CINXE.COM

<!doctype html> <html lang="en-US" class="mt-0"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <link rel="icon" type="image/x-icon" href="https://github.githubassets.com/favicon.ico"> <meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' />  <title>security-and-compliance - GitHub Changelog</title> <link rel="canonical" href="https://github.blog/changelog/label/security-and-compliance/" /> <link rel="next" href="https://github.blog/changelog/label/security-and-compliance/page/2/" /> <meta property="og:locale" content="en_US" /> <meta property="og:type" content="article" /> <meta property="og:title" content="security-and-compliance · GitHub Changelog" /> <meta property="og:url" content="https://github.blog/changelog/label/security-and-compliance/" /> <meta property="og:site_name" content="The GitHub Blog" /> <meta name="twitter:card" content="summary_large_image" /> <script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"CollectionPage","@id":"https://github.blog/changelog/label/security-and-compliance/","url":"https://github.blog/changelog/label/security-and-compliance/","name":"security-and-compliance Archives - The GitHub Blog","isPartOf":{"@id":"https://github.blog/#website"},"breadcrumb":{"@id":"https://github.blog/changelog/label/security-and-compliance/#breadcrumb"},"inLanguage":"en-US"},{"@type":"BreadcrumbList","@id":"https://github.blog/changelog/label/security-and-compliance/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://github.blog/"},{"@type":"ListItem","position":2,"name":"security-and-compliance"}]},{"@type":"WebSite","@id":"https://github.blog/#website","url":"https://github.blog/","name":"The GitHub Blog","description":"Updates, ideas, and inspiration from GitHub to help developers build and design software.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https://github.blog/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}</script>  <link rel='dns-prefetch' href='//ghcc.githubassets.com' /> <link rel='dns-prefetch' href='//js.monitor.azure.com' /> <link rel='dns-prefetch' href='//analytics.githubassets.com' /> <link rel='dns-prefetch' href='//stats.wp.com' /> <link rel='dns-prefetch' href='//v0.wordpress.com' /> <link rel="alternate" type="application/rss+xml" title="The GitHub Blog » Feed" href="https://github.blog/feed/" /> <link rel="alternate" type="application/rss+xml" title="The GitHub Blog » Comments Feed" href="https://github.blog/comments/feed/" /> <link rel="alternate" type="application/rss+xml" title="The GitHub Blog » security-and-compliance Label Feed" href="https://github.blog/changelog/label/security-and-compliance/feed/" /> <script> window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/github.blog\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.6.2"}}; /*! This file is auto-generated */ !function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\u2b1b","\ud83d\udc26\u200b\u2b1b")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings); </script> <style id='wp-emoji-styles-inline-css'> img.wp-smiley, img.emoji { display: inline !important; border: none !important; box-shadow: none !important; height: 1em !important; width: 1em !important; margin: 0 0.07em !important; vertical-align: -0.1em !important; background: none !important; padding: 0 !important; } </style> <link rel='stylesheet' id='all-css-2' href='https://github.blog/wp-includes/css/dist/block-library/style.min.css?m=1732206008g' type='text/css' media='all' /> <style id='co-authors-plus-coauthors-style-inline-css'> .wp-block-co-authors-plus-coauthors.is-layout-flow [class*=wp-block-co-authors-plus]{display:inline} </style> <style id='co-authors-plus-avatar-style-inline-css'> .wp-block-co-authors-plus-avatar :where(img){height:auto;max-width:100%;vertical-align:bottom}.wp-block-co-authors-plus-coauthors.is-layout-flow .wp-block-co-authors-plus-avatar :where(img){vertical-align:middle}.wp-block-co-authors-plus-avatar:is(.alignleft,.alignright){display:table}.wp-block-co-authors-plus-avatar.aligncenter{display:table;margin-inline:auto} </style> <style id='co-authors-plus-image-style-inline-css'> .wp-block-co-authors-plus-image{margin-bottom:0}.wp-block-co-authors-plus-image :where(img){height:auto;max-width:100%;vertical-align:bottom}.wp-block-co-authors-plus-coauthors.is-layout-flow .wp-block-co-authors-plus-image :where(img){vertical-align:middle}.wp-block-co-authors-plus-image:is(.alignfull,.alignwide) :where(img){width:100%}.wp-block-co-authors-plus-image:is(.alignleft,.alignright){display:table}.wp-block-co-authors-plus-image.aligncenter{display:table;margin-inline:auto} </style> <style id='safe-svg-svg-icon-style-inline-css'> .safe-svg-cover{text-align:center}.safe-svg-cover .safe-svg-inside{display:inline-block;max-width:100%}.safe-svg-cover svg{height:100%;max-height:100%;max-width:100%;width:100%} </style> <style id='jetpack-sharing-buttons-style-inline-css'> .jetpack-sharing-buttons__services-list{display:flex;flex-direction:row;flex-wrap:wrap;gap:0;list-style-type:none;margin:5px;padding:0}.jetpack-sharing-buttons__services-list.has-small-icon-size{font-size:12px}.jetpack-sharing-buttons__services-list.has-normal-icon-size{font-size:16px}.jetpack-sharing-buttons__services-list.has-large-icon-size{font-size:24px}.jetpack-sharing-buttons__services-list.has-huge-icon-size{font-size:36px}@media print{.jetpack-sharing-buttons__services-list{display:none!important}}.editor-styles-wrapper .wp-block-jetpack-sharing-buttons{gap:0;padding-inline-start:0}ul.jetpack-sharing-buttons__services-list.has-background{padding:1.25em 2.375em} </style> <style id='classic-theme-styles-inline-css'> /*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} </style> <style id='global-styles-inline-css'> :root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} :root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='all-css-20' href='https://github.blog/_static/??/wp-content/plugins/wp-menu-image/assets/css/wmi-front-style.css,/wp-content/themes/github-2021/dist/css/site-script.css?m=1732205351' type='text/css' media='all' /> <link rel="https://api.w.org/" href="https://github.blog/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://github.blog/wp-json/wp/v2/label/1746" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://github.blog/xmlrpc.php?rsd" /> <meta name="generator" content="WordPress 6.6.2" /> <style>img#wpstats{display:none}</style> <meta name="ha-url" content="https://collector.githubapp.com/github-blog/collect"><link rel="preload" href="https://github.blog/wp-content/themes/github-2021/dist/fonts/alliance/Alliance-No-1-ExtraBold.woff2" as="font" type="font/woff2" crossorigin="anonymous"><link rel="preload" href="https://github.blog/wp-content/themes/github-2021/dist/fonts/alliance/Alliance-No-1-Bold.woff2" as="font" type="font/woff2" crossorigin="anonymous"><link rel="preload" href="https://github.blog/wp-content/themes/github-2021/dist/fonts/alliance/Alliance-No-1-SemiBold.woff2" as="font" type="font/woff2" crossorigin="anonymous"><link rel="preload" href="https://github.blog/wp-content/themes/github-2021/dist/fonts/alliance/Alliance-No-1-Regular.woff2" as="font" type="font/woff2" crossorigin="anonymous"><link rel="icon" href="https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=32%2C32" sizes="32x32" /> <link rel="icon" href="https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=192%2C192" sizes="192x192" /> <link rel="apple-touch-icon" href="https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=180%2C180" /> <meta name="msapplication-TileImage" content="https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=270%2C270" /> <style id="wp-custom-css"> .post__content { word-break: break-word; } </style> </head> <body class="archive tax-changelog-label term-security-and-compliance term-1746 font-mktg hfeed no-sidebar"> <div data-color-mode="dark" data-light-theme="light" data-dark-theme="dark_dimmed" class="pt-header pt-lg-0"> <header id="header" class="header position-fixed position-lg-static pb-lg-header z-4 top-0 left-0 right-0 d-flex flex-column flex-items-stretch color-bg-default"> <a href="#start-of-content" class="p-3 color-bg-accent-emphasis color-fg-on-emphasis show-on-focus"> Skip to content </a> <div class="position-relative container-xl width-full mx-auto p-responsive-blog"> <div class="d-flex flex-items-center flex-justify-between pt-3 pb-3 color-fg-default"> <a href="https://github.com" target="_blank" rel="noreferrer" aria-label="GitHub homepage" class="Header-link position-relative d-flex flex-items-center color-fg-default"> <svg aria-hidden="true" role="presentation" class="nav-back-arrow position-absolute d-block" viewBox="0 0 24 24" width="32" height="32" fill="currentColor"><path fill-rule="evenodd" d="M15.28 5.22a.75.75 0 00-1.06 0l-6.25 6.25a.75.75 0 000 1.06l6.25 6.25a.75.75 0 101.06-1.06L9.56 12l5.72-5.72a.75.75 0 000-1.06z"></path></svg> <svg aria-hidden="true" role="img" class="octicon octicon-mark-github d-block" viewBox="0 0 16 16" width="32" height="32" fill="currentColor"><path fill-rule="evenodd" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"></path></svg> </a> <span class="d-inline-block ml-2 f1-mktg f2-md-mktg" style="opacity: 0.3;">/</span> <a class="d-inline-block Header-link font-weight-semibold ml-2 f2 color-fg-default" href="https://github.blog/"> Blog</a> <nav class="d-none d-lg-block" aria-label="Secondary navigation"> <ul id="secondary-navigation" class="secondary-navigation flex-items-center flex-nowrap list-style-none ml-4" aria-hidden="false"><li id="menu-item-78809"><a href="https://github.blog/changelog/" class="position-relative d-flex flex-items-center flex-start no-wrap py-2 px-4 f4 lh-condensed-ultra Link--secondary color-fg-default text-medium">Changelog</a></li> <li id="menu-item-78810"><a href="https://docs.github.com/" class="position-relative d-flex flex-items-center flex-start no-wrap py-2 px-4 f4 lh-condensed-ultra Link--secondary color-fg-default text-medium">Docs<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-down position-absolute right-0 d-block ml-1 mt-1" role="presentation"><path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path></svg></a></li> <li id="menu-item-78811"><a href="https://github.com/customer-stories" class="position-relative d-flex flex-items-center flex-start no-wrap py-2 px-4 f4 lh-condensed-ultra Link--secondary color-fg-default text-medium">Customer stories<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-down position-absolute right-0 d-block ml-1 mt-1" role="presentation"><path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path></svg></a></li> </ul></nav> <div class="d-none d-lg-flex flex-1"> <form id="desktop-search" class="desktop-search position-relative ml-lg-4 flex-1" action="https://github.blog" method="get" aria-hidden="true" aria-label="Search form" role="search"> <div class="position-relative d-flex flex-1 height-full color-bg-transparent" data-color-mode="light" data-light-theme="light" data-dark-theme="dark" > <input aria-label="Search the blog" type="search" class="p-2 pl-3 pr-6 border-0 rounded-2 flex-1" placeholder="Search the blog…" value="" name="s" id="search-input"> <button type="submit" class="position-absolute right-0 z-3 d-flex flex-items-center flex-justify-center flex-self-center mr-2 p-2 border-0 rounded-2 color-bg-transparent color-fg-subtle" aria-label="Search"> <svg viewBox="0 0 16 16" width="20" height="20" class="octicon octicon-search" role="presentation"><path fill-rule="evenodd" d="M11.5 7a4.499 4.499 0 11-8.998 0A4.499 4.499 0 0111.5 7zm-.82 4.74a6 6 0 111.06-1.06l3.04 3.04a.75.75 0 11-1.06 1.06l-3.04-3.04z"></path></svg> </button> </div> </form> <button aria-label="Toggle search" class="flex-self-center ml-auto p-2 border-0 color-bg-transparent color-fg-default rounded-3 js-toggle" aria-controls="desktop-search" aria-expanded="false" > <svg viewBox="0 0 24 24" width="24" height="24" class="octicon octicon-search" role="presentation"><path d="M10.25 2a8.25 8.25 0 0 1 6.34 13.53l5.69 5.69a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215l-5.69-5.69A8.25 8.25 0 1 1 10.25 2ZM3.5 10.25a6.75 6.75 0 1 0 13.5 0 6.75 6.75 0 0 0-13.5 0Z"></path></svg> <svg viewBox="2 2 20 20" width="24" height="24" class="octicon octicon-x" role="presentation"><path d="M5.72 5.72a.75.75 0 0 1 1.06 0L12 10.94l5.22-5.