> <div data-view-component="true" class="Overlay-footer Overlay-footer--alignEnd Overlay-footer--divided"> <button data-action="click:custom-scopes#customScopesCancel" type="button" data-view-component="true" class="btn"> Cancel </button> <button form="custom-scopes-dialog-form" data-action="click:custom-scopes#customScopesSubmit" data-target="custom-scopes.customScopesSubmitButton" type="submit" data-view-component="true" class="btn-primary btn"> Create saved search </button> </div> </dialog></dialog-helper> </custom-scopes> </div> </qbsearch-input> <div class="position-relative HeaderMenu-link-wrap d-lg-inline-block"> <a href="/login?return_to=https%3A%2F%2Fgithub.com%2Fresources%2Farticles%2Fdevops%2Fdevsecops" class="HeaderMenu-link HeaderMenu-link--sign-in HeaderMenu-button flex-shrink-0 no-underline d-none d-lg-inline-flex border border-lg-0 rounded rounded-lg-0 px-2 py-1" style="margin-left: 12px;" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"site header menu","repository_id":null,"auth_type":"SIGN_UP","originating_url":"https://github.com/resources/articles/devops/devsecops","user_id":null}}" data-hydro-click-hmac="d351781544c972973bb127b43d3eed6f67d978ae414fb5473e47bc4cf5e21b32" data-analytics-event="{"category":"Marketing nav","action":"click to go to homepage","label":"ref_page:Marketing;ref_cta:Sign in;ref_loc:Header"}" > Sign in </a> </div> <a href="/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2Fresources%2Farticles%2Fdevops%2Fdevsecops&source=header" class="HeaderMenu-link HeaderMenu-link--sign-up HeaderMenu-button flex-shrink-0 d-flex d-lg-inline-flex no-underline border color-border-default rounded px-2 py-1" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"site header menu","repository_id":null,"auth_type":"SIGN_UP","originating_url":"https://github.com/resources/articles/devops/devsecops","user_id":null}}" data-hydro-click-hmac="d351781544c972973bb127b43d3eed6f67d978ae414fb5473e47bc4cf5e21b32" data-analytics-event="{"category":"Sign up","action":"click to sign up for account","label":"ref_page:/resources/articles/devops/devsecops;ref_cta:Sign up;ref_loc:header logged out"}" > Sign up </a> <button type="button" class="sr-only js-header-menu-focus-trap d-block d-lg-none">Reseting focus</button> </div> </div> </div> </div> </header> <div hidden="hidden" data-view-component="true" class="js-stale-session-flash stale-session-flash flash flash-warn flash-full"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-alert"> <path d="M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path> </svg> <span class="js-stale-session-flash-signed-in" hidden>You signed in with another tab or window. <a class="Link--inTextBlock" href="">Reload</a> to refresh your session.</span> <span class="js-stale-session-flash-signed-out" hidden>You signed out in another tab or window. <a class="Link--inTextBlock" href="">Reload</a> to refresh your session.</span> <span class="js-stale-session-flash-switched" hidden>You switched accounts on another tab or window. <a class="Link--inTextBlock" href="">Reload</a> to refresh your session.</span> <button id="icon-button-a331e575-bfb6-41d7-be91-ee7c08f8bb6f" aria-labelledby="tooltip-32e6f09d-cc8b-4ad9-b85c-9ee42fef268a" type="button" data-view-component="true" class="Button Button--iconOnly Button--invisible Button--medium flash-close js-flash-close"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x Button-visual"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg> </button><tool-tip id="tooltip-32e6f09d-cc8b-4ad9-b85c-9ee42fef268a" for="icon-button-a331e575-bfb6-41d7-be91-ee7c08f8bb6f" popover="manual" data-direction="s" data-type="label" data-view-component="true" class="sr-only position-absolute">Dismiss alert</tool-tip> </div> </div> <div id="start-of-content" class="show-on-focus"></div> <div id="js-flash-container" class="flash-container" data-turbo-replace> <template class="js-flash-template"> <div class="flash flash-full {{ className }}"> <div > <button autofocus class="flash-close js-flash-close" type="button" aria-label="Dismiss this message"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg> </button> <div aria-atomic="true" role="alert" class="js-flash-alert"> <div>{{ message }}</div> </div> </div> </div> </template> </div> <div class="application-main " data-commit-hovercards-enabled data-discussion-hovercards-enabled data-issue-and-pr-hovercards-enabled > <main class="font-mktg" > <react-app app-name="resources" initial-path="/resources/articles/devops/devsecops" style="display: block; min-height: calc(100vh - 64px);" data-attempted-ssr="true" data-ssr="true" data-lazy="false" data-alternate="false" > <script type="application/json" data-target="react-app.embeddedData">{"payload":{"contentfulRawJsonResponse":{"sys":{"type":"Array"},"total":1,"skip":0,"limit":100,"items":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"7FqeXqswBBUapKLFYkED09","type":"Entry","createdAt":"2024-07-12T19:22:41.046Z","updatedAt":"2024-07-15T13:25:32.975Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":9,"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"containerPage"}},"locale":"en-US"},"fields":{"title":"What is DevSecOps?","path":"/resources/articles/devops/devsecops","template":{"sys":{"type":"Link","linkType":"Entry","id":"6DNgZVYmCSiLkR0GKkRxVA"}},"settings":{"sys":{"type":"Link","linkType":"Entry","id":"6tzE6qoYtCLnjfoeLUAYvQ"}},"seo":{"sys":{"type":"Link","linkType":"Entry","id":"6OvLM0ELTwaWPLDHdWPWDv"}}}}],"includes":{"Entry":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"1CZl4lSwGjAlkJzeuXkh5P","type":"Entry","createdAt":"2024-07-15T13:35:54.883Z","updatedAt":"2024-07-15T13:35:54.883Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"What is the DevSecOps model?","question":"What is the DevSecOps model?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"The DevSecOps model prioritizes security and builds it into all aspects and phases of the development process. The goal of the DevSecOps model is to identify and address security issues and vulnerabilities early, and to embed security practices from concept to deployment, making security a systemic, integral priority throughout the SDLC.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"1bCh5wn6WWuWPvU2iJ95f5","type":"Entry","createdAt":"2024-07-15T13:35:54.813Z","updatedAt":"2024-07-15T13:35:54.813Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"Why is DevSecOps important?","question":"Why is DevSecOps important?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps builds on the benefits of DevOps by embedding security into every step of the SDLC. The DevSecOps framework supercharges productivity and drives business efficiency at scale by creating a culture of security defense. When every contributor shares responsibility for code security, software quality and customer experience improve.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"1p3eqymtQJKkf0ScktoLXj","type":"Entry","createdAt":"2024-07-15T13:35:54.090Z","updatedAt":"2024-07-15T13:35:54.090Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":3,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaq"}},"locale":"en-US"},"fields":{"title":"/resources/articles/devops/devsecops","heading":"Frequently asked questions","blocks":[{"sys":{"type":"Link","linkType":"Entry","id":"2zync6PmYPJj07tpLk5YLy"}}]}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"1tjBdDGUli4FRmcZtNfka0","type":"Entry","createdAt":"2024-07-12T19:22:41.335Z","updatedAt":"2024-07-23T19:37:18.941Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentCtaBanner"}},"locale":"en-US"},"fields":{"title":"/resources/articles/devops/devsecops CTA Banner","align":"center","heading":"Build your DevSecOps practice on GitHub","description":{"data":{},"content":[{"data":{},"content":[{"data":{},"marks":[],"value":"GitHub is an integrated platform that takes companies from idea to planning to building to production, combining a focused developer experience with powerful, fully managed development, automation, and test infrastructure.","nodeType":"text"}],"nodeType":"paragraph"},{"data":{},"content":[{"data":{},"marks":[],"value":"\n","nodeType":"text"}],"nodeType":"paragraph"}],"nodeType":"document"},"hasBackground":true,"hasShadow":false,"hasBorder":true,"callToActionPrimary":{"sys":{"type":"Link","linkType":"Entry","id":"6YcA3NaSpSvEywhWFLmLez"}},"callToActionSecondary":{"sys":{"type":"Link","linkType":"Entry","id":"5tZIC4TSjGfhuf1gZvKrXs"}}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"1yPbLJJRkapMUf1z22zDbj","type":"Entry","createdAt":"2024-07-15T13:35:54.849Z","updatedAt":"2024-07-15T13:35:54.849Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":3,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"How does DevSecOps impact the software development lifecycle?","question":"How does DevSecOps impact the software development lifecycle?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps impacts the SDLC by integrating security into every stage of the process, from planning to deployment, and monitoring after deployment. DevSecOps empowers development teams to collaborate, automate, and continuously test and monitor the security of the software.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2zync6PmYPJj07tpLk5YLy","type":"Entry","createdAt":"2024-07-15T13:35:54.483Z","updatedAt":"2024-07-15T13:35:54.483Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqBlock"}},"locale":"en-US"},"fields":{"title":"/resources/articles/devops/devsecops","questions":[{"sys":{"type":"Link","linkType":"Entry","id":"5dWFrofIFuONPoOpmODXry"}},{"sys":{"type":"Link","linkType":"Entry","id":"RxnM6d0QDCCcBa6Fdl5tJ"}},{"sys":{"type":"Link","linkType":"Entry","id":"vgBGlfGt72BoGEP7JgJ0z"}},{"sys":{"type":"Link","linkType":"Entry","id":"6RfmTprMJ3a9zcVUtN8gJ3"}},{"sys":{"type":"Link","linkType":"Entry","id":"4lxI2djt6lmSO7yvXsMzNH"}},{"sys":{"type":"Link","linkType":"Entry","id":"1bCh5wn6WWuWPvU2iJ95f5"}},{"sys":{"type":"Link","linkType":"Entry","id":"5VXKtRmNZKu3W74o2YeoIL"}},{"sys":{"type":"Link","linkType":"Entry","id":"1yPbLJJRkapMUf1z22zDbj"}},{"sys":{"type":"Link","linkType":"Entry","id":"1CZl4lSwGjAlkJzeuXkh5P"}}]}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"3hx43MM5RMUDJpdvTcjiWs","type":"Entry","createdAt":"2024-07-12T19:22:41.284Z","updatedAt":"2024-08-05T16:51:07.163Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":51,"revision":7,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentProse"}},"locale":"en-US"},"fields":{"title":"/resources/articles/devops/devsecops Prose","text":{"nodeType":"document","data":{},"content":[{"nodeType":"heading-2","data":{},"content":[{"nodeType":"text","value":"Overview of DevSecOps","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Through collaboration, automation, and continuous improvement processes, DevSecOps offers a set of practices that help companies embed security into every phase of development to build more secure, high-quality software at scale.","marks":[],"data":{}}]},{"nodeType":"heading-3","data":{},"content":[{"nodeType":"text","value":"Defining DevSecOps","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Like development and operations, DevSecOps integrates automated security testing into every aspect of the DevOps culture, tooling, and processes.","marks":[],"data":{}}]},{"nodeType":"heading-3","data":{},"content":[{"nodeType":"text","value":"DevSecOps vs DevOps?","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevOps has transformed how many organizations build and ship software. One aspect of the ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/resources/articles/software-development/what-is-sdlc"},"content":[{"nodeType":"text","value":"software development lifecycle (SDLC)","marks":[],"data":{}}]},{"nodeType":"text","value":" wasleft outside the DevOps model: security. DevSecOps seeks to correct that by integrating security into the SDLC in the same way that DevOps prioritizes quality, speed, and deep collaboration across all stages of development. ","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"For modern organizations, DevSecOps is the evolution of DevOps by baking security across the SDLC experience. ","marks":[],"data":{}}]},{"nodeType":"heading-2","data":{},"content":[{"nodeType":"text","value":"Benefits of DevSecOps for organizations","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps builds security into every step of the SDLC. This means that security-related tests (automated and not) take place at each stage, from coding to merging branches, from builds to deployments, and into the operation of production software. Moreover, DevSecOps advances the idea that everyone working on a product is accountable for its security. This helps teams catch vulnerabilities before they make it to production and reduces the need for late-stage, manual security reviews, which can slow down software releases and make changes more costly.","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Organizations that adopt DevSecOps typically see benefits that include:","marks":[],"data":{}}]},{"nodeType":"unordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Reduced breach risk:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" DevSecOps seeks to ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/features/security/code-scanning"},"content":[{"nodeType":"text","value":"secure code by design","marks":[],"data":{}}]},{"nodeType":"text","value":" through a combination of coding practices, secure developer environments, and automated security tests. Throughout SDLC, DevSecOps helps prevent vulnerabilities from entering production environments.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Preventing secret leaks:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Secret scanning detects potential leaked secrets such as private keys, passwords, and other sensitive information that malicious actors use to gain unauthorized access. Secret scanning also proactively prevents secrets from being committed to code with push protection. ","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Improved compliance:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" DevSecOps practitioners often use automation to enforce code compliance and integrate policy enforcement tooling directly into the ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://resources.github.com/ci-cd/"},"content":[{"nodeType":"text","value":"continuous integration/continuous delivery (CI/CD)","marks":[],"data":{}}]},{"nodeType":"text","value":" pipeline.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Greater confidence in supply chain security:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" The modern technology stack often depends on third-party code, frequently from public package repositories. DevSecOps practitioners often use tooling and automated tests to identify and update vulnerable or outdated dependencies before a software release.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Tracking progress and effectiveness:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Security overview in GitHub Advanced Security provides insights on trends in alert frequency, feature activation status, and usage statistics for security tools and functionalities.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Accelerated delivery to customers:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" By creating a security-first culture and applying automated checks, DevSecOps accelerates deployment by reducing the need for custom security reviews that can slow software releases.","marks":[],"data":{}}]}]}]},{"nodeType":"heading-2","data":{},"content":[{"nodeType":"text","value":"DevSecOps best practices","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"When code is deployed with errors, it can lead to poor customer experience and business losses due to downtime. But if unsecured code is deployed, the fallout can be far more severe.","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Just like testing and operations teams were siloed from development in the pre-DevOps era, today security is sometimes left to specialized teams working outside the DevOps lifecycle. DevSecOps is the evolution of DevOps by making security an integral part of the SDLC rather than a separate process that takes place right before release.","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"If your organization is ready to adopt DevOps, consider taking the more evolved and secure approach with these DevSecOps best practices:","marks":[],"data":{}}]},{"nodeType":"unordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Create a DevSecOps culture.","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Success in DevSecOps relies on ","marks":[],"data":{}},{"nodeType":"text","value":"everyone","marks":[{"type":"italic"}],"data":{}},{"nodeType":"text","value":" taking responsibility for security. Every contributor codes, builds, tests, and configures application and infrastructure settings defensively. DevSecOps thrives in an open culture where individuals work together to build the best and most secure product possible.