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L13.06 12l5.22 5.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L12 13.06l-5.22 5.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L10.94 12 5.72 6.78a.75.75 0 0 1 0-1.06Z"></path></svg> </button> <a data-analytics-click="Blog, click on button, text: Try GitHub Copilot; ref_location:top nav;" class="no-wrap btn-mktg font-weight-semibold ml-3 js-header-cta header-cta" href="https://docs.github.com/en/copilot/quickstart?utm_source=github&utm_medium=blog&utm_campaign=topnav" target="_blank">Try GitHub Copilot</a> <a data-analytics-click="Blog, click on button, text: Contact sales; ref_location:top nav;" class="no-wrap btn-mktg btn-muted-mktg font-weight-semibold ml-3 js-header-cta header-cta" href="https://github.com/enterprise/contact?ref_cta=contact%2520sales&ref_loc=banner&ref_page=blog" target="_blank">Contact sales</a> </div> <div class="d-flex d-lg-none flex-items-center flex-1 mr-n2"> <button aria-label="Toggle search" class="ml-auto p-2 border-0 color-bg-transparent color-fg-default rounded-3 js-toggle" aria-controls="mobile-search" aria-expanded="false" > <svg viewBox="0 0 24 24" width="24" height="24" class="octicon octicon-search" role="presentation"><path d="M10.25 2a8.25 8.25 0 0 1 6.34 13.53l5.69 5.69a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215l-5.69-5.69A8.25 8.25 0 1 1 10.25 2ZM3.5 10.25a6.75 6.75 0 1 0 13.5 0 6.75 6.75 0 0 0-13.5 0Z"></path></svg> <svg viewBox="2 2 20 20" width="24" height="24" class="octicon octicon-x" role="presentation"><path d="M5.72 5.72a.75.75 0 0 1 1.06 0L12 10.94l5.22-5.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L13.06 12l5.22 5.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L12 13.06l-5.22 5.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L10.94 12 5.72 6.78a.75.75 0 0 1 0-1.06Z"></path></svg> </button> <button aria-label="Toggle menu" class="ml-2 p-2 border-0 color-bg-transparent color-fg-default rounded-3 js-toggle" aria-controls="mobile-menu" aria-expanded="false" data-trap-focus="#header"> <svg viewBox="0 0 16 16" width="24" height="24" class="octicon octicon-three-bars" role="presentation"><path d="M1 2.75A.75.75 0 0 1 1.75 2h12.5a.75.75 0 0 1 0 1.5H1.75A.75.75 0 0 1 1 2.75Zm0 5A.75.75 0 0 1 1.75 7h12.5a.75.75 0 0 1 0 1.5H1.75A.75.75 0 0 1 1 7.75ZM1.75 12h12.5a.75.75 0 0 1 0 1.5H1.75a.75.75 0 0 1 0-1.5Z"></path></svg> <svg viewBox="2 2 20 20" width="24" height="24" class="octicon octicon-x " role="presentation"><path d="M5.72 5.72a.75.75 0 0 1 1.06 0L12 10.94l5.22-5.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L13.06 12l5.22 5.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L12 13.06l-5.22 5.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L10.94 12 5.72 6.78a.75.75 0 0 1 0-1.06Z"></path></svg> </button> </div> </div> </div> <div class="position-relative pb-lg-navigation" data-sticky-navigation=".sticky-navigation"> <nav aria-label="Primary navigation" class="sticky-navigation position-absolute z-4 top-0 left-0 d-none d-lg-block width-full color-border-subtle color-bg-default"> <div class="position-relative container-xl width-full mx-auto p-responsive-blog"> <ul id="primary-navigation" class="primary-navigation position-relative d-flex flex-row flex-nowrap flex-grow-0 flex-justify-between list-style-none"><li id="menu-item-78814"><a href="https://github.blog/ai-and-ml/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78814-dropdown" aria-expanded="false" aria-haspopup="true" role="button">AI & ML<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="AI & ML sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78814-dropdown" tabindex="-1"> <li id="menu-item-78863" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/ai-and-ml/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">AI & ML<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Learn about artificial intelligence and machine learning across the GitHub ecosystem and the wider industry.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="AI & ML sub-menu"> <li id="menu-item-78815" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/ai-and-ml/generative-ai/" class="d-block f4 color-fg-default text-bold">Generative AI</a><p class="mb-0 f5 color-fg-muted">Learn how to build with generative AI.</p></li> <li id="menu-item-78816" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/ai-and-ml/github-copilot/" class="d-block f4 color-fg-default text-bold">GitHub Copilot</a><p class="mb-0 f5 color-fg-muted">Change how you work with GitHub Copilot.</p></li> <li id="menu-item-78817" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/ai-and-ml/llms/" class="d-block f4 color-fg-default text-bold">LLMs</a><p class="mb-0 f5 color-fg-muted">Everything developers need to know about LLMs.</p></li> <li id="menu-item-78818" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/ai-and-ml/machine-learning/" class="d-block f4 color-fg-default text-bold">Machine learning</a><p class="mb-0 f5 color-fg-muted">Machine learning tips, tricks, and best practices.</p></li> </ul> </li> <li id="menu-item-78864" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" fetchpriority="high" srcset="https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=300 300w, https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=800 800w, https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=400 400w, https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/06/AI-DarkMode-4.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://github.blog/ai-and-ml/generative-ai/how-ai-code-generation-works/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">How AI code generation works</a><p class="mb-3 f5 color-fg-muted">Explore the capabilities and benefits of AI code generation and how it can improve your developer experience.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78819"><a href="https://github.blog/developer-skills/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78819-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Developer skills<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Developer skills sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78819-dropdown" tabindex="-1"> <li id="menu-item-78865" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/developer-skills/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Developer skills<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Resources for developers to grow in their skills and careers.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Developer skills sub-menu"> <li id="menu-item-78820" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/developer-skills/application-development/" class="d-block f4 color-fg-default text-bold">Application development</a><p class="mb-0 f5 color-fg-muted">Insights and best practices for building apps.</p></li> <li id="menu-item-78821" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/developer-skills/career-growth/" class="d-block f4 color-fg-default text-bold">Career growth</a><p class="mb-0 f5 color-fg-muted">Tips & tricks to grow as a professional developer.</p></li> <li id="menu-item-78822" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/developer-skills/github/" class="d-block f4 color-fg-default text-bold">GitHub</a><p class="mb-0 f5 color-fg-muted">Improve how you use GitHub at work.</p></li> <li id="menu-item-78823" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/developer-skills/github-education/" class="d-block f4 color-fg-default text-bold">GitHub Education</a><p class="mb-0 f5 color-fg-muted">Learn how to move into your first professional role.</p></li> <li id="menu-item-78824" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/developer-skills/programming-languages-and-frameworks/" class="d-block f4 color-fg-default text-bold">Programming languages & frameworks</a><p class="mb-0 f5 color-fg-muted">Stay current on what’s new (or new again).</p></li> </ul> </li> <li id="menu-item-78866" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=300 300w, https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=800 800w, https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=400 400w, https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/05/Enterprise-DarkMode-3.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://docs.github.com/en/get-started" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">Get started with GitHub documentation</a><p class="mb-3 f5 color-fg-muted">Learn how to start building, shipping, and maintaining software with GitHub.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78825"><a href="https://github.blog/engineering/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78825-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Engineering<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Engineering sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78825-dropdown" tabindex="-1"> <li id="menu-item-78867" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/engineering/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Engineering<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Get an inside look at how we’re building the home for all developers.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Engineering sub-menu"> <li id="menu-item-78827" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/engineering/architecture-optimization/" class="d-block f4 color-fg-default text-bold">Architecture & optimization</a><p class="mb-0 f5 color-fg-muted">Discover how we deliver a performant and highly available experience across the GitHub platform.</p></li> <li id="menu-item-78828" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/engineering/engineering-principles/" class="d-block f4 color-fg-default text-bold">Engineering principles</a><p class="mb-0 f5 color-fg-muted">Explore best practices for building software at scale with a majority remote team.</p></li> <li id="menu-item-78829" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/engineering/infrastructure/" class="d-block f4 color-fg-default text-bold">Infrastructure</a><p class="mb-0 f5 color-fg-muted">Get a glimpse at the technology underlying the world’s leading AI-powered developer platform.</p></li> <li id="menu-item-78830" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/engineering/platform-security/" class="d-block f4 color-fg-default text-bold">Platform security</a><p class="mb-0 f5 color-fg-muted">Learn how we build security into everything we do across the developer lifecycle.</p></li> <li id="menu-item-78858" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/engineering/user-experience/" class="d-block f4 color-fg-default text-bold">User experience</a><p class="mb-0 f5 color-fg-muted">Find out what goes into making GitHub the home for all developers.</p></li> </ul> </li> <li id="menu-item-78868" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.42.45 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://github.blog/engineering/how-we-use-github-to-be-more-productive-collaborative-and-secure/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">How we use GitHub to be more productive, collaborative, and secure</a><p class="mb-3 f5 color-fg-muted">Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78832"><a href="https://github.blog/enterprise-software/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78832-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Enterprise software<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Enterprise software sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78832-dropdown" tabindex="-1"> <li id="menu-item-78869" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/enterprise-software/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Enterprise software<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Explore how to write, build, and deploy enterprise software at scale.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Enterprise software sub-menu"> <li id="menu-item-78833" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/enterprise-software/automation/" class="d-block f4 color-fg-default text-bold">Automation</a><p class="mb-0 f5 color-fg-muted">Automating your way to faster and more secure ships.</p></li> <li id="menu-item-78834" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/enterprise-software/ci-cd/" class="d-block f4 color-fg-default text-bold">CI/CD</a><p class="mb-0 f5 color-fg-muted">Guides on continuous integration and delivery.</p></li> <li id="menu-item-78835" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/enterprise-software/collaboration/" class="d-block f4 color-fg-default text-bold">Collaboration</a><p class="mb-0 f5 color-fg-muted">Tips, tools, and tricks to improve developer collaboration.</p></li> <li id="menu-item-78836" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/enterprise-software/devops/" class="d-block f4 color-fg-default text-bold">DevOps</a><p class="mb-0 f5 color-fg-muted">DevOps resources for enterprise engineering teams.</p></li> <li id="menu-item-78837" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/enterprise-software/devsecops/" class="d-block f4 color-fg-default text-bold">DevSecOps</a><p class="mb-0 f5 color-fg-muted">How to integrate security into the SDLC.</p></li> <li id="menu-item-78838" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/enterprise-software/governance-and-compliance/" class="d-block f4 color-fg-default text-bold">Governance & compliance</a><p class="mb-0 f5 color-fg-muted">Ensuring your builds stay clean.</p></li> </ul> </li> <li id="menu-item-78870" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.43.47 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://resources.github.com/artificial-intelligence/how-enterprise-engineering-teams-can-successfully-adopt-ai/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">How enterprise engineering teams can successfully adopt AI</a><p class="mb-3 f5 color-fg-muted">Learn how to bring AI to your engineering teams and maximize the value that you get from it.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78840"><a href="https://github.blog/news-insights/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78840-dropdown" aria-expanded="false" aria-haspopup="true" role="button">News & insights<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="News & insights sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78840-dropdown" tabindex="-1"> <li id="menu-item-78871" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/news-insights/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">News & insights<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Keep up with what’s new and notable from inside GitHub.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="News & insights sub-menu"> <li id="menu-item-78841" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/news-insights/company-news/" class="d-block f4 color-fg-default text-bold">Company news</a><p class="mb-0 f5 color-fg-muted">An inside look at news and product updates from GitHub.</p></li> <li id="menu-item-78844" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/news-insights/product-news/" class="d-block f4 color-fg-default text-bold">Product</a><p class="mb-0 f5 color-fg-muted">The latest on GitHub’s platform, products, and tools.</p></li> <li id="menu-item-78842" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/news-insights/octoverse/" class="d-block f4 color-fg-default text-bold">Octoverse</a><p class="mb-0 f5 color-fg-muted">Insights into the state of open source on GitHub.</p></li> <li id="menu-item-78843" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/news-insights/policy-news-and-insights/" class="d-block f4 color-fg-default text-bold">Policy</a><p class="mb-0 f5 color-fg-muted">The latest policy and regulatory changes in software.</p></li> <li id="menu-item-78845" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/news-insights/research/" class="d-block f4 color-fg-default text-bold">Research</a><p class="mb-0 f5 color-fg-muted">Data-driven insights around the developer ecosystem.</p></li> <li id="menu-item-78847" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/news-insights/the-library/" class="d-block f4 color-fg-default text-bold">The library</a><p class="mb-0 f5 color-fg-muted">Older news and updates from GitHub.</p></li> </ul> </li> <li id="menu-item-78872" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=300 300w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.44.23 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://github.blog/ai-and-ml/llms/unlocking-the-power-of-unstructured-data-with-rag/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">Unlocking the power of unstructured data with RAG</a><p class="mb-3 f5 color-fg-muted">Learn how to use retrieval-augmented generation (RAG) to capture more insights.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78848"><a href="https://github.blog/open-source/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78848-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Open Source<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Open Source sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78848-dropdown" tabindex="-1"> <li id="menu-item-78873" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/open-source/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Open Source<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Everything open source on GitHub.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Open Source sub-menu"> <li id="menu-item-78851" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/open-source/git/" class="d-block f4 color-fg-default text-bold">Git</a><p class="mb-0 f5 color-fg-muted">The latest Git updates.</p></li> <li id="menu-item-78853" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/open-source/maintainers/" class="d-block f4 color-fg-default text-bold">Maintainers</a><p class="mb-0 f5 color-fg-muted">Spotlighting open source maintainers.</p></li> <li id="menu-item-78854" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/open-source/social-impact/" class="d-block f4 color-fg-default text-bold">Social impact</a><p class="mb-0 f5 color-fg-muted">How open source is driving positive change.</p></li> <li id="menu-item-78850" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/open-source/gaming/" class="d-block f4 color-fg-default text-bold">Gaming</a><p class="mb-0 f5 color-fg-muted">Explore open source games on GitHub.</p></li> </ul> </li> <li id="menu-item-78874" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.46.23 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://resources.github.com/software-development/innersource/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">An introduction to innersource</a><p class="mb-3 f5 color-fg-muted">Organizations worldwide are incorporating open source methodologies into the way they build and ship their own software.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> <li id="menu-item-78859"><a href="https://github.blog/security/" class="position-relative d-flex flex-items-center flex-start no-wrap py-3 f4-mktg text-bold js-toggle" aria-controls="primary-78859-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Security<svg viewBox="0 0 16 16" width="16" height="16" class="octicon d-block ml-1 mt-1 color-fg-muted" role="presentation"><path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path></svg></a> <ul class="dropdown d-flex flex-wrap width-full position-absolute left-0 list-style-none mt-2 rounded-3 z-3 overflow-hidden color-border-subtle" aria-label="Security sub-menu" aria-hidden="true" data-color-mode="light" data-dark-theme="dark" data-light-theme="light" id="primary-78859-dropdown" tabindex="-1"> <li id="menu-item-78875" class="flex-1 p-5 py-xl-7 px-xl-7"><div class="col-9 mb-4 mb-lg-7"><a href="https://github.blog/security/" class="d-flex flex-items-center flex-start f3 lh-condensed color-fg-default text-bold">Security<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-1 my-0 f4 color-fg-muted">Stay up to date on everything security.</p></div> <ul class="d-flex flex-wrap list-style-none" aria-label="Security sub-menu"> <li id="menu-item-78860" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right"><a href="https://github.blog/security/application-security/" class="d-block f4 color-fg-default text-bold">Application security</a><p class="mb-0 f5 color-fg-muted">Application security, explained.</p></li> <li id="menu-item-78861" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8"><a href="https://github.blog/security/supply-chain-security/" class="d-block f4 color-fg-default text-bold">Supply chain security</a><p class="mb-0 f5 color-fg-muted">Demystifying supply chain security.</p></li> <li id="menu-item-78855" class="col-6 d-block f4 color-fg-default color-border-subtle pr-4 pr-lg-8 border-right pt-2 pt-lg-4"><a href="https://github.blog/security/vulnerability-research/" class="d-block f4 color-fg-default text-bold">Vulnerability research</a><p class="mb-0 f5 color-fg-muted">Updates from the GitHub Security Lab.