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Design security into the product.","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" DevSecOps designs security into products from initial planning to production-level code deployment. Security is developed alongside features, and practitioners have access to security knowledge to run tests throughout the SDLC. ","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Build a threat modeling practice. ","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":"The seeds of security vulnerabilities are often sown before a line of code is written. Model potential threats during the planning phase and design your infrastructure and application architecture to mitigate those issues. Implementing periodic penetration testing, when a trusted person attempts to break into the code system, can help unveil weaknesses missed in threat models.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Automate testing for speed and security.","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Automated testing throughout the SDLC helps ensure the right security checks happen at the right time. This gives developers more time to focus on building the core product while ensuring security requirements are met. ","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Use an autofix tool with broad coverage and effective fix rates: ","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":"Although many AppSec tools include an autofix function that suggests code to remediate a vulnerability, it can be hard to verify the breadth of coverage or the quality of the suggested code. Look for a solution like ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/enterprise/advanced-security"},"content":[{"nodeType":"text","value":"GitHub Advanced Security","marks":[],"data":{}}]},{"nodeType":"text","value":", where autofix covers 90% of alerts in supported language, with more than two-thirds of fixes passing unit testing with little or no editing. ","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Plan security checkpoints throughout product development.","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Identify transition points in the SDLC where the risk profile changes. For example, the point at which a developer merges code into the main branch might increase the potential for that code to be run on colleagues’ machines and eventually reach production. In this case, opening a pull request might be a good trigger event for automated security checks, along with the appropriate manual escalations.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Approach security failures as learning opportunities.","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Building on the DevOps culture of continuous improvement, a successful DevSecOps practice turns security incidents into learning opportunities. Leveraging audit logs, building incident reports, and modeling malicious behavior to improve tooling, testing, and processes can further secure applications and systems.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Stay on top of dependencies.","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Understanding and mitigating the potential threats from dependencies is critical to a product’s security. Apply the same threat modeling and automated testing to dependencies as to in-house code. At GitHub we’ve ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://securitylab.github.com/"},"content":[{"nodeType":"text","value":"identified and shared details of tens of millions of threats in open source software","marks":[],"data":{}}]},{"nodeType":"text","value":", helping organizations and developers be more aware of and avoid dependency vulnerabilities.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Strengthen analytics and reporting capabilities.","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Continuous monitoring is a critical part of a DevSecOps practice—and that includes real-time alerts, system analytics, and proactive threat monitoring. By measuring every aspect of an application and the DevSecOps pipeline, teams can create a collective understanding of application health. Reporting dashboards and alerts help detect problems early. When a problem does occur, established telemetry—such as application-level logging—provides insight for incident resolution and root cause analysis.","marks":[],"data":{}}]}]}]},{"nodeType":"heading-2","data":{},"content":[{"nodeType":"text","value":"DevSecOps culture ","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps is more than a software engineering practice, it’s a culture and mindset that prioritizes the integration of security into every stage of the SDLC. ","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Creating a DevSecOps culture begins by making security everyone’s responsibility. This could be a big change for some organizations. Traditionally, security was in the hands of specialist security professionals. ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://resources.github.com/devops/what-is-a-devops-engineer/"},"content":[{"nodeType":"text","value":"Engineering teams","marks":[],"data":{}}]},{"nodeType":"text","value":" considered security practices separate, versus integral, sometimes causing friction when developers saw security as an obstacle to shipping software fast. ","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"A DevSecOps culture is a fundamental shift, changing outdated perceptions by making security as core to the SDLC as writing code, running tests, and configuring services. Each new feature or fix considers the security implications. Security and compliance policies are enforced through tests. When something goes wrong, it’s seen as an opportunity to learn and do it better next time. And rather than something that slows down software releases, security in a DevSecOps practice becomes part of the release itself, leading to faster and more secure deployments. ","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Building a successful DevSecOps practice requires embedding security into every step of development. How this is accomplished will vary from one organization to another, but the foundational pillars that define a DevSecOps culture are essential and include: ","marks":[],"data":{}}]},{"nodeType":"unordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"People:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" A DevSecOps practice removes barriers between different disciplines and builds a naturally collaborative environment in which each person shares responsibility for a product’s security and quality. ","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Process:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" DevSecOps moves security from being a distinct stage at the end of the SDLC to an integral part of every person’s work. Automated security evaluations, security-focused unit testing, widespread monitoring, and defensive coding create rapid feedback loops where vulnerabilities surface earlier in the product life cycle and can be fixed faster. ","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Products:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" DevSecOps builds on the DevOps toolchain by using technologies such as CI/CD to automate the identification of application security issues. Dependency scanning, static and dynamic application security testing, and automated policy enforcement tools are used to integrate security. A wide range of solutions can be added to the technology stack to create an “open” toolchain. Some organizations may find that more integrated and security-focused product suites provide a more holistic experience. ","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Governance:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Continuous improvement is central to DevSecOps and requires assimilating a measurement mindset, enabling practitioners to identify opportunities for process and tooling refinement.","marks":[],"data":{}}]}]}]},{"nodeType":"heading-2","data":{},"content":[{"nodeType":"text","value":"What is a DevSecOps pipeline?","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"A DevSecOps culture establishes security as a fundamental part of creating software—but that’s just part of what it takes to successfully adopt a DevSecOps practice. The next step is to integrate security into each stage of a ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://resources.github.com/devops/pipeline/"},"content":[{"nodeType":"text","value":"DevOps pipeline","marks":[],"data":{}}]},{"nodeType":"text","value":".","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"With security specific tooling and processes throughout the SDLC, a DevSecOps pipeline helps practitioners design more secure products and catch security issues early in the product life cycle.","marks":[],"data":{}}]},{"nodeType":"embedded-asset-block","data":{"target":{"sys":{"id":"4751YtyF0v3mDKgitjPF9X","type":"Link","linkType":"Asset"}}},"content":[]},{"nodeType":"heading-3","data":{},"content":[{"nodeType":"text","value":"7 stages of a DevSecOps pipeline","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps is built on DevOps, and a DevSecOps pipeline is built on a DevOps pipeline. Just as DevOps engineers integrate quality and speed into each step, the best DevSecOps pipelines are designed to predict key points in the SDLC where security issues are likely to arise.","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"This breaks down into the following common DevSecOps pipeline stages:","marks":[],"data":{}}]},{"nodeType":"ordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Plan: ","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":"In a DevSecOps practice, security starts at the planning stage in the SDLC pipeline. This can include analyzing potential security threats and determining how to combat them with threat modeling. It can also involve designing security into products proactively to ensure that security is integrated from the beginning with key data hygiene and other up-front security decisions.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Code:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" At the coding stage in a DevSecOps pipeline, it’s important to create a culture of defensive programming with policies that help practitioners proactively navigate security and compliance issues. This can be as simple as specifying rules for how to handle particularly risky aspects of code, such as NULLs, or involve broader guidelines on areas such as input validation.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Build:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" In the build stage, a typical DevSecOps pipeline will include automated security checks to catch vulnerabilities in source code before they are integrated to the main branch. This can involve using pre-commit hooks to run static application security testing (SAST) tools where potential issues in code will stop the build, much like a failed test, and provide time to fix potential vulnerabilities in proprietary source code before work progresses. ","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Scan: ","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":"Use secret scanning and software composition analysis (SCA) tools to track open-source components in the codebase and detect any ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/features/security/software-supply-chain"},"content":[{"nodeType":"text","value":"vulnerabilities in dependencies","marks":[],"data":{}}]},{"nodeType":"text","value":".","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Test:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" The test stage of a DevSecOps pipeline is a key point where practitioners will develop an ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://resources.github.com/security/application-security-testing/"},"content":[{"nodeType":"text","value":"application security testing","marks":[],"data":{}}]},{"nodeType":"text","value":" strategy and automated testing suite to catch any potential security vulnerabilities or issues. This commonly includes using unit tests at a base level to look for security issues, ","marks":[],"data":{}},{"nodeType":"text","value":"like","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" how the application deals with unexpected or malformed input. It can also include dynamic application security tests to find vulnerabilities in the application when run. This way, the test phase becomes as much security as it does functionality. A good tip at this stage is to integrate ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://resources.github.com/security/what-is-dast/"},"content":[{"nodeType":"text","value":"dynamic application security testing (DAST)","marks":[],"data":{}}]},{"nodeType":"text","value":" into the DevSecOps pipeline.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Release:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" In the release stage, a DevSecOps pipeline will often include additional automated security testing and vulnerability scanning to catch issues that might not have been apparent in earlier stages. Some organizations will also deploy the principle of least privilege where each person and tool have access only to precisely what they need.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Deploy:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" At the deployment stage, a DevSecOps practitioner will work to ensure that code makes it into production only if it has passed security checks at each earlier stage. This can involve applying automated tests to application code and the underlying infrastructure used to run the software in production to catch any run-time security concerns.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Operate and monitor:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" In the operations and ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://resources.github.com/devops/tools/monitoring"},"content":[{"nodeType":"text","value":"monitoring","marks":[],"data":{}}]},{"nodeType":"text","value":" stages of a DevSecOps pipeline, organizations use application-level and infrastructure metrics to identify unusual activity that could indicate a security breach. When an incident occurs, use-logging and other instrumentation can be used to pinpoint the issue and understand its impact.","marks":[],"data":{}}]}]}]},{"nodeType":"heading-2","data":{},"content":[{"nodeType":"text","value":"DevSecOps automation principles","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"When it’s correctly implemented, automation accelerates the SDLC by empowering people to use technology to accomplish repetitive, manual tasks and deliver higher-quality software faster. DevSecOps takes automation further by integrating security tests across all stages of the SDLC to improve speed, consistency, and create a hedge against potential risks.","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"If DevSecOps makes security everyone’s responsibility, DevSecOps automation strives to give everyone the tools they need to ensure code and configurations are secure without requiring them to become security specialists.","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"When considering where to apply automation in your own DevSecOps pipeline, keep the following principles in mind:","marks":[],"data":{}}]},{"nodeType":"unordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Automation should be strategic:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" A DevOps practice uses ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://resources.github.com/devops/what-is-devops-automation/"},"content":[{"nodeType":"text","value":"automation","marks":[],"data":{}}]},{"nodeType":"text","value":" to facilitate speed and quality across the SDLC. But just as being strategic is important in a DevOps practice, it’s equally—if not more—important to be strategic about how and when to apply automation in a DevSecOps environment.