</p></li> <li id="menu-item-78862" class="col-6 d-block f4 color-fg-default color-border-subtle pl-4 pl-lg-8 pt-2 pt-lg-4"><a href="https://github.blog/security/web-application-security/" class="d-block f4 color-fg-default text-bold">Web application security</a><p class="mb-0 f5 color-fg-muted">Helpful tips on securing web applications.</p></li> </ul> </li> <li id="menu-item-78876" class="p-5 py-xl-7 px-xl-8 col-4 color-bg-subtle card"><div class="d-block position-relative mb-3 rounded-2 tease-thumbnail overflow-hidden"><img width="800" height="425" src="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?resize=800%2C425" class="tease-thumbnail__img d-block width-full height-auto aspect-ratio-1032-548 object-fit-cover" alt="" decoding="async" srcset="https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?w=800 800w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?w=400 400w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?w=1032 1032w, https://github.blog/wp-content/uploads/2024/07/Screenshot-2024-07-23-at-8.47.04 AM.png?w=516 516w" sizes="(max-width: 800px) 100vw, 800px" /></div><a href="https://resources.github.com/security/the-enterprise-guide-to-ai-powered-devsecops/" class="d-block mb-2 f3 lh-condensed color-fg-default text-bold card__link">The enterprise guide to AI-powered DevSecOps</a><p class="mb-3 f5 color-fg-muted">Learn about core challenges in DevSecOps, and how you can start addressing them with AI and automation.</p><span class="Link d-inline-flex flex-items-center" role="presentation">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></span></li> </ul> </li> </ul> </div> </nav> </div> <form id="mobile-search" role="search" method="get" class="mobile-search" action="https://github.blog" aria-hidden="true" aria-label="Search form"> <div class="d-flex flex-1 p-3 color-bg-inset"> <div class="d-flex flex-1 position-relative color-bg-transparent" data-color-mode="light" data-light-theme="light" data-dark-theme="dark" > <svg height="20" class="d-flex position-absolute z-3 octicon height-full ml-2 color-fg-subtle" aria-hidden="true" viewBox="0 0 16 16" version="1.1" width="20" role="img"><path fill-rule="evenodd" d="M11.5 7a4.499 4.499 0 11-8.998 0A4.499 4.499 0 0111.5 7zm-.82 4.74a6 6 0 111.06-1.06l3.04 3.04a.75.75 0 11-1.06 1.06l-3.04-3.04z"></path></svg> <input aria-label="Search the blog" type="search" class="pl-6 search-field form-control p-2 flex-1" placeholder="Search the blog…" value="" name="s" id="search-input"> </div> <button type="submit" class="btn-mktg btn-muted-mktg font-weight-semibold ml-2 border-1 color-fg-default"> Search </button> </div> </form> <nav id="mobile-menu" class="mobile-menu position-relative overflow-y-auto flex-1 width-full rounded-top-3" aria-label="Navigation menu" aria-hidden="true" data-color-mode="light" data-light-theme="light" data-dark-theme="dark_dimmed"> <div class="p-5"> <h2 class="mb-5 text-bold color-fg-subtle">Categories</h2> <ul id="menu-new-primary-navigation" class="list-style-none"><li class="mb-5"><a href="https://github.blog/ai-and-ml/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78814-dropdown" aria-expanded="false" aria-haspopup="true" role="button">AI & ML<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="AI & ML sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78814-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78814-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/ai-and-ml/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">AI & ML<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Learn about artificial intelligence and machine learning across the GitHub ecosystem and the wider industry.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/ai-and-ml/generative-ai/" class="text-bold lh-condensed-ultra color-fg-default">Generative AI</a><p class="mb-0 f5 color-fg-muted">Learn how to build with generative AI.</p></li> <li class="mt-4"><a href="https://github.blog/ai-and-ml/github-copilot/" class="text-bold lh-condensed-ultra color-fg-default">GitHub Copilot</a><p class="mb-0 f5 color-fg-muted">Change how you work with GitHub Copilot.</p></li> <li class="mt-4"><a href="https://github.blog/ai-and-ml/llms/" class="text-bold lh-condensed-ultra color-fg-default">LLMs</a><p class="mb-0 f5 color-fg-muted">Everything developers need to know about LLMs.</p></li> <li class="mt-4"><a href="https://github.blog/ai-and-ml/machine-learning/" class="text-bold lh-condensed-ultra color-fg-default">Machine learning</a><p class="mb-0 f5 color-fg-muted">Machine learning tips, tricks, and best practices.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://github.blog/ai-and-ml/generative-ai/how-ai-code-generation-works/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">How AI code generation works</a><p class="mb-3 f5 color-fg-muted">Explore the capabilities and benefits of AI code generation and how it can improve your developer experience.</p><a href="https://github.blog/ai-and-ml/generative-ai/how-ai-code-generation-works/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/developer-skills/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78819-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Developer skills<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Developer skills sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78819-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78819-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/developer-skills/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Developer skills<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Resources for developers to grow in their skills and careers.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/developer-skills/application-development/" class="text-bold lh-condensed-ultra color-fg-default">Application development</a><p class="mb-0 f5 color-fg-muted">Insights and best practices for building apps.</p></li> <li class="mt-4"><a href="https://github.blog/developer-skills/career-growth/" class="text-bold lh-condensed-ultra color-fg-default">Career growth</a><p class="mb-0 f5 color-fg-muted">Tips & tricks to grow as a professional developer.</p></li> <li class="mt-4"><a href="https://github.blog/developer-skills/github/" class="text-bold lh-condensed-ultra color-fg-default">GitHub</a><p class="mb-0 f5 color-fg-muted">Improve how you use GitHub at work.</p></li> <li class="mt-4"><a href="https://github.blog/developer-skills/github-education/" class="text-bold lh-condensed-ultra color-fg-default">GitHub Education</a><p class="mb-0 f5 color-fg-muted">Learn how to move into your first professional role.</p></li> <li class="mt-4"><a href="https://github.blog/developer-skills/programming-languages-and-frameworks/" class="text-bold lh-condensed-ultra color-fg-default">Programming languages & frameworks</a><p class="mb-0 f5 color-fg-muted">Stay current on what’s new (or new again).</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://docs.github.com/en/get-started" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Get started with GitHub documentation</a><p class="mb-3 f5 color-fg-muted">Learn how to start building, shipping, and maintaining software with GitHub.</p><a href="https://docs.github.com/en/get-started" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/engineering/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78825-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Engineering<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Engineering sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78825-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78825-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/engineering/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Engineering<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Get an inside look at how we’re building the home for all developers.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/engineering/architecture-optimization/" class="text-bold lh-condensed-ultra color-fg-default">Architecture & optimization</a><p class="mb-0 f5 color-fg-muted">Discover how we deliver a performant and highly available experience across the GitHub platform.</p></li> <li class="mt-4"><a href="https://github.blog/engineering/engineering-principles/" class="text-bold lh-condensed-ultra color-fg-default">Engineering principles</a><p class="mb-0 f5 color-fg-muted">Explore best practices for building software at scale with a majority remote team.</p></li> <li class="mt-4"><a href="https://github.blog/engineering/infrastructure/" class="text-bold lh-condensed-ultra color-fg-default">Infrastructure</a><p class="mb-0 f5 color-fg-muted">Get a glimpse at the technology underlying the world’s leading AI-powered developer platform.</p></li> <li class="mt-4"><a href="https://github.blog/engineering/platform-security/" class="text-bold lh-condensed-ultra color-fg-default">Platform security</a><p class="mb-0 f5 color-fg-muted">Learn how we build security into everything we do across the developer lifecycle.</p></li> <li class="mt-4"><a href="https://github.blog/engineering/user-experience/" class="text-bold lh-condensed-ultra color-fg-default">User experience</a><p class="mb-0 f5 color-fg-muted">Find out what goes into making GitHub the home for all developers.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://github.blog/engineering/how-we-use-github-to-be-more-productive-collaborative-and-secure/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">How we use GitHub to be more productive, collaborative, and secure</a><p class="mb-3 f5 color-fg-muted">Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.</p><a href="https://github.blog/engineering/how-we-use-github-to-be-more-productive-collaborative-and-secure/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/enterprise-software/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78832-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Enterprise software<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Enterprise software sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78832-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78832-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/enterprise-software/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Enterprise software<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Explore how to write, build, and deploy enterprise software at scale.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/enterprise-software/automation/" class="text-bold lh-condensed-ultra color-fg-default">Automation</a><p class="mb-0 f5 color-fg-muted">Automating your way to faster and more secure ships.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/ci-cd/" class="text-bold lh-condensed-ultra color-fg-default">CI/CD</a><p class="mb-0 f5 color-fg-muted">Guides on continuous integration and delivery.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/collaboration/" class="text-bold lh-condensed-ultra color-fg-default">Collaboration</a><p class="mb-0 f5 color-fg-muted">Tips, tools, and tricks to improve developer collaboration.