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Let people focus on being creative:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Automate repetitive tasks wherever possible. That way, people can focus their time and mental energy on more involved and impactful work while checks are applied more consistently and at scale.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Systematize code review:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Use ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://resources.github.com/devops/tools/"},"content":[{"nodeType":"text","value":"tools","marks":[],"data":{}}]},{"nodeType":"text","value":" such as static application security testing to automate elements of code review. However, human-led code review is still important and it’s critical to ensure your code review checklist covers security issues specific to your technology stack. Create a feedback cycle so each time new information becomes available, it can be built into the checklist. For example, when an incident occurs, consider how the problem could have been caught earlier with a code review or automated test.","marks":[],"data":{}}]}]}]},{"nodeType":"heading-2","data":{},"content":[{"nodeType":"text","value":"DevSecOps toolchain","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Adopting DevSecOps starts with a cultural shift that involves making security a core concern of everyone involved in the SDLC. To accomplish this, organizations can adopt new processes and build a DevSecOps toolchain that applies automated security tests and security tooling to the SDLC.","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps tooling builds on common DevOps tools such as ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/resources/articles/devops/ci-cd"},"content":[{"nodeType":"text","value":"CI/CD","marks":[],"data":{}}]},{"nodeType":"text","value":", automated tests, configuration management, and monitoring. The goal is to integrate security-focused tooling into each stage of the product life cycle.","marks":[],"data":{}}]},{"nodeType":"heading-3","data":{},"content":[{"nodeType":"text","value":"Key components of the DevSecOps toolchain ","marks":[],"data":{}}]},{"nodeType":"unordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Automated security tests on commits and merges:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" A basic goal of any DevSecOps practice is to catch code issues before they can do harm by triggering automatic scans using pre-commit and merge triggers. Some of the scans that organizations might implement include:","marks":[],"data":{}}]},{"nodeType":"unordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Code scanning:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Often called static application security testing, this tool evaluates code at rest—in other words, without running it—to discover code that could lead to a security vulnerability.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Vulnerability scanning:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Dynamic application scanning tools build and deploy the application to a sandboxed environment and then observe how it responds to known security threats.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Detecting Secrets:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Even with the most stringent policies, secrets such as authentication tokens and API keys occasionally make it into a commit. Secret scanning tools are used to catch them before the commit is made. These can pair with software composition analysis (SCA) tools, which are used to check a database of vulnerabilities for specific versions of a dependency and help determine which updated version will remove the vulnerability without causing other problems.","marks":[],"data":{}}]}]}]}]}]},{"nodeType":"unordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Configuration management:","marks":[{"type":"bold"}],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":" In DevSecOps, a general rule is that it’s best to remove uncertainty from systems configuration, and this can be accomplished by adopting infrastructure as code. Tools such as Docker, Terraform, and Ansible use YAML and similar configuration files that can be automatically scanned for issues, committed to version control, and rolled out automatically to multiple instances of a service.","marks":[],"data":{}}]}]}]},{"nodeType":"unordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Container orchestration:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" In some environments, organizations may adopt microservices architecture to better support complex, cloud-native applications. This requires maintaining multiple ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":" https://resources.github.com/devops/containerization"},"content":[{"nodeType":"text","value":"containers","marks":[],"data":{}}]},{"nodeType":"text","value":" and scaling them as needed and securely—and that involves container orchestration tools. Just like configuration management tools, container orchestration tooling will often use YAML configuration files to dictate interactions between containers.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Runtime verification:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Also known as runtime application self-protection tools, these tools will actively monitor and/or direct threats towards an application as it runs with reports highlighting vulnerabilities.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Continuous monitoring and reporting:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" One of the simplest yet highly effective aspects of DevSecOps tooling is measurement—and that involves logging everything at the application and infrastructure level. The best tools will provide real-time intelligence when something goes wrong and include a reporting system so developers can catch issues early. Outbound data from an unexpected port, for example, could indicate a compromise, but without monitoring and reporting it might go undetected.","marks":[],"data":{}}]}]}]},{"nodeType":"heading-2","data":{},"content":[{"nodeType":"text","value":"Secure development with DevSecOps tools","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Security is a defining issue in software development organizations. Getting it wrong has far-reaching implications—both for the organizations and even the individuals involved. DevSecOps tools help create software securely from the very first step. And building on the well- understood culture and processes of ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/resources/articles/devops/what-is-devops"},"content":[{"nodeType":"text","value":"DevOps","marks":[],"data":{}}]},{"nodeType":"text","value":" means that, for most businesses, a shift left to secure coding practices is part of DevSecOps implementation.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"4lxI2djt6lmSO7yvXsMzNH","type":"Entry","createdAt":"2024-07-15T13:35:54.797Z","updatedAt":"2024-07-15T13:35:54.797Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":3,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"What tools are helpful for DevSecOps?","question":"What tools are helpful for DevSecOps?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Tools that apply automated tests and security to the SDLC are essential to the DevSecOps toolchain and can include automated security tests on commits and mergers, code and vulnerability scanning, configuration management tools, and container orchestration, runtime verification, and continuous monitoring and reporting.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"5VXKtRmNZKu3W74o2YeoIL","type":"Entry","createdAt":"2024-07-15T13:35:54.832Z","updatedAt":"2024-07-15T13:35:54.832Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"What is the role of security teams in DevSecOps?","question":"What is the role of security teams in DevSecOps?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"In DevSecOps, security is integrated into every phase of software development and becomes systemic, versus phasal. The development team is, in fact, the security team. ","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"5dWFrofIFuONPoOpmODXry","type":"Entry","createdAt":"2024-07-15T13:35:54.503Z","updatedAt":"2024-07-15T13:35:54.503Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":3,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"What does DevSecOps stand for?","question":"What does DevSecOps stand for?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps is a combination of the words ","marks":[],"data":{}},{"nodeType":"text","value":"development","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":", ","marks":[],"data":{}},{"nodeType":"text","value":"security","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":", and ","marks":[],"data":{}},{"nodeType":"text","value":"operations","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":", and is a framework for integrating security into every phase of the software development lifecycle (SDLC).","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"5tZIC4TSjGfhuf1gZvKrXs","type":"Entry","createdAt":"2024-06-25T12:33:48.007Z","updatedAt":"2024-06-25T12:33:48.007Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":4,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"link"}},"locale":"en-US"},"fields":{"text":"Compare DevOps solutions","href":"https://resources.github.com/devops/tools/compare","openInNewTab":false}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"64bXNq4noGu5CBOWFplmW8","type":"Entry","createdAt":"2024-07-24T10:52:44.488Z","updatedAt":"2024-07-24T11:04:07.266Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":4,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"link"}},"locale":"en-US"},"fields":{"text":"Start your journey with GitHub","href":"https://github.com/solutions/devsecops","openInNewTab":false}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"69egq6dNE776FfUjMJ4J1S","type":"Entry","createdAt":"2024-07-15T13:35:54.070Z","updatedAt":"2024-07-15T13:35:54.070Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":3,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqGroup"}},"locale":"en-US"},"fields":{"title":"/resources/articles/devops/devsecops","heading":"Frequently asked questions","faqs":[{"sys":{"type":"Link","linkType":"Entry","id":"1p3eqymtQJKkf0ScktoLXj"}}]}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6DNgZVYmCSiLkR0GKkRxVA","type":"Entry","createdAt":"2024-07-12T19:22:41.245Z","updatedAt":"2024-07-29T11:10:00.687Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":19,"revision":5,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"templateResourcesArticle"}},"locale":"en-US"},"fields":{"title":"What is DevSecOps?","excerpt":{"data":{},"content":[{"data":{},"content":[{"data":{},"marks":[],"value":"DevSecOps combines development, security, and operations to automate security integration across all phases of the software development lifecycle (SDLC).","nodeType":"text"}],"nodeType":"paragraph"}],"nodeType":"document"},"lede":{"data":{},"content":[{"data":{},"content":[{"data":{},"marks":[],"value":"DevSecOps is a framework and model that integrates security into all phases of the software development lifecycle.","nodeType":"text"}],"nodeType":"paragraph"}],"nodeType":"document"},"content":{"sys":{"type":"Link","linkType":"Entry","id":"3hx43MM5RMUDJpdvTcjiWs"}},"featuredCallToAction":{"sys":{"type":"Link","linkType":"Entry","id":"6Sh9dnrt743f3TNEvTDrKm"}},"ctaBanner":{"sys":{"type":"Link","linkType":"Entry","id":"1tjBdDGUli4FRmcZtNfka0"}},"faq":{"sys":{"type":"Link","linkType":"Entry","id":"69egq6dNE776FfUjMJ4J1S"}}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6OvLM0ELTwaWPLDHdWPWDv","type":"Entry","createdAt":"2024-07-12T19:22:41.414Z","updatedAt":"2024-07-29T11:22:32.936Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":8,"revision":3,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"pageSeo"}},"locale":"en-US"},"fields":{"title":"/resources/articles/devops/devsecops","description":"DevSecOps combines development, security, and operations to automate security integration across all phases of the software development lifecycle (SDLC).","socialMediaImage":{"sys":{"type":"Link","linkType":"Asset","id":"6aEF0LnKI9Tjgv81ggzpCD"}}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6RfmTprMJ3a9zcVUtN8gJ3","type":"Entry","createdAt":"2024-07-15T13:35:54.783Z","updatedAt":"2024-07-15T13:35:54.783Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":4,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"What is the DevSecOps process?","question":"What is the DevSecOps process?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"A successful DevSecOps practice includes continuous collaboration, automation, and improvement processes to help teams embed security into every phase of development and build more secure, high-quality software at scale.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6Sh9dnrt743f3TNEvTDrKm","type":"Entry","createdAt":"2024-07-24T10:52:44.419Z","updatedAt":"2024-07-24T10:52:44.419Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":3,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"genericCallToAction"}},"locale":"en-US"},"fields":{"heading":"GitHub’s DevSecOps Solution","description":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"With comprehensive security tools built into the developer workflow, you can build, secure, and ship all in one place.","marks":[],"data":{}}]}]},"callToActionPrimary":{"sys":{"type":"Link","linkType":"Entry","id":"64bXNq4noGu5CBOWFplmW8"}}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6YcA3NaSpSvEywhWFLmLez","type":"Entry","createdAt":"2024-07-23T19:37:14.637Z","updatedAt":"2024-07-23T19:37:14.637Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"link"}},"locale":"en-US"},"fields":{"text":"Explore DevSecOps solution","href":"https://github.com/solutions/devsecops","openInNewTab":false}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6tzE6qoYtCLnjfoeLUAYvQ","type":"Entry","createdAt":"2024-07-12T19:22:41.394Z","updatedAt":"2024-11-19T15:56:51.807Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":6,"revision":3,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"pageSettings"}},"locale":"en-US"},"fields":{"title":"/resources/articles/devops/devsecops","colorMode":"light","globalNavbarStyle":"default","revenuePlay":"Security"}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"RxnM6d0QDCCcBa6Fdl5tJ","type":"Entry","createdAt":"2024-07-15T13:35:54.523Z","updatedAt":"2024-07-15T13:35:54.523Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"What is the difference between DevOps and DevSecOps?","question":"What is the difference between DevOps and DevSecOps?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevOps is a set of practices to improve collaboration between development and operations teams to build software faster, efficiently, and reliably.","marks":[],"data":{}}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps is the evolution of DevOps by integrating security into every step of the software development process. DevSecOps is the practice of building and deploying software that is more secure and compliant by making contributors responsible for code security at every stage of development.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"vgBGlfGt72BoGEP7JgJ0z","type":"Entry","createdAt":"2024-07-15T13:35:54.665Z","updatedAt":"2024-07-15T13:35:54.665Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":5,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"How do organizations implement DevSecOps?","question":"How do organizations implement DevSecOps?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"With careful planning, organizations can implement DevSecOps in seven stages by building a DevSecOps culture and pipeline:","marks":[],"data":{}}]},{"nodeType":"ordered-list","data":{},"content":[{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Plan:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Start at the earliest stages of planning to design security into every step, analyzing vulnerabilities, and designing strategies to combat security threats.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Code:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Create a culture of security defense with policies that help developers proactively anticipate, navigate, and resolve security and compliance issues.