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/devops/" class="text-bold lh-condensed-ultra color-fg-default">DevOps</a><p class="mb-0 f5 color-fg-muted">DevOps resources for enterprise engineering teams.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/devsecops/" class="text-bold lh-condensed-ultra color-fg-default">DevSecOps</a><p class="mb-0 f5 color-fg-muted">How to integrate security into the SDLC.</p></li> <li class="mt-4"><a href="https://github.blog/enterprise-software/governance-and-compliance/" class="text-bold lh-condensed-ultra color-fg-default">Governance & compliance</a><p class="mb-0 f5 color-fg-muted">Ensuring your builds stay clean.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://resources.github.com/artificial-intelligence/how-enterprise-engineering-teams-can-successfully-adopt-ai/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">How enterprise engineering teams can successfully adopt AI</a><p class="mb-3 f5 color-fg-muted">Learn how to bring AI to your engineering teams and maximize the value that you get from it.</p><a href="https://resources.github.com/artificial-intelligence/how-enterprise-engineering-teams-can-successfully-adopt-ai/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/news-insights/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78840-dropdown" aria-expanded="false" aria-haspopup="true" role="button">News & insights<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="News & insights sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78840-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78840-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/news-insights/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">News & insights<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Keep up with what’s new and notable from inside GitHub.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/news-insights/company-news/" class="text-bold lh-condensed-ultra color-fg-default">Company news</a><p class="mb-0 f5 color-fg-muted">An inside look at news and product updates from GitHub.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/product-news/" class="text-bold lh-condensed-ultra color-fg-default">Product</a><p class="mb-0 f5 color-fg-muted">The latest on GitHub’s platform, products, and tools.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/octoverse/" class="text-bold lh-condensed-ultra color-fg-default">Octoverse</a><p class="mb-0 f5 color-fg-muted">Insights into the state of open source on GitHub.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/policy-news-and-insights/" class="text-bold lh-condensed-ultra color-fg-default">Policy</a><p class="mb-0 f5 color-fg-muted">The latest policy and regulatory changes in software.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/research/" class="text-bold lh-condensed-ultra color-fg-default">Research</a><p class="mb-0 f5 color-fg-muted">Data-driven insights around the developer ecosystem.</p></li> <li class="mt-4"><a href="https://github.blog/news-insights/the-library/" class="text-bold lh-condensed-ultra color-fg-default">The library</a><p class="mb-0 f5 color-fg-muted">Older news and updates from GitHub.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://github.blog/ai-and-ml/llms/unlocking-the-power-of-unstructured-data-with-rag/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Unlocking the power of unstructured data with RAG</a><p class="mb-3 f5 color-fg-muted">Learn how to use retrieval-augmented generation (RAG) to capture more insights.</p><a href="https://github.blog/ai-and-ml/llms/unlocking-the-power-of-unstructured-data-with-rag/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/open-source/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78848-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Open Source<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Open Source sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78848-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78848-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/open-source/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Open Source<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Everything open source on GitHub.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/open-source/git/" class="text-bold lh-condensed-ultra color-fg-default">Git</a><p class="mb-0 f5 color-fg-muted">The latest Git updates.</p></li> <li class="mt-4"><a href="https://github.blog/open-source/maintainers/" class="text-bold lh-condensed-ultra color-fg-default">Maintainers</a><p class="mb-0 f5 color-fg-muted">Spotlighting open source maintainers.</p></li> <li class="mt-4"><a href="https://github.blog/open-source/social-impact/" class="text-bold lh-condensed-ultra color-fg-default">Social impact</a><p class="mb-0 f5 color-fg-muted">How open source is driving positive change.</p></li> <li class="mt-4"><a href="https://github.blog/open-source/gaming/" class="text-bold lh-condensed-ultra color-fg-default">Gaming</a><p class="mb-0 f5 color-fg-muted">Explore open source games on GitHub.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://resources.github.com/software-development/innersource/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">An introduction to innersource</a><p class="mb-3 f5 color-fg-muted">Organizations worldwide are incorporating open source methodologies into the way they build and ship their own software.</p><a href="https://resources.github.com/software-development/innersource/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> <li class="mb-5"><a href="https://github.blog/security/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default js-toggle" aria-controls="primary-mobile-78859-dropdown" aria-expanded="false" aria-haspopup="true" role="button">Security<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right d-block mt-1 color-fg-subtle" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a> <ul aria-hidden="true" aria-label="Security sub-menu" class="dropdown overflow-y-auto position-absolute top-0 left-0 right-0 bottom-0 flex-wrap p-5 list-style-none rounded-3 z-3 color-bg-default color-border-subtle" id="primary-mobile-78859-dropdown"> <li class="mb-5"><div class="mb-4"><button type="button" class="d-flex flex-items-center mb-4 p-0 border-0 text-semibold color-bg-transparent color-fg-subtle" aria-controls="primary-mobile-78859-dropdown" aria-expanded="true"><svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-left mr-1"><path d="M9.78 12.78a.75.75 0 0 1-1.06 0L4.47 8.53a.75.75 0 0 1 0-1.06l4.25-4.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L6.06 8l3.72 3.72a.75.75 0 0 1 0 1.06Z"></path></svg>Back</button><a href="https://github.blog/security/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">Security<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-chevron-right ml-1 mt-1" role="presentation"><path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path></svg></a><p class="mt-2 mb-0 color-fg-muted">Stay up to date on everything security.</p></div> <ul class="border-top list-style-none"> <li class="mt-4"><a href="https://github.blog/security/application-security/" class="text-bold lh-condensed-ultra color-fg-default">Application security</a><p class="mb-0 f5 color-fg-muted">Application security, explained.</p></li> <li class="mt-4"><a href="https://github.blog/security/supply-chain-security/" class="text-bold lh-condensed-ultra color-fg-default">Supply chain security</a><p class="mb-0 f5 color-fg-muted">Demystifying supply chain security.</p></li> <li class="mt-4"><a href="https://github.blog/security/vulnerability-research/" class="text-bold lh-condensed-ultra color-fg-default">Vulnerability research</a><p class="mb-0 f5 color-fg-muted">Updates from the GitHub Security Lab.</p></li> <li class="mt-4"><a href="https://github.blog/security/web-application-security/" class="text-bold lh-condensed-ultra color-fg-default">Web application security</a><p class="mb-0 f5 color-fg-muted">Helpful tips on securing web applications.</p></li> </ul> </li> <li class="d-none"><div class="mb-4"><a href="https://resources.github.com/security/the-enterprise-guide-to-ai-powered-devsecops/" class="d-flex flex-items-center flex-justify-start lh-condensed-ultra text-bold color-fg-default">The enterprise guide to AI-powered DevSecOps</a><p class="mb-3 f5 color-fg-muted">Learn about core challenges in DevSecOps, and how you can start addressing them with AI and automation.</p><a href="https://resources.github.com/security/the-enterprise-guide-to-ai-powered-devsecops/" target="" class="Link d-inline-flex flex-items-center">Learn more<svg xmlns="http://www.w3.org/2000/svg" class="octicon d-block ml-1 mt-1" viewBox="0 0 12 12" width="12" height="12"><path d="M4.7 10c-.2 0-.4-.1-.5-.2-.3-.3-.3-.8 0-1.1L6.9 6 4.2 3.3c-.3-.3-.3-.8 0-1.1.3-.3.8-.3 1.1 0l3.3 3.2c.3.3.3.8 0 1.1L5.3 9.7c-.2.2-.4.3-.6.3Z"></path></svg></a></div></li> </ul> </li> </ul><ul id="menu-secondary-navigation" class="pt-5 border-top list-style-none"><li class="mb-5"><a href="https://github.blog/changelog/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default">Changelog</a></li> <li class="mb-5"><a href="https://docs.github.com/" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default">Docs<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-link-external d-block mt-1 color-fg-subtle" role="presentation"><path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path></svg></a></li> <li class="mb-5"><a href="https://github.com/customer-stories" class="d-flex flex-items-center flex-justify-between lh-condensed-ultra text-bold color-fg-default">Customer stories<svg viewBox="0 0 16 16" width="16" height="16" class="octicon octicon-link-external d-block mt-1 color-fg-subtle" role="presentation"><path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path></svg></a></li> </ul> <a data-analytics-click="Blog, click on button, text: Contact sales; ref_location:top nav;" class="d-block no-wrap my-3 btn-mktg btn-muted-mktg font-weight-semibold" href="https://github.com/enterprise/contact?ref_cta=contact%2520sales&ref_loc=banner&ref_page=blog" target="_blank">Contact sales</a> <a data-analytics-click="Blog, click on button, text: Try GitHub Copilot; ref_location:top nav;" class="d-block no-wrap btn-mktg font-weight-semibold" href="https://docs.github.com/en/copilot/quickstart?utm_source=github&utm_medium=blog&utm_campaign=topnav" target="_blank">Try GitHub Copilot</a> </div> </nav> </header> </div> <main id="start-of-content"> <div class="gh-changelog-archive-hero d-flex flex-md-items-center position-relative overflow-hidden"> <div class="position-absolute width-full height-full top-0 right-0 events-none"> <img width="1600" height="356" class="object-fit-cover d-none d-md-block width-full height-full" alt="" aria-hidden="true" srcset="https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-desktop.jpg, https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-desktop@2x.jpg 2x" src="https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-desktop.jpg" /> <img width="943" height="514" class="object-fit-cover d-block d-md-none float-left width-fit height-full" alt="" aria-hidden="true" srcset="https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-mobile.jpg, https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-mobile@2x.jpg 2x" src="https://github.blog/wp-content/themes/github-2021/assets/img/backgrounds/changelog-hero-bg-mobile.jpg" /> </div> <div class="container-xl mx-auto p-responsive-blog width-full position-relative z-1"> <div class="d-flex flex-wrap flex-md-items-center gutter-spacious"> <div class="col-12 col-md-6"> <h1 class="h3-mktg m-0 text-capitalize" style="overflow-wrap: normal;">security-and-compliance</h1> <p class="f3-mktg col-9-max mt-3 mt-md-4 mb-8 mb-md-0">Subscribe to all <span class="text-capitalize">“security-and-compliance”</span> posts via <a class="cl-label-hero__text_link cl-label-hero__text_link_rss" href="https://github.blog/changelog/label/security-and-compliance/feed/">RSS</a> or follow GitHub Changelog on <a class="cl-label-hero__text_link cl-label-hero__text_link_twitter" href="https://twitter.com/ghchangelog">Twitter</a> to stay updated on everything we ship.