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Build:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Implement automated security checks throughout the SDLC to detect and fix potential vulnerabilities.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Test:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" Develop an application security testing strategy and automated testing suite to identify and mitigate security issues along the way.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Release:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" An additional layer of automated testing processes helps detect previously unidentified security weaknesses to find and resolve the undiscovered security needles in the code haystack.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Deploy:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" At the production stage, developers ensure code has passed testing stage using automated tests and the supporting infrastructure.","marks":[],"data":{}}]}]},{"nodeType":"list-item","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Operate and monitor:","marks":[{"type":"bold"}],"data":{}},{"nodeType":"text","value":" After deployment, continuous monitoring can surface unusual activity so it can be understood and addressed. ","marks":[],"data":{}}]}]}]},{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"","marks":[],"data":{}}]}]}}}],"Asset":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"4751YtyF0v3mDKgitjPF9X","type":"Asset","createdAt":"2024-07-12T19:22:40.973Z","updatedAt":"2024-07-12T19:22:40.973Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":4,"revision":1,"locale":"en-US"},"fields":{"title":"DevOps Pipeline Infinity","description":"DevOps Pipeline Infinity","file":{"url":"//images.ctfassets.net/8aevphvgewt8/4751YtyF0v3mDKgitjPF9X/be8f58f270ccdbd277f597f2ef36f07c/infinity.png","details":{"size":22268,"image":{"width":1326,"height":594}},"fileName":"infinity.png","contentType":"image/png"}}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6aEF0LnKI9Tjgv81ggzpCD","type":"Asset","createdAt":"2024-07-29T11:20:38.420Z","updatedAt":"2024-07-29T11:20:38.420Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":8,"revision":1,"locale":"en-US"},"fields":{"title":"Default SEO article image","description":"GitHub logo surrounded by green and purple abstract oblong shapes.","file":{"url":"//images.ctfassets.net/8aevphvgewt8/6aEF0LnKI9Tjgv81ggzpCD/b1af8fd613a72ba9644ec3a1650d8b79/github-logo-productivity-theme.webp","details":{"size":40738,"image":{"width":1248,"height":655}},"fileName":"github-logo-productivity-theme.webp","contentType":"image/webp"}}}]}},"userLoggedIn":false},"title":"What is DevSecOps?","appPayload":null}</script> <div data-target="react-app.reactRoot"><div data-color-mode="light" dir="ltr" class="Article-module__articlePageBody--NesIo" style="background-color:var(--brand-color-canvas-default)"><div class="Primer_Brand__Grid-module__Grid___q48mT" data-testid="Grid-:R1b:"><div class="Primer_Brand__Grid-module__Grid__column___HTpsw Primer_Brand__Grid-module__Grid__column--span-12___Tn1Hg"><section><div id=":R5b:"><header><div class="Primer_Brand__Box-module__Box-marginBlockStart--20___gqeBE"><nav class="Primer_Brand__Breadcrumbs-module__Breadcrumbs___ANvyl Primer_Brand__Breadcrumbs-module__Breadcrumbs--default___q2JxW" aria-label="Breadcrumbs"><ol class="Primer_Brand__Breadcrumbs-module__Breadcrumbs__list___S1xLw"><li class="Primer_Brand__Breadcrumbs-module__Breadcrumbs__item___IX25P"><a href="https://github.com/resources/articles" class="Primer_Brand__InlineLink-module__InlineLink___U_Ama Primer_Brand__Breadcrumbs-module__Breadcrumbs__link___B3gbd" data-analytics-event="{"action":"articles","tag":"link","context":"breadcrumb","location":"header","label":"articles_link_breadcrumb_header"}" data-ref="article-breadcrumb-link-Articles">Articles</a></li><li class="Primer_Brand__Breadcrumbs-module__Breadcrumbs__item___IX25P"><a href="https://github.com/resources/articles/devops" class="Primer_Brand__InlineLink-module__InlineLink___U_Ama Primer_Brand__Breadcrumbs-module__Breadcrumbs__link___B3gbd" data-analytics-event="{"action":"devops","tag":"link","context":"breadcrumb","location":"header","label":"devops_link_breadcrumb_header"}" data-ref="article-breadcrumb-link-DevOps">DevOps</a></li></ol></nav><script type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Articles","item":"https://github.com/resources/articles"},{"@type":"ListItem","position":2,"name":"DevOps","item":"https://github.com/resources/articles/devops"}]}</script></div><div class="Primer_Brand__Box-module__Box-marginBlockStart--64___oLHvC Primer_Brand__Box-module__Box-marginBlockEnd--32___W5xYE"><h1 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--hubot-sans___w3_5f Primer_Brand__Heading-module__Heading--1___Ufc7G Primer_Brand__Heading-module__Heading--weight-semibold___NMvbh Primer_Brand__Heading-module__Heading--stretch-condensed____i8A2">What is DevSecOps?</h1></div></header><article><div class="Primer_Brand__Box-module__Box-narrow-paddingBlockEnd--48___OPwru Primer_Brand__Box-module__Box-narrow-marginBlockEnd--48___u5_N1"><div class="Primer_Brand__Box-module__Box-narrow-marginBlockEnd--64___iRYFP Primer_Brand__Box-module__Box-wide-marginBlockEnd--80___Jqalb Primer_Brand__Box-module__Box-borderRadius--large___CCcts Article-module__heroImageArea--uMGs5"></div><div class="Primer_Brand__Grid-module__Grid___q48mT" data-testid="Grid-:R5tb:"><div class="Primer_Brand__Grid-module__Grid__column___HTpsw Primer_Brand__Grid-module__Grid__column--xsmall-span-12___brXS7 Primer_Brand__Grid-module__Grid__column--large-span-4___eJREG Primer_Brand__Grid-module__Grid__column--xsmall-start-1___Y9JJq Primer_Brand__Grid-module__Grid__column--large-start-10___rOnsb Article-module__asideCol--FNvxD"><aside class="TableofContents-module__aside--MgSe7 "><nav aria-labelledby="table-of-contents-heading"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-64___XKCAY Primer_Brand__Stack-module__Stack--padding-none___RCMh9 TableofContents-module__asideContent--XghGT "><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-24___TQnkj Primer_Brand__Stack-module__Stack--padding-none___RCMh9" data-testid="table-of-contents-stack"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--horizontal___YJFas Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--align-items-center___xWKxj Primer_Brand__Stack-module__Stack--justify-content-space-between___r8E3d Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><h2 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--monospace___dFpiK Primer_Brand__Heading-module__Heading--subhead-medium___Pik5E Primer_Brand__Heading-module__Heading--weight-medium___II172 TableofContents-module__asideHeading--PAQkG" id="table-of-contents-heading">Table of contents</h2><button data-analytics-event="{"action":"expand_table_of_contents_menu","tag":"icon","context":"menu_toggle","location":"table_of_contents","label":"expand_table_of_contents_menu_icon_menu_toggle_table_of_contents"}" data-ref="table-of-contents-menu-toggle-7FqeXqswBBUapKLFYkED09" class="TableofContents-module__tableOfContentsMenuToggle--ATCTT"><span class="sr-only">Open<!-- --> Table of contents</span><svg aria-hidden="true" focusable="false" class="octicon octicon-chevron-down" viewBox="0 0 16 16" width="16" height="16" fill="currentColor" style="display:inline-block;user-select:none;vertical-align:text-bottom;overflow:visible"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></button></div><div class="TableofContents-module__tableOfContentsNav--m47_w "><ol class="TableofContents-module__tableOfContentsList--si7P_"><li><a data-analytics-event="{"action":"overview_of_devsecops","tag":"link","context":"anchor_link","location":"table_of_contents","label":"overview_of_devsecops_link_anchor_link_table_of_contents"}" data-ref="table-of-contents-list-item-link-7FqeXqswBBUapKLFYkED09-overview-of-devsecops" href="#overview-of-devsecops" class="TableofContents-module__linkButton--NFOgJ TableofContents-module__tableOfContentsListItem--zoxo4"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-normal___siVLX TableofContents-module__listItemText--ihBEh">Overview of DevSecOps</span></a></li><li><a data-analytics-event="{"action":"benefits_of_devsecops_for_organizations","tag":"link","context":"anchor_link","location":"table_of_contents","label":"benefits_of_devsecops_for_organizations_link_anchor_link_table_of_contents"}" data-ref="table-of-contents-list-item-link-7FqeXqswBBUapKLFYkED09-benefits-of-devsecops-for-organizations" href="#benefits-of-devsecops-for-organizations" class="TableofContents-module__linkButton--NFOgJ TableofContents-module__tableOfContentsListItem--zoxo4"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-normal___siVLX TableofContents-module__listItemText--ihBEh">Benefits of DevSecOps for organizations</span></a></li><li><a data-analytics-event="{"action":"devsecops_best_practices","tag":"link","context":"anchor_link","location":"table_of_contents","label":"devsecops_best_practices_link_anchor_link_table_of_contents"}" data-ref="table-of-contents-list-item-link-7FqeXqswBBUapKLFYkED09-devsecops-best-practices" href="#devsecops-best-practices" class="TableofContents-module__linkButton--NFOgJ TableofContents-module__tableOfContentsListItem--zoxo4"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-normal___siVLX TableofContents-module__listItemText--ihBEh">DevSecOps best practices</span></a></li><li><a data-analytics-event="{"action":"devsecops_culture","tag":"link","context":"anchor_link","location":"table_of_contents","label":"devsecops_culture_link_anchor_link_table_of_contents"}" data-ref="table-of-contents-list-item-link-7FqeXqswBBUapKLFYkED09-devsecops-culture-" href="#devsecops-culture-" class="TableofContents-module__linkButton--NFOgJ TableofContents-module__tableOfContentsListItem--zoxo4"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-normal___siVLX TableofContents-module__listItemText--ihBEh">DevSecOps culture </span></a></li><li><a data-analytics-event="{"action":"what_is_a_devsecops_pipeline","tag":"link","context":"anchor_link","location":"table_of_contents","label":"what_is_a_devsecops_pipeline_link_anchor_link_table_of_contents"}" data-ref="table-of-contents-list-item-link-7FqeXqswBBUapKLFYkED09-what-is-a-devsecops-pipeline" href="#what-is-a-devsecops-pipeline" class="TableofContents-module__linkButton--NFOgJ TableofContents-module__tableOfContentsListItem--zoxo4"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-normal___siVLX TableofContents-module__listItemText--ihBEh">What is a DevSecOps pipeline?</span></a></li><li><a data-analytics-event="{"action":"devsecops_automation_principles","tag":"link","context":"anchor_link","location":"table_of_contents","label":"devsecops_automation_principles_link_anchor_link_table_of_contents"}" data-ref="table-of-contents-list-item-link-7FqeXqswBBUapKLFYkED09-devsecops-automation-principles" href="#devsecops-automation-principles" class="TableofContents-module__linkButton--NFOgJ TableofContents-module__tableOfContentsListItem--zoxo4"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-normal___siVLX TableofContents-module__listItemText--ihBEh">DevSecOps automation principles</span></a></li><li><a data-analytics-event="{"action":"devsecops_toolchain","tag":"link","context":"anchor_link","location":"table_of_contents","label":"devsecops_toolchain_link_anchor_link_table_of_contents"}" data-ref="table-of-contents-list-item-link-7FqeXqswBBUapKLFYkED09-devsecops-toolchain" href="#devsecops-toolchain" class="TableofContents-module__linkButton--NFOgJ TableofContents-module__tableOfContentsListItem--zoxo4"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-normal___siVLX TableofContents-module__listItemText--ihBEh">DevSecOps toolchain</span></a></li><li><a data-analytics-event="{"action":"secure_development_with_devsecops_tools","tag":"link","context":"anchor_link","location":"table_of_contents","label":"secure_development_with_devsecops_tools_link_anchor_link_table_of_contents"}" data-ref="table-of-contents-list-item-link-7FqeXqswBBUapKLFYkED09-secure-development-with-devsecops-tools" href="#secure-development-with-devsecops-tools" class="TableofContents-module__linkButton--NFOgJ TableofContents-module__tableOfContentsListItem--zoxo4"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-normal___siVLX TableofContents-module__listItemText--ihBEh">Secure development with DevSecOps tools</span></a></li></ol></div></div><div class="Primer_Brand__Box-module__Box-paddingBlockStart--8___TNzCC Primer_Brand__Box-module__Box-borderBlockStartWidth--thin___y3sZf Primer_Brand__Box-module__Box-borderColor--muted___S3wPy Primer_Brand__Box-module__Box-borderStyle--solid___ejOCw TableofContents-module__tableOfContentsFeaturesBox--dKTWP"><h3 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--monospace___dFpiK Primer_Brand__Heading-module__Heading--subhead-medium___Pik5E Primer_Brand__Heading-module__Heading--weight-medium___II172 FeaturedContent-module__asideHeading--dlmfU">Featured</h3><div class="Primer_Brand__Box-module__Box-marginBlockStart--24___puxKK"><div class="Primer_Brand__Box-module__Box-marginBlockEnd--4___uZDEK"><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-medium___Pik5E">GitHub’s DevSecOps Solution</h4></div><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--muted___lTaVa Primer_Brand__Text-module__Text--100___csEom">With comprehensive security tools built into the developer workflow, you can build, secure, and ship all in one place.</p></div><div class="Primer_Brand__Box-module__Box-marginBlockStart--16___plaHc"><a class="Primer_Brand__Button-module__Button___lDruK Primer_Brand__Button-module__Button--primary___xIC7G Primer_Brand__Button-module__Button--size-small___iNTn1" data-analytics-event="{"action":"start_your_journey_with_github","tag":"button","context":"featured_CTA","location":"table_of_contents","label":"start_your_journey_with_github_button_featured_CTA_table_of_contents"}" data-ref="featured-content-cta-6Sh9dnrt743f3TNEvTDrKm" href="https://github.com/solutions/devsecops"><span class="Primer_Brand__Button-module__Button__text___Z3ocU"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--100___csEom Primer_Brand__Text-module__Text--weight-semibold___Ns19j Primer_Brand__Button-module__Button--label___lUBc0 Primer_Brand__Button-module__Button--label-primary___Leisi">Start your journey with GitHub</span></span><span class="Primer_Brand__Button-module__Button__trailing-visual___zg8jd"><svg class="Primer_Brand__ExpandableArrow-module__ExpandableArrow___rkfek Primer_Brand__Button-module__Button-arrow___SkJXQ" width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true" focusable="false" data-testid="Button-expandable-arrow"><path fill="currentColor" d="M7.28033 3.21967C6.98744 2.92678 6.51256 2.92678 6.21967 3.21967C5.92678 3.51256 5.92678 3.98744 6.21967 4.28033L7.28033 3.21967ZM11 8L11.5303 8.53033C11.8232 8.23744 11.8232 7.76256 11.5303 7.46967L11 8ZM6.21967 11.7197C5.92678 12.0126 5.92678 12.4874 6.21967 12.7803C6.51256 13.0732 6.98744 13.0732 7.28033 12.7803L6.21967 11.7197ZM6.21967 4.28033L10.4697 8.53033L11.5303 7.46967L7.28033 3.21967L6.21967 4.28033ZM10.4697 7.46967L6.21967 11.7197L7.28033 12.7803L11.5303 8.53033L10.4697 7.46967Z"></path><path class="Primer_Brand__ExpandableArrow-module__ExpandableArrow-stem___g4mdy" stroke="currentColor" d="M1.75 8H11" stroke-width="1.5" stroke-linecap="round"></path></svg></span></a></div></div></div></nav></aside></div><div class="Primer_Brand__Grid-module__Grid__column___HTpsw Primer_Brand__Grid-module__Grid__column--xsmall-span-12___brXS7 Primer_Brand__Grid-module__Grid__column--large-span-9___aamnY Article-module__articleCol--oHHFj"><div class="Primer_Brand__Grid-module__Grid___q48mT" data-testid="Grid-:R3dtb:"><div class="Primer_Brand__Grid-module__Grid__column___HTpsw Primer_Brand__Grid-module__Grid__column--xsmall-span-12___brXS7 Primer_Brand__Grid-module__Grid__column--large-span-11___mDo3B"><div class="Primer_Brand__Box-module__Box-narrow-marginBlockEnd--24___oh65t Primer_Brand__Box-module__Box-wide-marginBlockEnd--48___X5ONp"><header><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--hubot-sans___l0tzF Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--500___orDRu Primer_Brand__Text-module__Text--weight-medium___E0iQL Lede-module__lede--Z6dMJ">DevSecOps is a framework and model that integrates security into all phases of the software development lifecycle.