</p> </div> <div class="col-12 col-md-6"> <div class="changelog-terminal rounded-2 overflow-hidden position-md-relative top-md-8 float-md-right mx-auto mx-md-0 d-flex flex-column"> <div class="gh-terminal-handlebar"> <span class="gh-terminal-handlebar-buttons d-flex flex-row"></span> </div> <div class="gh-terminal-content terminal-mktg text-mono color-bg-default height-full p-3 p-md-4 js-type-in build-in-animate" data-type-delay="80" data-type-row-delay="400" data-color-mode="dark" data-light-theme="light" data-dark-theme="dark"> <div class="js-type-row"> <strong class="code-pink">→</strong> <strong class="color-fg-success">~</strong> <span class="js-type-letters">cd github-changelog</span> </div> <div class="js-type-row"> <strong class="code-pink">→</strong> <strong class="color-fg-success">~/github-changelog|<span class="color-fg-done">main</span></strong> <span class="js-type-letters">git log main</span> </div> <div class="js-type-row"> <span>showing all changes successfully</span> </div> </div> </div> </div> </div> </div> </div> <div class="py-4 border-bottom color-border-subtle" style="border-bottom-color: #EAEEF2 !important;"> <div class="container-xl mx-auto p-responsive-blog"> <form id="changelog-category-select" action="" method="get" class="gh-select-wrap d-inline-block position-relative"> <button type="button" class="gh-select js-changelog-category-dropdown-toggle position-relative" aria-expanded="false" aria-controls="changelog-categories"> security-and-compliance <svg class="octicon octicon-triangle-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path d="M4.427 7.427l3.396 3.396a.25.25 0 00.354 0l3.396-3.396A.25.25 0 0011.396 7H4.604a.25.25 0 00-.177.427z" fill="currentColor"></path></svg> </button> <select class="gh-select-fallback js-changelog-category-dropdown-fallback" onchange="const clgform = document.getElementById('changelog-category-select'); clgform.action = this.value; clgform.submit();"> <option value="https://github.blog/changelog">All categories</option> <option value="https://github.blog/changelog/label/2fa/">2fa</option> <option value="https://github.blog/changelog/label/accessibility/">accessibility</option> <option value="https://github.blog/changelog/label/actions/">actions</option> <option value="https://github.blog/changelog/label/actions-importer/">actions-importer</option> <option value="https://github.blog/changelog/label/admin/">admin</option> <option value="https://github.blog/changelog/label/advanced-security/">advanced-security</option> <option value="https://github.blog/changelog/label/advisory-database/">advisory-database</option> <option value="https://github.blog/changelog/label/api/">api</option> <option value="https://github.blog/changelog/label/apps/">apps</option> <option value="https://github.blog/changelog/label/audit-log/">audit-log</option> <option value="https://github.blog/changelog/label/authentication/">authentication</option> <option value="https://github.blog/changelog/label/billing/">billing</option> <option value="https://github.blog/changelog/label/branches/">branches</option> <option value="https://github.blog/changelog/label/branchprotections/">branchprotections</option> <option value="https://github.blog/changelog/label/brownout/">brownout</option> <option value="https://github.blog/changelog/label/cache/">cache</option> <option value="https://github.blog/changelog/label/chatops/">chatops</option> <option value="https://github.blog/changelog/label/cli/">cli</option> <option value="https://github.blog/changelog/label/closing-down/">closing-down</option> <option value="https://github.blog/changelog/label/code/">code</option> <option value="https://github.blog/changelog/label/code-navigation/">code-navigation</option> <option value="https://github.blog/changelog/label/code-scanning/">code-scanning</option> <option value="https://github.blog/changelog/label/codeql/">codeql</option> <option value="https://github.blog/changelog/label/codesearch/">codesearch</option> <option value="https://github.blog/changelog/label/codespaces/">codespaces</option> <option value="https://github.blog/changelog/label/comments/">comments</option> <option value="https://github.blog/changelog/label/commits/">commits</option> <option value="https://github.blog/changelog/label/community/">community</option> <option value="https://github.blog/changelog/label/compliance/">compliance</option> <option value="https://github.blog/changelog/label/containers/">containers</option> <option value="https://github.blog/changelog/label/copilot/">copilot</option> <option value="https://github.blog/changelog/label/copilot-business/">copilot-business</option> <option value="https://github.blog/changelog/label/copilot-chat/">copilot-chat</option> <option value="https://github.blog/changelog/label/copilot-enterprise/">copilot-enterprise</option> <option value="https://github.blog/changelog/label/dark-mode/">dark-mode</option> <option value="https://github.blog/changelog/label/dependabot/">dependabot</option> <option value="https://github.blog/changelog/label/dependency-graph/">dependency-graph</option> <option value="https://github.blog/changelog/label/deployments/">deployments</option> <option value="https://github.blog/changelog/label/desktop/">desktop</option> <option value="https://github.blog/changelog/label/discussions/">discussions</option> <option value="https://github.blog/changelog/label/docs/">docs</option> <option value="https://github.blog/changelog/label/education/">education</option> <option value="https://github.blog/changelog/label/enterprise/">enterprise</option> <option value="https://github.blog/changelog/label/features/">features</option> <option value="https://github.blog/changelog/label/feed/">feed</option> <option value="https://github.blog/changelog/label/forks/">forks</option> <option value="https://github.blog/changelog/label/ghec/">ghec</option> <option value="https://github.blog/changelog/label/gists/">gists</option> <option value="https://github.blog/changelog/label/git/">git</option> <option value="https://github.blog/changelog/label/innersource/">innersource</option> <option value="https://github.blog/changelog/label/insights/">insights</option> <option value="https://github.blog/changelog/label/issues/">issues</option> <option value="https://github.blog/changelog/label/licensing/">licensing</option> <option value="https://github.blog/changelog/label/markdown/">markdown</option> <option value="https://github.blog/changelog/label/merge-queue/">merge-queue</option> <option value="https://github.blog/changelog/label/metrics/">metrics</option> <option value="https://github.blog/changelog/label/microsoft-teams-2/">microsoft-teams</option> <option value="https://github.blog/changelog/label/migrations/">migrations</option> <option value="https://github.blog/changelog/label/mobile/">mobile</option> <option value="https://github.blog/changelog/label/moderation/">moderation</option> <option value="https://github.blog/changelog/label/navigation/">navigation</option> <option value="https://github.blog/changelog/label/notifications/">notifications</option> <option value="https://github.blog/changelog/label/npm/">npm</option> <option value="https://github.blog/changelog/label/oidc/">oidc</option> <option value="https://github.blog/changelog/label/open-source/">open-source</option> <option value="https://github.blog/changelog/label/organizations/">organizations</option> <option value="https://github.blog/changelog/label/packages/">packages</option> <option value="https://github.blog/changelog/label/pages/">pages</option> <option value="https://github.blog/changelog/label/payments/">payments</option> <option value="https://github.blog/changelog/label/policies/">policies</option> <option value="https://github.blog/changelog/label/product/">product</option> <option value="https://github.blog/changelog/label/profile/">profile</option> <option value="https://github.blog/changelog/label/projects/">projects</option> <option value="https://github.blog/changelog/label/public-preview/">public-preview</option> <option value="https://github.blog/changelog/label/pull-requests/">pull-requests</option> <option value="https://github.blog/changelog/label/releases/">releases</option> <option value="https://github.blog/changelog/label/repos/">repos</option> <option value="https://github.blog/changelog/label/repositories/">repositories</option> <option value="https://github.blog/changelog/label/rules/">rules</option> <option value="https://github.blog/changelog/label/runners/">runners</option> <option value="https://github.blog/changelog/label/search/">search</option> <option value="https://github.blog/changelog/label/secret-scanning/">secret-scanning</option> <option value="https://github.blog/changelog/label/security/">security</option> <option value="https://github.blog/changelog/label/security-and-compliance/" selected>security-and-compliance</option> <option value="https://github.blog/changelog/label/security-overview/">security-overview</option> <option value="https://github.blog/changelog/label/slack/">slack</option> <option value="https://github.blog/changelog/label/sponsors/">sponsors</option> <option value="https://github.blog/changelog/label/ssh/">ssh</option> <option value="https://github.blog/changelog/label/sunset/">sunset</option> <option value="https://github.blog/changelog/label/supply-chain/">supply-chain</option> <option value="https://github.blog/changelog/label/support/">support</option> <option value="https://github.blog/changelog/label/themes/">themes</option> <option value="https://github.blog/changelog/label/ui/">ui</option> <option value="https://github.blog/changelog/label/upload/">upload</option> <option value="https://github.blog/changelog/label/user-management/">user-management</option> <option value="https://github.blog/changelog/label/ux/">ux</option> <option