</p></header></div></div></div><div><div class="Primer_Brand__Prose-module__Prose___X2BXE Primer_Brand__Prose-module__Prose--lineLength___ws7gn Primer_Brand__Prose-module__Prose--editorial___DtuDo"><h2 id="overview-of-devsecops">Overview of DevSecOps</h2><p>Through collaboration, automation, and continuous improvement processes, DevSecOps offers a set of practices that help companies embed security into every phase of development to build more secure, high-quality software at scale.</p><h3 id="defining-devsecops">Defining DevSecOps</h3><p>Like development and operations, DevSecOps integrates automated security testing into every aspect of the DevOps culture, tooling, and processes.</p><h3 id="devsecops-vs-devops">DevSecOps vs DevOps?</h3><p>DevOps has transformed how many organizations build and ship software. One aspect of the <a href="https://github.com/resources/articles/software-development/what-is-sdlc" data-analytics-event={"action":"software_development_lifecycle_sdlc","tag":"hyperlink","label":"software_development_lifecycle_sdlc_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">software development lifecycle (SDLC)</a> wasleft outside the DevOps model: security. DevSecOps seeks to correct that by integrating security into the SDLC in the same way that DevOps prioritizes quality, speed, and deep collaboration across all stages of development. </p><p>For modern organizations, DevSecOps is the evolution of DevOps by baking security across the SDLC experience. </p><h2 id="benefits-of-devsecops-for-organizations">Benefits of DevSecOps for organizations</h2><p>DevSecOps builds security into every step of the SDLC. This means that security-related tests (automated and not) take place at each stage, from coding to merging branches, from builds to deployments, and into the operation of production software. Moreover, DevSecOps advances the idea that everyone working on a product is accountable for its security. This helps teams catch vulnerabilities before they make it to production and reduces the need for late-stage, manual security reviews, which can slow down software releases and make changes more costly.</p><p>Organizations that adopt DevSecOps typically see benefits that include:</p><ul><li><p><b>Reduced breach risk:</b> DevSecOps seeks to <a href="https://github.com/features/security/code-scanning" data-analytics-event={"action":"secure_code_by_design","tag":"hyperlink","label":"secure_code_by_design_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">secure code by design</a> through a combination of coding practices, secure developer environments, and automated security tests. Throughout SDLC, DevSecOps helps prevent vulnerabilities from entering production environments.</p></li><li><p><b>Preventing secret leaks:</b> Secret scanning detects potential leaked secrets such as private keys, passwords, and other sensitive information that malicious actors use to gain unauthorized access. Secret scanning also proactively prevents secrets from being committed to code with push protection. </p></li><li><p><b>Improved compliance:</b> DevSecOps practitioners often use automation to enforce code compliance and integrate policy enforcement tooling directly into the <a href="https://resources.github.com/ci-cd/" data-analytics-event={"action":"continuous_integrationcontinuous_delivery_cicd","tag":"hyperlink","label":"continuous_integrationcontinuous_delivery_cicd_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">continuous integration/continuous delivery (CI/CD)</a> pipeline.</p></li><li><p><b>Greater confidence in supply chain security:</b> The modern technology stack often depends on third-party code, frequently from public package repositories. DevSecOps practitioners often use tooling and automated tests to identify and update vulnerable or outdated dependencies before a software release.</p></li><li><p><b>Tracking progress and effectiveness:</b> Security overview in GitHub Advanced Security provides insights on trends in alert frequency, feature activation status, and usage statistics for security tools and functionalities.</p></li><li><p><b>Accelerated delivery to customers:</b> By creating a security-first culture and applying automated checks, DevSecOps accelerates deployment by reducing the need for custom security reviews that can slow software releases.</p></li></ul><h2 id="devsecops-best-practices">DevSecOps best practices</h2><p>When code is deployed with errors, it can lead to poor customer experience and business losses due to downtime. But if unsecured code is deployed, the fallout can be far more severe.</p><p>Just like testing and operations teams were siloed from development in the pre-DevOps era, today security is sometimes left to specialized teams working outside the DevOps lifecycle. DevSecOps is the evolution of DevOps by making security an integral part of the SDLC rather than a separate process that takes place right before release.</p><p>If your organization is ready to adopt DevOps, consider taking the more evolved and secure approach with these DevSecOps best practices:</p><ul><li><p><b>Create a DevSecOps culture.</b> Success in DevSecOps relies on <i>everyone</i> taking responsibility for security. Every contributor codes, builds, tests, and configures application and infrastructure settings defensively. DevSecOps thrives in an open culture where individuals work together to build the best and most secure product possible.</p></li><li><p><b>Design security into the product.</b> DevSecOps designs security into products from initial planning to production-level code deployment. Security is developed alongside features, and practitioners have access to security knowledge to run tests throughout the SDLC. </p></li><li><p><b>Build a threat modeling practice. </b>The seeds of security vulnerabilities are often sown before a line of code is written. Model potential threats during the planning phase and design your infrastructure and application architecture to mitigate those issues. Implementing periodic penetration testing, when a trusted person attempts to break into the code system, can help unveil weaknesses missed in threat models.</p></li><li><p><b>Automate testing for speed and security.</b> Automated testing throughout the SDLC helps ensure the right security checks happen at the right time. This gives developers more time to focus on building the core product while ensuring security requirements are met. </p></li><li><p><b>Use an autofix tool with broad coverage and effective fix rates: </b>Although many AppSec tools include an autofix function that suggests code to remediate a vulnerability, it can be hard to verify the breadth of coverage or the quality of the suggested code. Look for a solution like <a href="https://github.com/enterprise/advanced-security" data-analytics-event={"action":"github_advanced_security","tag":"hyperlink","label":"github_advanced_security_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">GitHub Advanced Security</a>, where autofix covers 90% of alerts in supported language, with more than two-thirds of fixes passing unit testing with little or no editing. </p></li><li><p><b>Plan security checkpoints throughout product development.</b> Identify transition points in the SDLC where the risk profile changes. For example, the point at which a developer merges code into the main branch might increase the potential for that code to be run on colleagues’ machines and eventually reach production. In this case, opening a pull request might be a good trigger event for automated security checks, along with the appropriate manual escalations.</p></li><li><p><b>Approach security failures as learning opportunities.</b> Building on the DevOps culture of continuous improvement, a successful DevSecOps practice turns security incidents into learning opportunities. Leveraging audit logs, building incident reports, and modeling malicious behavior to improve tooling, testing, and processes can further secure applications and systems.</p></li><li><p><b>Stay on top of dependencies.</b> Understanding and mitigating the potential threats from dependencies is critical to a product’s security. Apply the same threat modeling and automated testing to dependencies as to in-house code. At GitHub we’ve <a href="https://securitylab.github.com/" data-analytics-event={"action":"identified_and_shared_details_of_tens_of_millions_of_threats_in_open_source_software","tag":"hyperlink","label":"identified_and_shared_details_of_tens_of_millions_of_threats_in_open_source_software_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">identified and shared details of tens of millions of threats in open source software</a>, helping organizations and developers be more aware of and avoid dependency vulnerabilities.</p></li><li><p><b>Strengthen analytics and reporting capabilities.</b> Continuous monitoring is a critical part of a DevSecOps practice—and that includes real-time alerts, system analytics, and proactive threat monitoring. By measuring every aspect of an application and the DevSecOps pipeline, teams can create a collective understanding of application health. Reporting dashboards and alerts help detect problems early. When a problem does occur, established telemetry—such as application-level logging—provides insight for incident resolution and root cause analysis.</p></li></ul><h2 id="devsecops-culture-">DevSecOps culture </h2><p>DevSecOps is more than a software engineering practice, it’s a culture and mindset that prioritizes the integration of security into every stage of the SDLC. </p><p>Creating a DevSecOps culture begins by making security everyone’s responsibility. This could be a big change for some organizations. Traditionally, security was in the hands of specialist security professionals. <a href="https://resources.github.com/devops/what-is-a-devops-engineer/" data-analytics-event={"action":"engineering_teams","tag":"hyperlink","label":"engineering_teams_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">Engineering teams</a> considered security practices separate, versus integral, sometimes causing friction when developers saw security as an obstacle to shipping software fast. </p><p>A DevSecOps culture is a fundamental shift, changing outdated perceptions by making security as core to the SDLC as writing code, running tests, and configuring services. Each new feature or fix considers the security implications. Security and compliance policies are enforced through tests. When something goes wrong, it’s seen as an opportunity to learn and do it better next time. And rather than something that slows down software releases, security in a DevSecOps practice becomes part of the release itself, leading to faster and more secure deployments. </p><p>Building a successful DevSecOps practice requires embedding security into every step of development. How this is accomplished will vary from one organization to another, but the foundational pillars that define a DevSecOps culture are essential and include: </p><ul><li><p><b>People:</b> A DevSecOps practice removes barriers between different disciplines and builds a naturally collaborative environment in which each person shares responsibility for a product’s security and quality. </p></li><li><p><b>Process:</b> DevSecOps moves security from being a distinct stage at the end of the SDLC to an integral part of every person’s work. Automated security evaluations, security-focused unit testing, widespread monitoring, and defensive coding create rapid feedback loops where vulnerabilities surface earlier in the product life cycle and can be fixed faster. </p></li><li><p><b>Products:</b> DevSecOps builds on the DevOps toolchain by using technologies such as CI/CD to automate the identification of application security issues. Dependency scanning, static and dynamic application security testing, and automated policy enforcement tools are used to integrate security. A wide range of solutions can be added to the technology stack to create an “open” toolchain. Some organizations may find that more integrated and security-focused product suites provide a more holistic experience. </p></li><li><p><b>Governance:</b> Continuous improvement is central to DevSecOps and requires assimilating a measurement mindset, enabling practitioners to identify opportunities for process and tooling refinement.</p></li></ul><h2 id="what-is-a-devsecops-pipeline">What is a DevSecOps pipeline?</h2><p>A DevSecOps culture establishes security as a fundamental part of creating software—but that’s just part of what it takes to successfully adopt a DevSecOps practice. The next step is to integrate security into each stage of a <a href="https://resources.github.com/devops/pipeline/" data-analytics-event={"action":"devops_pipeline","tag":"hyperlink","label":"devops_pipeline_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">DevOps pipeline</a>.</p><p>With security specific tooling and processes throughout the SDLC, a DevSecOps pipeline helps practitioners design more secure products and catch security issues early in the product life cycle.</p><img src="https://images.ctfassets.net/8aevphvgewt8/4751YtyF0v3mDKgitjPF9X/be8f58f270ccdbd277f597f2ef36f07c/infinity.png" alt="DevOps Pipeline Infinity" /><h3 id="7-stages-of-a-devsecops-pipeline">7 stages of a DevSecOps pipeline</h3><p>DevSecOps is built on DevOps, and a DevSecOps pipeline is built on a DevOps pipeline. Just as DevOps engineers integrate quality and speed into each step, the best DevSecOps pipelines are designed to predict key points in the SDLC where security issues are likely to arise.</p><p>This breaks down into the following common DevSecOps pipeline stages:</p><ol><li><p><b>Plan: </b>In a DevSecOps practice, security starts at the planning stage in the SDLC pipeline. This can include analyzing potential security threats and determining how to combat them with threat modeling. It can also involve designing security into products proactively to ensure that security is integrated from the beginning with key data hygiene and other up-front security decisions.</p></li><li><p><b>Code:</b> At the coding stage in a DevSecOps pipeline, it’s important to create a culture of defensive programming with policies that help practitioners proactively navigate security and compliance issues. This can be as simple as specifying rules for how to handle particularly risky aspects of code, such as NULLs, or involve broader guidelines on areas such as input validation.</p></li><li><p><b>Build:</b> In the build stage, a typical DevSecOps pipeline will include automated security checks to catch vulnerabilities in source code before they are integrated to the main branch. This can involve using pre-commit hooks to run static application security testing (SAST) tools where potential issues in code will stop the build, much like a failed test, and provide time to fix potential vulnerabilities in proprietary source code before work progresses. </p></li><li><p><b>Scan: </b>Use secret scanning and software composition analysis (SCA) tools to track open-source components in the codebase and detect any <a href="https://github.com/features/security/software-supply-chain" data-analytics-event={"action":"vulnerabilities_in_dependencies","tag":"hyperlink","label":"vulnerabilities_in_dependencies_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">vulnerabilities in dependencies</a>.</p></li><li><p><b>Test:</b> The test stage of a DevSecOps pipeline is a key point where practitioners will develop an <a href="https://resources.github.com/security/application-security-testing/" data-analytics-event={"action":"application_security_testing","tag":"hyperlink","label":"application_security_testing_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">application security testing</a> strategy and automated testing suite to catch any potential security vulnerabilities or issues. This commonly includes using unit tests at a base level to look for security issues, <b>like</b> how the application deals with unexpected or malformed input. It can also include dynamic application security tests to find vulnerabilities in the application when run. This way, the test phase becomes as much security as it does functionality. A good tip at this stage is to integrate <a href="https://resources.github.com/security/what-is-dast/" data-analytics-event={"action":"dynamic_application_security_testing_dast","tag":"hyperlink","label":"dynamic_application_security_testing_dast_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">dynamic application security testing (DAST)</a> into the DevSecOps pipeline.