value="https://github.blog/changelog/label/vs-code/">vs-code</option> <option value="https://github.blog/changelog/label/webhooks/">webhooks</option> <option value="https://github.blog/changelog/label/wikis/">wikis</option> <option value="https://github.blog/changelog/label/workflows/">workflows</option> </select> <nav id="changelog-categories" class="js-changelog-category-dropdown position-absolute mt-12px rounded-2 color-bg-default box-shadow-card-border-mktg pl-4 pr-3 py-3 z-3" style="text-transform: capitalize;" hidden> <div class="changelog-category-dropdown-content styled-scrollbar"> <a href="https://github.blog/changelog" class="d-block text-semibold Link--primary mb-12px mr-4">All categories</a> <a href="https://github.blog/changelog/label/2fa/" class="d-block text-semibold Link--primary mb-12px mr-4">2fa</a> <a href="https://github.blog/changelog/label/accessibility/" class="d-block text-semibold Link--primary mb-12px mr-4">accessibility</a> <a href="https://github.blog/changelog/label/actions/" class="d-block text-semibold Link--primary mb-12px mr-4">actions</a> <a href="https://github.blog/changelog/label/actions-importer/" class="d-block text-semibold Link--primary mb-12px mr-4">actions-importer</a> <a href="https://github.blog/changelog/label/admin/" class="d-block text-semibold Link--primary mb-12px mr-4">admin</a> <a href="https://github.blog/changelog/label/advanced-security/" class="d-block text-semibold Link--primary mb-12px mr-4">advanced-security</a> <a href="https://github.blog/changelog/label/advisory-database/" class="d-block text-semibold Link--primary mb-12px mr-4">advisory-database</a> <a href="https://github.blog/changelog/label/api/" class="d-block text-semibold Link--primary mb-12px mr-4">api</a> <a href="https://github.blog/changelog/label/apps/" class="d-block text-semibold Link--primary mb-12px mr-4">apps</a> <a href="https://github.blog/changelog/label/audit-log/" class="d-block text-semibold Link--primary mb-12px mr-4">audit-log</a> <a href="https://github.blog/changelog/label/authentication/" class="d-block text-semibold Link--primary mb-12px mr-4">authentication</a> <a href="https://github.blog/changelog/label/billing/" class="d-block text-semibold Link--primary mb-12px mr-4">billing</a> <a href="https://github.blog/changelog/label/branches/" class="d-block text-semibold Link--primary mb-12px mr-4">branches</a> <a href="https://github.blog/changelog/label/branchprotections/" class="d-block text-semibold Link--primary mb-12px mr-4">branchprotections</a> <a href="https://github.blog/changelog/label/brownout/" class="d-block text-semibold Link--primary mb-12px mr-4">brownout</a> <a href="https://github.blog/changelog/label/cache/" class="d-block text-semibold Link--primary mb-12px mr-4">cache</a> <a href="https://github.blog/changelog/label/chatops/" class="d-block text-semibold Link--primary mb-12px mr-4">chatops</a> <a href="https://github.blog/changelog/label/cli/" class="d-block text-semibold Link--primary mb-12px mr-4">cli</a> <a href="https://github.blog/changelog/label/closing-down/" class="d-block text-semibold Link--primary mb-12px mr-4">closing-down</a> <a href="https://github.blog/changelog/label/code/" class="d-block text-semibold Link--primary mb-12px mr-4">code</a> <a href="https://github.blog/changelog/label/code-navigation/" class="d-block text-semibold Link--primary mb-12px mr-4">code-navigation</a> <a href="https://github.blog/changelog/label/code-scanning/" class="d-block text-semibold Link--primary mb-12px mr-4">code-scanning</a> <a href="https://github.blog/changelog/label/codeql/" class="d-block text-semibold Link--primary mb-12px mr-4">codeql</a> <a href="https://github.blog/changelog/label/codesearch/" class="d-block text-semibold Link--primary mb-12px mr-4">codesearch</a> <a href="https://github.blog/changelog/label/codespaces/" class="d-block text-semibold Link--primary mb-12px mr-4">codespaces</a> <a href="https://github.blog/changelog/label/comments/" class="d-block text-semibold Link--primary mb-12px mr-4">comments</a> <a href="https://github.blog/changelog/label/commits/" class="d-block text-semibold Link--primary mb-12px mr-4">commits</a> <a href="https://github.blog/changelog/label/community/" class="d-block text-semibold Link--primary mb-12px mr-4">community</a> <a href="https://github.blog/changelog/label/compliance/" class="d-block text-semibold Link--primary mb-12px mr-4">compliance</a> <a href="https://github.blog/changelog/label/containers/" class="d-block text-semibold Link--primary mb-12px mr-4">containers</a> <a href="https://github.blog/changelog/label/copilot/" class="d-block text-semibold Link--primary mb-12px mr-4">copilot</a> <a href="https://github.blog/changelog/label/copilot-business/" class="d-block text-semibold Link--primary mb-12px mr-4">copilot-business</a> <a href="https://github.blog/changelog/label/copilot-chat/" class="d-block text-semibold Link--primary mb-12px mr-4">copilot-chat</a> <a href="https://github.blog/changelog/label/copilot-enterprise/" class="d-block text-semibold Link--primary mb-12px mr-4">copilot-enterprise</a> <a href="https://github.blog/changelog/label/dark-mode/" class="d-block text-semibold Link--primary mb-12px mr-4">dark-mode</a> <a href="https://github.blog/changelog/label/dependabot/" class="d-block text-semibold Link--primary mb-12px mr-4">dependabot</a> <a href="https://github.blog/changelog/label/dependency-graph/" class="d-block text-semibold Link--primary mb-12px mr-4">dependency-graph</a> <a href="https://github.blog/changelog/label/deployments/" class="d-block text-semibold Link--primary mb-12px mr-4">deployments</a> <a href="https://github.blog/changelog/label/desktop/" class="d-block text-semibold Link--primary mb-12px mr-4">desktop</a> <a href="https://github.blog/changelog/label/discussions/" class="d-block text-semibold Link--primary mb-12px mr-4">discussions</a> <a href="https://github.blog/changelog/label/docs/" class="d-block text-semibold Link--primary mb-12px mr-4">docs</a> <a href="https://github.blog/changelog/label/education/" class="d-block text-semibold Link--primary mb-12px mr-4">education</a> <a href="https://github.blog/changelog/label/enterprise/" class="d-block text-semibold Link--primary mb-12px mr-4">enterprise</a> <a href="https://github.blog/changelog/label/features/" class="d-block text-semibold Link--primary mb-12px mr-4">features</a> <a href="https://github.blog/changelog/label/feed/" class="d-block text-semibold Link--primary mb-12px mr-4">feed</a> <a href="https://github.blog/changelog/label/forks/" class="d-block text-semibold Link--primary mb-12px mr-4">forks</a> <a href="https://github.blog/changelog/label/ghec/" class="d-block text-semibold Link--primary mb-12px mr-4">ghec</a> <a href="https://github.blog/changelog/label/gists/" class="d-block text-semibold Link--primary mb-12px mr-4">gists</a> <a href="https://github.blog/changelog/label/git/" class="d-block text-semibold Link--primary mb-12px mr-4">git</a> <a href="https://github.blog/changelog/label/innersource/" class="d-block text-semibold Link--primary mb-12px mr-4">innersource</a> <a href="https://github.blog/changelog/label/insights/" class="d-block text-semibold Link--primary mb-12px mr-4">insights</a> <a href="https://github.blog/changelog/label/issues/" class="d-block text-semibold Link--primary mb-12px mr-4">issues</a> <a href="https://github.blog/changelog/label/licensing/" class="d-block text-semibold Link--primary mb-12px mr-4">licensing</a> <a href="https://github.blog/changelog/label/markdown/" class="d-block text-semibold Link--primary mb-12px mr-4">markdown</a> <a href="https://github.blog/changelog/label/merge-queue/" class="d-block text-semibold Link--primary mb-12px mr-4">merge-queue</a> <a href="https://github.blog/changelog/label/metrics/" class="d-block text-semibold Link--primary mb-12px mr-4">metrics</a> <a href="https://github.blog/changelog/label/microsoft-teams-2/" class="d-block text-semibold Link--primary mb-12px mr-4">microsoft-teams</a> <a href="https://github.blog/changelog/label/migrations/" class="d-block text-semibold Link--primary mb-12px mr-4">migrations</a> <a href="https://github.blog/changelog/label/mobile/" class="d-block text-semibold Link--primary mb-12px mr-4">mobile</a> <a href="https://github.blog/changelog/label/moderation/" class="d-block text-semibold Link--primary mb-12px mr-4">moderation</a> <a href="https://github.blog/changelog/label/navigation/" class="d-block text-semibold Link--primary mb-12px mr-4">navigation</a> <a href="https://github.blog/changelog/label/notifications/" class="d-block text-semibold Link--primary mb-12px mr-4">notifications</a> <a href="https://github.blog/changelog/label/npm/" class="d-block text-semibold Link--primary mb-12px mr-4">npm</a> <a href="https://github.blog/changelog/label/oidc/" class="d-block text-semibold Link--primary mb-12px mr-4">oidc</a> <a href="https://github.blog/changelog/label/open-source/" class="d-block text-semibold Link--primary mb-12px mr-4">open-source</a> <a href="https://github.blog/changelog/label/organizations/" class="d-block text-semibold Link--primary mb-12px mr-4">organizations</a> <a href="https://github.blog/changelog/label/packages/" class="d-block text-semibold Link--primary mb-12px mr-4">packages</a> <a href="https://github.blog/changelog/label/pages/" class="d-block text-semibold Link--primary mb-12px mr-4">pages</a> <a href="https://github.blog/changelog/label/payments/" class="d-block text-semibold Link--primary mb-12px mr-4">payments</a> <a href="https://github.blog/changelog/label/policies/" class="d-block text-semibold Link--primary mb-12px mr-4">policies</a> <a href="https://github.blog/changelog/label/product/" class="d-block text-semibold Link--primary mb-12px mr-4">product</a> <a href="https://github.blog/changelog/label/profile/" class="d-block text-semibold Link--primary mb-12px mr-4">profile</a> <a href="https://github.blog/changelog/label/projects/" class="d-block text-semibold Link--primary mb-12px mr-4">projects</a> <a href="https://github.blog/changelog/label/public-preview/" class="d-block text-semibold Link--primary mb-12px mr-4">public-preview</a> <a href="https://github.blog/changelog/label/pull-requests/" class="d-block text-semibold Link--primary mb-12px mr-4">pull-requests</a> <a href="https://github.blog/changelog/label/releases/" class="d-block text-semibold Link--primary mb-12px mr-4">releases</a> <a href="https://github.blog/changelog/label/repos/" class="d-block text-semibold Link--primary mb-12px mr-4">repos</a> <a href="https://github.blog/changelog/label/repositories/" class="d-block text-semibold Link--primary mb-12px mr-4">repositories</a> <a href="https://github.blog/changelog/label/rules/" class="d-block text-semibold Link--primary mb-12px mr-4">rules</a> <a href="https://github.blog/changelog/label/runners/" class="d-block text-semibold Link--primary mb-12px mr-4">runners</a> <a href="https://github.blog/changelog/label/search/" class="d-block text-semibold Link--primary mb-12px mr-4">search</a> <a href="https://github.blog/changelog/label/secret-scanning/" class="d-block text-semibold Link--primary