</p></li><li><p><b>Release:</b> In the release stage, a DevSecOps pipeline will often include additional automated security testing and vulnerability scanning to catch issues that might not have been apparent in earlier stages. Some organizations will also deploy the principle of least privilege where each person and tool have access only to precisely what they need.</p></li><li><p><b>Deploy:</b> At the deployment stage, a DevSecOps practitioner will work to ensure that code makes it into production only if it has passed security checks at each earlier stage. This can involve applying automated tests to application code and the underlying infrastructure used to run the software in production to catch any run-time security concerns.</p></li><li><p><b>Operate and monitor:</b> In the operations and <a href="https://resources.github.com/devops/tools/monitoring" data-analytics-event={"action":"monitoring","tag":"hyperlink","label":"monitoring_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">monitoring</a> stages of a DevSecOps pipeline, organizations use application-level and infrastructure metrics to identify unusual activity that could indicate a security breach. When an incident occurs, use-logging and other instrumentation can be used to pinpoint the issue and understand its impact.</p></li></ol><h2 id="devsecops-automation-principles">DevSecOps automation principles</h2><p>When it’s correctly implemented, automation accelerates the SDLC by empowering people to use technology to accomplish repetitive, manual tasks and deliver higher-quality software faster. DevSecOps takes automation further by integrating security tests across all stages of the SDLC to improve speed, consistency, and create a hedge against potential risks.</p><p>If DevSecOps makes security everyone’s responsibility, DevSecOps automation strives to give everyone the tools they need to ensure code and configurations are secure without requiring them to become security specialists.</p><p>When considering where to apply automation in your own DevSecOps pipeline, keep the following principles in mind:</p><ul><li><p><b>Automation should be strategic:</b> A DevOps practice uses <a href="https://resources.github.com/devops/what-is-devops-automation/" data-analytics-event={"action":"automation","tag":"hyperlink","label":"automation_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">automation</a> to facilitate speed and quality across the SDLC. But just as being strategic is important in a DevOps practice, it’s equally—if not more—important to be strategic about how and when to apply automation in a DevSecOps environment.</p></li><li><p><b>Let people focus on being creative:</b> Automate repetitive tasks wherever possible. That way, people can focus their time and mental energy on more involved and impactful work while checks are applied more consistently and at scale.</p></li><li><p><b>Systematize code review:</b> Use <a href="https://resources.github.com/devops/tools/" data-analytics-event={"action":"tools","tag":"hyperlink","label":"tools_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">tools</a> such as static application security testing to automate elements of code review. However, human-led code review is still important and it’s critical to ensure your code review checklist covers security issues specific to your technology stack. Create a feedback cycle so each time new information becomes available, it can be built into the checklist. For example, when an incident occurs, consider how the problem could have been caught earlier with a code review or automated test.</p></li></ul><h2 id="devsecops-toolchain">DevSecOps toolchain</h2><p>Adopting DevSecOps starts with a cultural shift that involves making security a core concern of everyone involved in the SDLC. To accomplish this, organizations can adopt new processes and build a DevSecOps toolchain that applies automated security tests and security tooling to the SDLC.</p><p>DevSecOps tooling builds on common DevOps tools such as <a href="https://github.com/resources/articles/devops/ci-cd" data-analytics-event={"action":"cicd","tag":"hyperlink","label":"cicd_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">CI/CD</a>, automated tests, configuration management, and monitoring. The goal is to integrate security-focused tooling into each stage of the product life cycle.</p><h3 id="key-components-of-the-devsecops-toolchain-">Key components of the DevSecOps toolchain </h3><ul><li><p><b>Automated security tests on commits and merges:</b> A basic goal of any DevSecOps practice is to catch code issues before they can do harm by triggering automatic scans using pre-commit and merge triggers. Some of the scans that organizations might implement include:</p><ul><li><p><b>Code scanning:</b> Often called static application security testing, this tool evaluates code at rest—in other words, without running it—to discover code that could lead to a security vulnerability.</p></li><li><p><b>Vulnerability scanning:</b> Dynamic application scanning tools build and deploy the application to a sandboxed environment and then observe how it responds to known security threats.</p></li><li><p><b>Detecting Secrets:</b> Even with the most stringent policies, secrets such as authentication tokens and API keys occasionally make it into a commit. Secret scanning tools are used to catch them before the commit is made. These can pair with software composition analysis (SCA) tools, which are used to check a database of vulnerabilities for specific versions of a dependency and help determine which updated version will remove the vulnerability without causing other problems.</p></li></ul></li></ul><ul><li><p><b>Configuration management:</b></p><p> In DevSecOps, a general rule is that it’s best to remove uncertainty from systems configuration, and this can be accomplished by adopting infrastructure as code. Tools such as Docker, Terraform, and Ansible use YAML and similar configuration files that can be automatically scanned for issues, committed to version control, and rolled out automatically to multiple instances of a service.</p></li></ul><ul><li><p><b>Container orchestration:</b> In some environments, organizations may adopt microservices architecture to better support complex, cloud-native applications. This requires maintaining multiple <a href=" https://resources.github.com/devops/containerization" data-analytics-event={"action":"containers","tag":"hyperlink","label":"containers_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">containers</a> and scaling them as needed and securely—and that involves container orchestration tools. Just like configuration management tools, container orchestration tooling will often use YAML configuration files to dictate interactions between containers.</p></li><li><p><b>Runtime verification:</b> Also known as runtime application self-protection tools, these tools will actively monitor and/or direct threats towards an application as it runs with reports highlighting vulnerabilities.</p></li><li><p><b>Continuous monitoring and reporting:</b> One of the simplest yet highly effective aspects of DevSecOps tooling is measurement—and that involves logging everything at the application and infrastructure level. The best tools will provide real-time intelligence when something goes wrong and include a reporting system so developers can catch issues early. Outbound data from an unexpected port, for example, could indicate a compromise, but without monitoring and reporting it might go undetected.</p></li></ul><h2 id="secure-development-with-devsecops-tools">Secure development with DevSecOps tools</h2><p>Security is a defining issue in software development organizations. Getting it wrong has far-reaching implications—both for the organizations and even the individuals involved. DevSecOps tools help create software securely from the very first step. And building on the well- understood culture and processes of <a href="https://github.com/resources/articles/devops/what-is-devops" data-analytics-event={"action":"devops","tag":"hyperlink","label":"devops_hyperlink_null_null"} target="_blank" rel="noopener noreferrer">DevOps</a> means that, for most businesses, a shift left to secure coding practices is part of DevSecOps implementation.</p></div></div></div></div><div class="Primer_Brand__Grid-module__Grid___q48mT" data-testid="Grid-:R7tb:"><div class="Primer_Brand__Grid-module__Grid__column___HTpsw Primer_Brand__Grid-module__Grid__column--span-12___Tn1Hg"><div class="Primer_Brand__Box-module__Box-narrow-marginBlockStart--64___AU4LW Primer_Brand__Box-module__Box-wide-marginBlockStart--112___M351c"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-128___KJAoH Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><div class="Primer_Brand__Animation-module__Animation___KNtEW Primer_Brand__Animation-module__Animation--scale-in-up___n0qDP"><section class="Primer_Brand__CTABanner-module__CTABanner___m0t8s"><div class="Primer_Brand__CTABanner-module__CTABanner-container___iRzd1 Primer_Brand__CTABanner-module__CTABanner-container--border___FbAer Primer_Brand__CTABanner-module__CTABanner-container--background___v1yTH"><div class="Primer_Brand__CTABanner-module__CTABanner-content___sZo6_ Primer_Brand__CTABanner-module__CTABanner-content--center___S0ChQ"><h3 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--1___Ufc7G">Build your DevSecOps practice on GitHub</h3><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__CTABanner-module__CTABanner-description___I7md6">GitHub is an integrated platform that takes companies from idea to planning to building to production, combining a focused developer experience with powerful, fully managed development, automation, and test infrastructure.<!-- --> </p><section class="Primer_Brand__ButtonGroup-module__ButtonGroup___QQSsj"><a class="Primer_Brand__Button-module__Button___lDruK Primer_Brand__Button-module__Button--primary___xIC7G Primer_Brand__Button-module__Button--size-medium___EyCyw" href="https://github.com/solutions/devsecops" data-analytics-event="{"action":"explore_devsecops_solution","tag":"button","context":"CTAs","location":"build_your_devsecops_practice_on_github","label":"explore_devsecops_solution_button_CTAs_build_your_devsecops_practice_on_github"}"><span class="Primer_Brand__Button-module__Button__text___Z3ocU"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__Text-module__Text--weight-semibold___Ns19j Primer_Brand__Button-module__Button--label___lUBc0 Primer_Brand__Button-module__Button--label-medium___DW2TM Primer_Brand__Button-module__Button--label-primary___Leisi">Explore DevSecOps solution</span></span><span class="Primer_Brand__Button-module__Button__trailing-visual___zg8jd"><svg class="Primer_Brand__ExpandableArrow-module__ExpandableArrow___rkfek Primer_Brand__Button-module__Button-arrow___SkJXQ" width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true" focusable="false" data-testid="Button-expandable-arrow"><path fill="currentColor" d="M7.28033 3.21967C6.98744 2.92678 6.51256 2.92678 6.21967 3.21967C5.92678 3.51256 5.92678 3.98744 6.21967 4.28033L7.28033 3.21967ZM11 8L11.5303 8.53033C11.8232 8.23744 11.8232 7.76256 11.5303 7.46967L11 8ZM6.21967 11.7197C5.92678 12.0126 5.92678 12.4874 6.21967 12.7803C6.51256 13.0732 6.98744 13.0732 7.28033 12.7803L6.21967 11.7197ZM6.21967 4.28033L10.4697 8.53033L11.5303 7.46967L7.28033 3.21967L6.21967 4.28033ZM10.4697 7.46967L6.21967 11.7197L7.28033 12.7803L11.5303 8.53033L10.4697 7.46967Z"></path><path class="Primer_Brand__ExpandableArrow-module__ExpandableArrow-stem___g4mdy" stroke="currentColor" d="M1.75 8H11" stroke-width="1.5" stroke-linecap="round"></path></svg></span></a><a class="Primer_Brand__Button-module__Button___lDruK Primer_Brand__Button-module__Button--secondary___akMC2 Primer_Brand__Button-module__Button--size-medium___EyCyw" href="https://resources.github.com/devops/tools/compare" data-analytics-event="{"action":"compare_devops_solutions","tag":"button","context":"CTAs","location":"build_your_devsecops_practice_on_github","label":"compare_devops_solutions_button_CTAs_build_your_devsecops_practice_on_github"}" data-ref="cta-banner-secondary-action-5tZIC4TSjGfhuf1gZvKrXs"><span class="Primer_Brand__Button-module__Button__text___Z3ocU"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__Text-module__Text--weight-semibold___Ns19j Primer_Brand__Button-module__Button--label___lUBc0 Primer_Brand__Button-module__Button--label-medium___DW2TM Primer_Brand__Button-module__Button--label-secondary___DRJoJ">Compare DevOps solutions</span></span></a></section></div></div></section></div><section><div class="Primer_Brand__Animation-module__Animation___KNtEW Primer_Brand__Animation-module__Animation--scale-in-up___n0qDP"><section class="Primer_Brand__FAQ-module__FAQ___R3vLU px-4"><h3 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--3___wsITu Primer_Brand__FAQ-module__FAQ__heading___bH0aG Primer_Brand__FAQ-module__FAQ__heading--center___xMpbW">Frequently asked questions</h3><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"what_does_devsecops_stand_for","tag":"button","location":"frequently_asked_questions","label":"what_does_devsecops_stand_for_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">What does DevSecOps stand for?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">DevSecOps is a combination of the words <b>development</b>, <b>security</b>, and <b>operations</b>, and is a framework for integrating security into every phase of the software development lifecycle (SDLC).</p></div></section></details><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"what_is_the_difference_between_devops_and_devsecops","tag":"button","location":"frequently_asked_questions","label":"what_is_the_difference_between_devops_and_devsecops_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">What is the difference between DevOps and DevSecOps?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">DevOps is a set of practices to improve collaboration between development and operations teams to build software faster, efficiently, and reliably.</p><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">DevSecOps is the evolution of DevOps by integrating security into every step of the software development process. DevSecOps is the practice of building and deploying software that is more secure and compliant by making contributors responsible for code security at every stage of development.</p></div></section></details><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"how_do_organizations_implement_devsecops","tag":"button","location":"frequently_asked_questions","label":"how_do_organizations_implement_devsecops_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">How do organizations implement DevSecOps?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">With careful planning, organizations can implement DevSecOps in seven stages by building a DevSecOps culture and pipeline:</p><ol class="Primer_Brand__list-shared-module__List___dFefs Primer_Brand__OrderedList-module__OrderedList___eCBYV"><li class="Primer_Brand__ListItem-module__ListItem___aFf5u Primer_Brand__ListItem-module__OrderedList__item___BJsQo"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__ListItem-module__ListItem--default___pqfZV"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB"><b>Plan:</b> Start at the earliest stages of planning to design security into every step, analyzing vulnerabilities, and designing strategies to combat security threats.</p></span></li><li class="Primer_Brand__ListItem-module__ListItem___aFf5u Primer_Brand__ListItem-module__OrderedList__item___BJsQo"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__ListItem-module__ListItem--default___pqfZV"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB"><b>Code:</b> Create a culture of security defense with policies that help developers proactively anticipate, navigate, and resolve security and compliance issues.</p></span></li><li class="Primer_Brand__ListItem-module__ListItem___aFf5u Primer_Brand__ListItem-module__OrderedList__item___BJsQo"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__ListItem-module__ListItem--default___pqfZV"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB"><b>Build:</b> Implement automated security checks throughout the SDLC to detect and fix potential vulnerabilities.</p></span></li><li class="Primer_Brand__ListItem-module__ListItem___aFf5u Primer_Brand__ListItem-module__OrderedList__item___BJsQo"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__ListItem-module__ListItem--default___pqfZV"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB"><b>Test:</b> Develop an application security testing strategy and automated testing suite to identify and mitigate security issues along the way.</p></span></li><li class="Primer_Brand__ListItem-module__ListItem___aFf5u Primer_Brand__ListItem-module__OrderedList__item___BJsQo"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__ListItem-module__ListItem--default___pqfZV"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB"><b>Release:</b> An additional layer of automated testing processes helps detect previously unidentified security weaknesses to find and resolve the undiscovered security needles in the code haystack.</p></span></li><li class="Primer_Brand__ListItem-module__ListItem___aFf5u Primer_Brand__ListItem-module__OrderedList__item___BJsQo"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__ListItem-module__ListItem--default___pqfZV"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB"><b>Deploy:</b> At the production stage, developers ensure code has passed testing stage using automated tests and the supporting infrastructure.</p></span></li><li class="Primer_Brand__ListItem-module__ListItem___aFf5u Primer_Brand__ListItem-module__OrderedList__item___BJsQo"><span class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--200___XAIGT Primer_Brand__ListItem-module__ListItem--default___pqfZV"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB"><b>Operate and monitor:</b> After deployment, continuous monitoring can surface unusual activity so it can be understood and addressed. </p></span></li></ol><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB"></p></div></section></details><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"what_is_the_devsecops_process","tag":"button","location":"frequently_asked_questions","label":"what_is_the_devsecops_process_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">What is the DevSecOps process?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">A successful DevSecOps practice includes continuous collaboration, automation, and improvement processes to help teams embed security into every phase of development and build more secure, high-quality software at scale.</p></div></section></details><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"what_tools_are_helpful_for_devsecops","tag":"button","location":"frequently_asked_questions","label":"what_tools_are_helpful_for_devsecops_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">What tools are helpful for DevSecOps?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">Tools that apply automated tests and security to the SDLC are essential to the DevSecOps toolchain and can include automated security tests on commits and mergers, code and vulnerability scanning, configuration management tools, and container orchestration, runtime verification, and continuous monitoring and reporting.</p></div></section></details><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"why_is_devsecops_important","tag":"button","location":"frequently_asked_questions","label":"why_is_devsecops_important_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">Why is DevSecOps important?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">DevSecOps builds on the benefits of DevOps by embedding security into every step of the SDLC. The DevSecOps framework supercharges productivity and drives business efficiency at scale by creating a culture of security defense. When every contributor shares responsibility for code security, software quality and customer experience improve.</p></div></section></details><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"what_is_the_role_of_security_teams_in_devsecops","tag":"button","location":"frequently_asked_questions","label":"what_is_the_role_of_security_teams_in_devsecops_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">What is the role of security teams in DevSecOps?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">In DevSecOps, security is integrated into every phase of software development and becomes systemic, versus phasal. The development team is, in fact, the security team. </p></div></section></details><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"how_does_devsecops_impact_the_software_development_lifecycle","tag":"button","location":"frequently_asked_questions","label":"how_does_devsecops_impact_the_software_development_lifecycle_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">How does DevSecOps impact the software development lifecycle?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">DevSecOps impacts the SDLC by integrating security into every stage of the process, from planning to deployment, and monitoring after deployment. DevSecOps empowers development teams to collaborate, automate, and continuously test and monitor the security of the software.</p></div></section></details><details class="Primer_Brand__Accordion-module__Accordion___M_LPt Primer_Brand__Accordion-module__Accordion--default___wLsHR"><summary class="Primer_Brand__Accordion-module__Accordion__summary___NUIYc Primer_Brand__Accordion-module__Accordion__summary--default___C4Jx_" data-analytics-event="{"action":"what_is_the_devsecops_model","tag":"button","location":"frequently_asked_questions","label":"what_is_the_devsecops_model_button_null_frequently_asked_questions"}"><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--collapsed___spc4w"></span><h4 class="Primer_Brand__Heading-module__Heading___IVpmp Primer_Brand__Heading-module__Heading-font--mona-sans___SCnTx Primer_Brand__Heading-module__Heading--subhead-large____C6GZ">What is the DevSecOps model?</h4><span aria-hidden="true" class="Primer_Brand__Accordion-module__Accordion__summary--expanded___r3Clk"></span></summary><section class="Primer_Brand__Accordion-module__Accordion__content___wMZGe"><div class="Primer_Brand__Stack-module__Stack___tASKe Primer_Brand__Stack-module__Stack--vertical___CFzE7 Primer_Brand__Stack-module__Stack--gap-condensed___Xe9jx Primer_Brand__Stack-module__Stack--padding-none___RCMh9"><p class="Primer_Brand__Text-module__Text___pecHN Primer_Brand__Text-module__Text-font--mona-sans___GpzSG Primer_Brand__Text-module__Text--default___DChoE Primer_Brand__Text-module__Text--300___TBQTB">The DevSecOps model prioritizes security and builds it into all aspects and phases of the development process. The goal of the DevSecOps model is to identify and address security issues and vulnerabilities early, and to embed security practices from concept to deployment, making security a systemic, integral priority throughout the SDLC.</p></div></section></details></section><script type="application/ld+json">{"@context":"https://schema.org","@type":"FAQPage","mainEntity":[{"@type":"Question","name":"What does DevSecOps stand for?","acceptedAnswer":{"@type":"Answer","text":"<p>DevSecOps is a combination of the words <b>development</b>, <b>security</b>, and <b>operations</b>, and is a framework for integrating security into every phase of the software development lifecycle (SDLC).</p>"}},{"@type":"Question","name":"What is the difference between DevOps and DevSecOps?","acceptedAnswer":{"@type":"Answer","text":"<p>DevOps is a set of practices to improve collaboration between development and operations teams to build software faster, efficiently, and reliably.</p><p>DevSecOps is the evolution of DevOps by integrating security into every step of the software development process. DevSecOps is the practice of building and deploying software that is more secure and compliant by making contributors responsible for code security at every stage of development.</p>"}},{"@type":"Question","name":"How do organizations implement DevSecOps?","acceptedAnswer":{"@type":"Answer","text":"<p>With careful planning, organizations can implement DevSecOps in seven stages by building a DevSecOps culture and pipeline:</p><ol><li><p><b>Plan:</b> Start at the earliest stages of planning to design security into every step, analyzing vulnerabilities, and designing strategies to combat security threats.</p></li><li><p><b>Code:</b> Create a culture of security defense with policies that help developers proactively anticipate, navigate, and resolve security and compliance issues.</p></li><li><p><b>Build:</b> Implement automated security checks throughout the SDLC to detect and fix potential vulnerabilities.</p></li><li><p><b>Test:</b> Develop an application security testing strategy and automated testing suite to identify and mitigate security issues along the way.</p></li><li><p><b>Release:</b> An additional layer of automated testing processes helps detect previously unidentified security weaknesses to find and resolve the undiscovered security needles in the code haystack.</p></li><li><p><b>Deploy:</b> At the production stage, developers ensure code has passed testing stage using automated tests and the supporting infrastructure.</p></li><li><p><b>Operate and monitor:</b> After deployment, continuous monitoring can surface unusual activity so it can be understood and addressed. </p></li></ol><p></p>"}},{"@type":"Question","name":"What is the DevSecOps process?","acceptedAnswer":{"@type":"Answer","text":"<p>A successful DevSecOps practice includes continuous collaboration, automation, and improvement processes to help teams embed security into every phase of development and build more secure, high-quality software at scale.</p>"}},{"@type":"Question","name":"What tools are helpful for DevSecOps?","acceptedAnswer":{"@type":"Answer","text":"<p>Tools that apply automated tests and security to the SDLC are essential to the DevSecOps toolchain and can include automated security tests on commits and mergers, code and vulnerability scanning, configuration management tools, and container orchestration, runtime verification, and continuous monitoring and reporting.</p>"}},{"@type":"Question","name":"Why is DevSecOps important?","acceptedAnswer":{"@type":"Answer","text":"<p>DevSecOps builds on the benefits of DevOps by embedding security into every step of the SDLC. The DevSecOps framework supercharges productivity and drives business efficiency at scale by creating a culture of security defense. When every contributor shares responsibility for code security, software quality and customer experience improve.</p>"}},{"@type":"Question","name":"What is the role of security teams in DevSecOps?","acceptedAnswer":{"@type":"Answer","text":"<p>In DevSecOps, security is integrated into every phase of software development and becomes systemic, versus phasal. The development team is, in fact, the security team. </p>"}},{"@type":"Question","name":"How does DevSecOps impact the software development lifecycle?","acceptedAnswer":{"@type":"Answer","text":"<p>DevSecOps impacts the SDLC by integrating security into every stage of the process, from planning to deployment, and monitoring after deployment. DevSecOps empowers development teams to collaborate, automate, and continuously test and monitor the security of the software.</p>"}},{"@type":"Question","name":"What is the DevSecOps model?","acceptedAnswer":{"@type":"Answer","text":"<p>The DevSecOps model prioritizes security and builds it into all aspects and phases of the development process. The goal of the DevSecOps model is to identify and address security issues and vulnerabilities early, and to embed security practices from concept to deployment, making security a systemic, integral priority throughout the SDLC.</p>"}}]}</script></div></section></div></div></div></div></div></article></div></section></div></div><script type="application/ld+json">{"@context":"https://schema.org","@type":"Article","headline":"What is DevSecOps?","publisher":{"@type":"Organization","name":"GitHub","logo":"https://github.githubassets.com/images/modules/open_graph/github-logo.png"},"author":{"@type":"Organization","name":"GitHub","url":"https://www.github.com"}}</script></div><script type="application/json" id="__PRIMER_DATA_:R0:__">{"resolvedServerColorMode":"day"}</script></div> </react-app> </main> </div> <footer role="contentinfo" class="footer pt-6 position-relative" data-analytics-visible="{"category":"Footer","action":"visible","label":"text: Marketing footer"}" > <h2 class="sr-only">Site-wide Links</h2> <div class="container-xl p-responsive"> <div class="d-flex flex-wrap py-5 mb-5"> <section class="col-12 col-lg-4 mb-5"> <a href="/" data-analytics-event="{"category":"Footer","action":"go to home","label":"text:home"}" class="color-fg-default d-inline-block" aria-label="Go to GitHub homepage"> <svg height="30" aria-hidden="true" viewBox="0 0 68 24" version="1.1" width="85" data-view-component="true" class="octicon octicon-logo-github footer-logo-mktg width-auto d-block"> <path d="M27.8 17.908h-.03c.013 0 .022.014.035.017l.01-.002-.016-.015Zm.005.017c-.14.001-.49.073-.861.073-1.17 0-1.575-.536-1.575-1.234v-4.652h2.385c.135 0 .24-.12.24-.283V9.302c0-.133-.12-.252-.24-.252H25.37V5.913c0-.119-.075-.193-.21-.193h-3.24c-.136 0-.21.074-.21.193V9.14s-1.636.401-1.741.416a.255.255 0 0 0-.195.253v2.021c0 .164.12.282.255.282h1.665v4.876c0 3.627 2.55 3.998 4.29 3.998.796 0 1.756-.252 1.906-.327.09-.03.135-.134.135-.238v-2.23a.264.264 0 0 0-.219-.265Zm35.549-3.272c0-2.69-1.095-3.047-2.25-2.928-.9.06-1.62.505-1.62.505v5.232s.735.506 1.83.536c1.545.044 2.04-.506 2.04-3.345ZM67 14.415c0 5.099-1.665 6.555-4.576 6.555-2.46 0-3.78-1.233-3.78-1.233s-.06.683-.135.773c-.045.089-.12.118-.21.118h-2.22c-.15 0-.286-.119-.286-.252l.03-16.514a.26.26 0 0 1 .255-.252h3.196a.26.26 0 0 1 .255.252v5.604s1.23-.788 3.03-.788l-.015-.03c1.8 0 4.456.67 4.456 5.767ZM53.918 9.05h-3.15c-.165 0-.255.119-.255.282v8.086s-.826.58-1.95.58c-1.126 0-1.456-.506-1.456-1.62v-7.06a.262.262 0 0 0-.255-.254h-3.21a.262.262 0 0 0-.256.253v7.596c0 3.27 1.846 4.087 4.381 4.087 2.085 0 3.78-1.145 3.78-1.145s.076.58.12.67c.03.074.136.133.24.133h2.011a.243.243 0 0 0 .255-.253l.03-11.103c0-.133-.12-.252-.285-.252Zm-35.556-.015h-3.195c-.135 0-.255.134-.255.297v10.91c0 .297.195.401.45.401h2.88c.3 0 .375-.134.375-.401V9.287a.262.262 0 0 0-.255-.252ZM16.787 4.01c-1.155 0-2.07.907-2.07 2.051 0 1.145.915 2.051 2.07 2.051a2.04 2.04 0 0 0 2.04-2.05 2.04 2.04 0 0 0-2.04-2.052Zm24.74-.372H38.36a.262.262 0 0 0-.255.253v6.08H33.14v-6.08a.262.262 0 0 0-.255-.253h-3.196a.262.262 0 0 0-.255.253v16.514c0 .133.135.252.255.252h3.196a.262.262 0 0 0 .255-.253v-7.06h4.966l-.03 7.06c0 .134.12.253.255.253h3.195a.262.262 0 0 0 .255-.253V3.892a.262.262 0 0 0-.255-.253Zm-28.31 7.313v8.532c0 .06-.015.163-.09.193 0 0-1.875 1.323-4.966 1.323C4.426 21 0 19.84 0 12.2S3.87 2.986 7.651 3c3.27 0 4.59.728 4.8.862.06.075.09.134.09.208l-.63 2.646c0 .134-.134.297-.3.253-.54-.164-1.35-.49-3.255-.49-2.205 0-4.575.623-4.575 5.543s2.25 5.5 3.87 5.5c1.38 0 1.875-.164 1.875-.164V13.94H7.321c-.165 0-.285-.12-.285-.253v-2.735c0-.134.12-.252.285-.252h5.61c.166 0 .286.118.286.252Z"></path> </svg> </a> <h3 class="h5 mt-4 mb-0" id="subscribe-to-newsletter">Subscribe to our developer newsletter</h3> <p class="f5 color-fg-muted mb-3">Get tips, technical guides, and best practices. Twice a month. Right in your inbox.</p> <a class="btn-mktg mb-4 btn-muted-mktg" data-analytics-event="{"category":"Subscribe","action":"click to Subscribe","label":"ref_cta:Subscribe;"}" href="https://resources.github.com/newsletter/"> Subscribe </a> </section> <nav class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4" aria-labelledby="footer-title-product"> <h3 class="h5 mb-3 text-mono color-fg-muted text-normal" id="footer-title-product"> Product </h3> <ul class="list-style-none color-fg-muted f5"> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"features","context":"product","tag":"link","label":"features_link_product_footer"}" href="/features">Features</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"enterprise","context":"product","tag":"link","label":"enterprise_link_product_footer"}" href="/enterprise">Enterprise</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"copilot","context":"product","tag":"link","label":"copilot_link_product_footer"}" href="/features/copilot">Copilot</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"security","context":"product","tag":"link","label":"security_link_product_footer"}" href="/security">Security</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"pricing","context":"product","tag":"link","label":"pricing_link_product_footer"}" href="/pricing">Pricing</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"team","context":"product","tag":"link","label":"team_link_product_footer"}" href="/team">Team</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"resources","context":"product","tag":"link","label":"resources_link_product_footer"}" href="https://resources.github.com">Resources</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"roadmap","context":"product","tag":"link","label":"roadmap_link_product_footer"}" href="https://github.com/github/roadmap">Roadmap</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"compare","context":"product","tag":"link","label":"compare_link_product_footer"}" href="https://resources.github.com/devops/tools/compare">Compare GitHub</a> </li> </ul> </nav> <nav class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4" aria-labelledby="footer-title-platform"> <h3 class="h5 mb-3 text-mono color-fg-muted text-normal" id="footer-title-platform"> Platform </h3> <ul class="list-style-none f5"> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"dev-api","context":"platform","tag":"link","label":"dev-api_link_platform_footer"}" href="https://docs.github.com/get-started/exploring-integrations/about-building-integrations">Developer API</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"partners","context":"platform","tag":"link","label":"partners_link_platform_footer"}" href="https://partner.github.com">Partners</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"edu","context":"platform","tag":"link","label":"edu_link_platform_footer"}" href="https://github.com/edu">Education</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"cli","context":"platform","tag":"link","label":"cli_link_platform_footer"}" href="https://cli.github.com">GitHub CLI</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"desktop","context":"platform","tag":"link","label":"desktop_link_platform_footer"}" href="https://desktop.github.com">GitHub Desktop</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"mobile","context":"platform","tag":"link","label":"mobile_link_platform_footer"}" href="https://github.com/mobile">GitHub Mobile</a> </li> </ul> </nav> <nav class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4" aria-labelledby="footer-title-support"> <h3 class="h5 mb-3 text-mono color-fg-muted text-normal" id="footer-title-support"> Support </h3> <ul class="list-style-none f5"> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"docs","context":"support","tag":"link","label":"docs_link_support_footer"}" href="https://docs.github.com">Docs</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"community","context":"support","tag":"link","label":"community_link_support_footer"}" href="https://github.community">Community Forum</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"services","context":"support","tag":"link","label":"services_link_support_footer"}" href="https://services.github.com">Professional Services</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"premium_support","context":"support","tag":"link","label":"premium_support_link_support_footer"}" href="/enterprise/premium-support">Premium Support</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"skills","context":"support","tag":"link","label":"skills_link_support_footer"}" href="https://skills.github.com">Skills</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"status","context":"support","tag":"link","label":"status_link_support_footer"}" href="https://www.githubstatus.com">Status</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"contact_github","context":"support","tag":"link","label":"contact_github_link_support_footer"}" href="https://support.github.com?tags=dotcom-footer">Contact GitHub</a> </li> </ul> </nav> <nav class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4" aria-labelledby="footer-title-company"> <h3 class="h5 mb-3 text-mono color-fg-muted text-normal" id="footer-title-company"> Company </h3> <ul class="list-style-none f5"> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"about","context":"company","tag":"link","label":"about_link_company_footer"}" href="https://github.com/about">About</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"customer_stories","context":"company","tag":"link","label":"customer_stories_link_company_footer"}" href="/customer-stories?type=enterprise">Customer stories</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"blog","context":"company","tag":"link","label":"blog_link_company_footer"}" href="https://github.blog">Blog</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"readme","context":"company","tag":"link","label":"readme_link_company_footer"}" href="/readme">The ReadME Project</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"careers","context":"company","tag":"link","label":"careers_link_company_footer"}" href="https://github.careers">Careers</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"newsroom","context":"company","tag":"link","label":"newsroom_link_company_footer"}" href="/newsroom">Newsroom</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"inclusion","context":"company","tag":"link","label":"inclusion_link_company_footer"}" href="/about/diversity">Inclusion</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"social_impact","context":"company","tag":"link","label":"social_impact_link_company_footer"}" href="https://socialimpact.github.com">Social Impact</a> </li> <li class="lh-condensed mb-3"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"shop","context":"company","tag":"link","label":"shop_link_company_footer"}" href="https://shop.github.com">Shop</a> </li> </ul> </nav> </div> </div> <div class="color-bg-subtle"> <div class="container-xl p-responsive f6 py-4 d-md-flex flex-justify-between flex-items-center"> <nav aria-label="Legal and Resource Links"> <ul class="list-style-none d-flex flex-wrap color-fg-muted"> <li class="mx-2"> © <time datetime="2024">2024</time> GitHub, Inc. </li> <li class="mx-2"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"terms","context":"subfooter","tag":"link","label":"terms_link_subfooter_footer"}" href="https://docs.github.com/site-policy/github-terms/github-terms-of-service">Terms</a> </li> <li class="mx-2"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"privacy","context":"subfooter","tag":"link","label":"privacy_link_subfooter_footer"}" href="https://docs.github.com/site-policy/privacy-policies/github-privacy-statement">Privacy</a> (<a href="https://github.com/github/site-policy/pull/582" class="Link--secondary">Updated <time datetime="2022-08">02/2024</time></a>) </li> <li class="mx-2"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"sitemap","context":"subfooter","tag":"link","label":"sitemap_link_subfooter_footer"}" href="/sitemap">Sitemap</a> </li> <li class="mx-2"> <a class="Link--secondary" data-analytics-event="{"location":"footer","action":"what_is_git","context":"subfooter","tag":"link","label":"what_is_git_link_subfooter_footer"}" href="/git-guides">What is Git?</a> </li> <li class="mx-2" > <cookie-consent-link> <button type="button" class="Link--secondary underline-on-hover border-0 p-0 color-bg-transparent" data-action="click:cookie-consent-link#showConsentManagement" data-analytics-event="{"location":"footer","action":"cookies","context":"subfooter","tag":"link","label":"cookies_link_subfooter_footer"}" > Manage cookies </button> </cookie-consent-link> </li> <li class="mx-2"> <cookie-consent-link> <button type="button" class="Link--secondary underline-on-hover border-0 p-0 color-bg-transparent" data-action="click:cookie-consent-link#showConsentManagement" data-analytics-event="{"location":"footer","action":"dont_share_info","context":"subfooter","tag":"link","label":"dont_share_info_link_subfooter_footer"}" > Do not share my personal information </button> </cookie-consent-link> </li> </ul> </nav> <nav aria-label="GitHub's Social Media Links" class="mt-3 mt-md-0"> <ul class="list-style-none d-flex flex-items-center lh-condensed-ultra"> <li class="ml-md-3"> <a href="https://x.com/github" class="footer-social-icon d-block Link--outlineOffset" data-analytics-event="{"category":"Footer","action":"go to X","label":"text:text:x"}"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 1227" fill="currentColor" aria-hidden="true" class="d-block" width="16" height="16"><path d="M714.163 519.284 1160.89 0h-105.86L667.137 450.887 357.328 0H0l468.492 681.821L0 1226.37h105.866l409.625-476.152 327.181 476.152H1200L714.137 519.284h.026ZM569.165 687.828l-47.468-67.894-377.686-540.24h162.604l304.797 435.991 47.468 67.894 396.2 566.721H892.476L569.165 687.854v-.026Z"></path></svg> <span class="sr-only">GitHub on X</span> </a> </li> <li class="ml-3"> <a href="https://www.facebook.com/GitHub" class="footer-social-icon d-block Link--outlineOffset" data-analytics-event="{"category":"Footer","action":"go to Facebook","label":"text:text:facebook"}"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 15.3 15.4" aria-hidden="true" class="d-block" width="18" height="18"><path d="M14.5 0H.8a.88.88 0 0 0-.8.9v13.6a.88.88 0 0 0 .8.9h7.3v-6h-2V7.1h2V5.4a2.87 2.87 0 0 1 2.5-3.1h.5a10.87 10.87 0 0 1 1.8.1v2.1h-1.3c-1 0-1.1.5-1.1 1.1v1.5h2.3l-.3 2.3h-2v5.9h3.9a.88.88 0 0 0 .9-.8V.8a.86.86 0 0 0-.8-.8z" fill="currentColor"></path></svg> <span class="sr-only">GitHub on Facebook</span> </a> </li> <li class="ml-3"> <a href="https://www.linkedin.com/company/github" class="footer-social-icon d-block Link--outlineOffset" data-analytics-event="{"category":"Footer","action":"go to Linkedin","label":"text:text:linkedin"}"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19 18" aria-hidden="true" class="d-block" width="19" height="18"><path d="M3.94 2A2 2 0 1 1 2 0a2 2 0 0 1 1.94 2zM4 5.48H0V18h4zm6.32 0H6.34V18h3.94v-6.57c0-3.66 4.77-4 4.77 0V18H19v-7.93c0-6.17-7.06-5.94-8.72-2.91z" fill="currentColor"></path></svg> <span class="sr-only">GitHub on LinkedIn</span> </a> </li> <li class="ml-3"> <a href="https://www.youtube.com/github" class="footer-social-icon d-block Link--outlineOffset" data-analytics-event="{"category":"Footer","action":"go to YouTube","label":"text:text:youtube"}"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.17 13.6" aria-hidden="true" class="d-block" width="23" height="16"><path d="M18.77 2.13A2.4 2.4 0 0 0 17.09.42C15.59 0 9.58 0 9.58 0a57.55 57.55 0 0 0-7.5.4A2.49 2.49 0 0 0 .39 2.13 26.27 26.27 0 0 0 0 6.8a26.15 26.15 0 0 0 .39 4.67 2.43 2.43 0 0 0 1.69 1.71c1.52.42 7.5.42 7.5.42a57.69 57.69 0 0 0 7.51-.4 2.4 2.4 0 0 0 1.68-1.71 25.63 25.63 0 0 0 .4-4.67 24 24 0 0 0-.4-4.69zM7.67 9.71V3.89l5 2.91z" fill="currentColor"></path></svg> <span class="sr-only">GitHub on YouTube</span> </a> </li> <li class="ml-3"> <a href="https://www.twitch.tv/github" class="footer-social-icon d-block Link--outlineOffset" data-analytics-event="{"category":"Footer","action":"go to Twitch","label":"text:text:twitch"}"> <svg xmlns="http://www.w3.org/2000/svg" role="img" viewBox="0 0 24 24" aria-hidden="true" class="d-block" width="18" height="18"><title>Twitch</title><path d="M11.571 4.714h1.715v5.143H11.57zm4.715 0H18v5.143h-1.714zM6 0L1.714 4.286v15.428h5.143V24l4.286-4.286h3.428L22.286 12V0zm14.571 11.143l-3.428 3.428h-3.429l-3 3v-3H6.857V1.714h13.714Z" fill="currentColor"></path></svg> <span class="sr-only">GitHub on Twitch</span> </a> </li> <li class="ml-3"> <a href="https://www.tiktok.com/@github" class="footer-social-icon d-block Link--outlineOffset" data-analytics-event="{"category":"Footer","action":"go to tiktok","label":"text:text:tiktok"}"> <svg xmlns="http://www.w3.org/2000/svg" role="img" viewBox="0 0 24 24" aria-hidden="true" class="d-block" width="18" height="18"><title>TikTok</title><path d="M12.525.02c1.31-.02 2.61-.01 3.91-.02.08 1.53.63 3.09 1.75 4.17 1.12 1.11 2.7 1.62 4.24 1.79v4.03c-1.44-.05-2.89-.35-4.2-.97-.57-.26-1.1-.59-1.62-.93-.01 2.92.01 5.84-.02 8.75-.08 1.4-.54 2.79-1.35 3.94-1.31 1.92-3.58 3.17-5.91 3.21-1.43.08-2.86-.31-4.08-1.03-2.02-1.19-3.44-3.37-3.65-5.71-.02-.5-.03-1-.01-1.49.18-1.9 1.12-3.72 2.58-4.96 1.66-1.44 3.98-2.13 6.15-1.72.02 1.48-.04 2.96-.04 4.44-.99-.32-2.15-.23-3.02.37-.63.41-1.11 1.04-1.36 1.75-.21.51-.15 1.07-.14 1.61.24 1.64 1.82 3.02 3.5 2.87 1.12-.01 2.19-.66 2.77-1.61.19-.33.4-.67.41-1.06.1-1.79.06-3.57.07-5.36.01-4.03-.01-8.05.02-12.07z" fill="currentColor"></path></svg> <span class="sr-only">GitHub on TikTok</span> </a> </li> <li class="ml-3"> <a href="https://github.com/github" class="footer-social-icon d-block Link--outlineOffset" data-analytics-event="{"category":"Footer","action":"go to github's org","label":"text:text:github"}"> <svg xmlns="http://www.w3.org/2000/svg" height="20" viewBox="0 0 16 16" width="20" aria-hidden="true" class="d-block"><path fill="currentColor" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"></path></svg> <span class="sr-only">GitHub’s organization on GitHub</span> </a> </li> </ul> </nav> </div> </div> </footer> <microsoft-analytics> </microsoft-analytics> <fullstory-capture data-fs-script-domain="https://github.githubassets.com"> </fullstory-capture> <ghcc-consent id="ghcc" class="position-fixed bottom-0 left-0" style="z-index: 999999" data-initial-cookie-consent-allowed="true" data-cookie-consent-required="false"></ghcc-consent> <div id="ajax-error-message" class="ajax-error-message flash flash-error" hidden> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-alert"> <path d="M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path> </svg> <button type="button" class="flash-close js-ajax-error-dismiss" aria-label="Dismiss error"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg> </button> You can’t perform that action at this time. </div> <template id="site-details-dialog"> <details class="details-reset details-overlay details-overlay-dark lh-default color-fg-default hx_rsm" open> <summary role="button" aria-label="Close dialog"></summary> <details-dialog class="Box Box--overlay d-flex flex-column anim-fade-in fast hx_rsm-dialog hx_rsm-modal"> <button class="Box-btn-octicon m-0 btn-octicon position-absolute right-0 top-0" type="button" aria-label="Close dialog" data-close-dialog> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg> </button> <div class="octocat-spinner my-6 js-details-dialog-spinner"></div> </details-dialog> </details> </template> <div class="Popover js-hovercard-content position-absolute" style="display: none; outline: none;"> <div class="Popover-message Popover-message--bottom-left Popover-message--large Box color-shadow-large" style="width:360px;"> </div> </div> <template id="snippet-clipboard-copy-button"> <div class="zeroclipboard-container position-absolute right-0 top-0"> <clipboard-copy aria-label="Copy" class="ClipboardButton btn js-clipboard-copy m-2 p-0" data-copy-feedback="Copied!" data-tooltip-direction="w"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-copy js-clipboard-copy-icon m-2"> <path d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 0 1 0 1.5h-1.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-1.5a.75.75 0 0 1 1.5 0v1.5A1.75 1.75 0 0 1 9.25 16h-7.5A1.75 1.75 0 0 1 0 14.25Z"></path><path d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0 1 14.25 11h-7.5A1.75 1.75 0 0 1 5 9.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path> </svg> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-check js-clipboard-check-icon color-fg-success d-none m-2"> <path d="M13.78 4.22a.75.75 0 0 1 0 1.06l-7.25 7.25a.75.75 0 0 1-1.06 0L2.22 9.28a.751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018L6 10.94l6.72-6.72a.75.75 0 0 1 1.06 0Z"></path> </svg> </clipboard-copy> </div> </template> <template id="snippet-clipboard-copy-button-unpositioned"> <div class="zeroclipboard-container"> <clipboard-copy aria-label="Copy" class="ClipboardButton btn btn-invisible js-clipboard-copy m-2 p-0 d-flex flex-justify-center flex-items-center" data-copy-feedback="Copied!" data-tooltip-direction="w"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-copy js-clipboard-copy-icon"> <path d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 0 1 0 1.5h-1.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-1.5a.75.75 0 0 1 1.5 0v1.5A1.75 1.75 0 0 1 9.25 16h-7.5A1.75 1.75 0 0 1 0 14.25Z"></path><path d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0 1 14.25 11h-7.5A1.75 1.75 0 0 1 5 9.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path> </svg> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-check js-clipboard-check-icon color-fg-success d-none"> <path d="M13.78 4.22a.75.75 0 0 1 0 1.06l-7.25 7.25a.75.75 0 0 1-1.06 0L2.22 9.28a.751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018L6 10.94l6.72-6.72a.75.75 0 0 1 1.06 0Z"></path> </svg> </clipboard-copy> </div> </template> </div> <div id="js-global-screen-reader-notice" class="sr-only mt-n1" aria-live="polite" aria-atomic="true" ></div> <div id="js-global-screen-reader-notice-assertive" class="sr-only mt-n1" aria-live="assertive" aria-atomic="true"></div> </body> </html>