mb-12px mr-4">secret-scanning</a> <a href="https://github.blog/changelog/label/security/" class="d-block text-semibold Link--primary mb-12px mr-4">security</a> <a href="https://github.blog/changelog/label/security-and-compliance/" class="d-block text-semibold Link--primary mb-12px mr-4 text-gradient-purple-coral">security-and-compliance</a> <a href="https://github.blog/changelog/label/security-overview/" class="d-block text-semibold Link--primary mb-12px mr-4">security-overview</a> <a href="https://github.blog/changelog/label/slack/" class="d-block text-semibold Link--primary mb-12px mr-4">slack</a> <a href="https://github.blog/changelog/label/sponsors/" class="d-block text-semibold Link--primary mb-12px mr-4">sponsors</a> <a href="https://github.blog/changelog/label/ssh/" class="d-block text-semibold Link--primary mb-12px mr-4">ssh</a> <a href="https://github.blog/changelog/label/sunset/" class="d-block text-semibold Link--primary mb-12px mr-4">sunset</a> <a href="https://github.blog/changelog/label/supply-chain/" class="d-block text-semibold Link--primary mb-12px mr-4">supply-chain</a> <a href="https://github.blog/changelog/label/support/" class="d-block text-semibold Link--primary mb-12px mr-4">support</a> <a href="https://github.blog/changelog/label/themes/" class="d-block text-semibold Link--primary mb-12px mr-4">themes</a> <a href="https://github.blog/changelog/label/ui/" class="d-block text-semibold Link--primary mb-12px mr-4">ui</a> <a href="https://github.blog/changelog/label/upload/" class="d-block text-semibold Link--primary mb-12px mr-4">upload</a> <a href="https://github.blog/changelog/label/user-management/" class="d-block text-semibold Link--primary mb-12px mr-4">user-management</a> <a href="https://github.blog/changelog/label/ux/" class="d-block text-semibold Link--primary mb-12px mr-4">ux</a> <a href="https://github.blog/changelog/label/vs-code/" class="d-block text-semibold Link--primary mb-12px mr-4">vs-code</a> <a href="https://github.blog/changelog/label/webhooks/" class="d-block text-semibold Link--primary mb-12px mr-4">webhooks</a> <a href="https://github.blog/changelog/label/wikis/" class="d-block text-semibold Link--primary mb-12px mr-4">wikis</a> <a href="https://github.blog/changelog/label/workflows/" class="d-block text-semibold Link--primary mb-12px mr-4">workflows</a> </div> </nav> </form> </div> </div> <div class="js-ajax-root mt-md-7 mb-9 mb-md-12"> <div class="container-xl mx-auto p-responsive-blog js-ajax-landing"> <article id="changelog-81238" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-81238 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-security-and-compliance changelog-label-security-overview"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-11-20-accessibility-improvements-for-security-overview" rel="bookmark">Accessibility improvements for security overview</a></h2> <time datetime="2024-11-20" class="d-block f5-mktg text-medium color-fg-muted mt-14px">November 20, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-overview/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-overview</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-81238" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>New accessibility enhancements to the security overview data visuals make it easier and more inclusive for everyone to interact with and understand code security insights.</p> <p align="center" class="has-image"> <img decoding="async" width="700" alt="Graph showing open alerts by severity on the security overview dashboard, with enhanced accessibility" src="https://github.com/user-attachments/assets/e7cf685f-d46e-4c2d-99ce-5c3d35b47fb6" loading="lazy"> </p> <h3 id="whats-new">What’s new?<a href="#whats-new" class="heading-link pl-2 text-italic text-bold" aria-label="What’s new?"></a></h3> <ul> <li><strong>Improved visual accessibility:</strong> Enhanced color contrast and better support for users with low vision, making it easier to interpret data visuals.</li> <li><strong>Keyboard navigation enhancements:</strong> Full keyboard-only navigation, including a clearly visible focus indicator, for smoother interactions without a mouse.</li> <li><strong>Assistive technology support:</strong> Improved compatibility with screen readers for better navigation and understanding of content.</li> </ul> <p>These updates are now generally available on GitHub Enterprise Cloud and will be included in GitHub Enterprise Server 3.16.</p> <p>Join the discussion in the <a href="https://github.com/orgs/community/discussions/categories/accessibility">GitHub Community</a> and read more about GitHub’s <a href="https://accessibility.github.com/">commitment to accessibility</a></p> </body></html> </div> <a href="https://github.blog/changelog/2024-11-20-accessibility-improvements-for-security-overview" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-81238"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-11-20-accessibility-improvements-for-security-overview" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-81092" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-81092 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-secret-scanning changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-11-12-secret-scanning-ability-to-add-an-optional-comment-when-reopening-alerts" rel="bookmark">Secret scanning: ability to add an optional comment when reopening alerts</a></h2> <time datetime="2024-11-12" class="d-block f5-mktg text-medium color-fg-muted mt-14px">November 12, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/secret-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">secret-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-81092" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>To remediate and triage alerts more effectively, you can now add an optional comment when reopening a secret scanning alert. Comments will appear in the alert timeline. Previously, you could only add a comment when closing the alert.</p> <p>Learn more about <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/about-secret-scanning">how to secure your repositories with secret scanning</a>. Let us know what you think by participating in a <a href="https://github.com/orgs/community/discussions/categories/code-security">GitHub community discussion</a> or signing up for a <a href="https://github.com/orgs/community/discussions/141497#:~:text=60%20minute%20feedback%20session">60 minute feedback session</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-11-12-secret-scanning-ability-to-add-an-optional-comment-when-reopening-alerts" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-81092"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-11-12-secret-scanning-ability-to-add-an-optional-comment-when-reopening-alerts" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-81091" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-81091 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-secret-scanning changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-11-12-push-protection-bypass-request-details-are-included-in-the-rest-api-webhooks-and-audit-logs-for-secret-scanning-alerts" rel="bookmark">Push protection bypass request details are included in the REST API, webhooks, and audit logs for secret scanning alerts</a></h2> <time datetime="2024-11-12" class="d-block f5-mktg text-medium color-fg-muted mt-14px">November 12, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/secret-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">secret-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-81091" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Secret scanning alerts resulting from an approved push protection bypass request will now show relevant details in the alert information surfaced in the REST API, webhooks, and audit logs. This allows information currently visible in the UI to be used in automated workflows.</p> <p>Secret scanning alert <a href="https://docs.github.com/en/enterprise-cloud@latest/rest/secret-scanning/secret-scanning?apiVersion=2022-11-28">REST API endpoints</a> and <a href="https://docs.github.com/en/enterprise-cloud@latest/webhooks/webhook-events-and-payloads#secret_scanning_alert">webhook events</a> now include the following fields:<br> – <code>push_protection_bypass_request_reviewer</code><br> – <code>push_protection_bypass_request_comment</code><br> – <code>push_protection_bypass_request_html_url</code></p> <p><a href="https://docs.github.com/en/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization#secret_scanning_push_protection">Audit log events for push protection bypasses</a> now include the following fields:<br> – <code>push_protection_bypass_request_reviewer</code><br> – <code>push_protection_bypass_request_reviewer_id</code></p> <p>Learn more about <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/introduction/about-secret-scanning">secret scanning</a> and <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection">bypass controls for push protection</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-11-12-push-protection-bypass-request-details-are-included-in-the-rest-api-webhooks-and-audit-logs-for-secret-scanning-alerts" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-81091"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-11-12-push-protection-bypass-request-details-are-included-in-the-rest-api-webhooks-and-audit-logs-for-secret-scanning-alerts" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-81042" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-81042 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-security-and-compliance changelog-label-security-overview"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-31-sast-vulnerabilities-summary-now-available-on-the-security-overview-dashboard" rel="bookmark">SAST vulnerabilities summary now available on the security overview dashboard</a></h2> <time datetime="2024-10-31" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 31, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-overview/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-overview</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-81042" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Now you can better manage and mitigate your security vulnerabilities with a new SAST vulnerabilities summary table, available directly on the security overview dashboard. This feature highlights your top 10 CodeQL and third-party open alerts by count, grouped by vulnerability type.</p> <p align="center" class="has-image"> <img decoding="async" width="700" alt="The SAST vulnerabilities table on the Detection tab of the overview dashboard" src="https://github.com/user-attachments/assets/2036a904-3728-4bf5-bb46-58127e57ad21" loading="lazy"> </p> <p>When prioritizing which alerts to address first, it’s crucial to consider various factors. One significant factor is the number of instances of a vulnerability across your codebase. The more areas of code affected by a vulnerability, the higher the potential risk for exploitation.</p> <p>To access the new SAST vulnerabilities table, click your profile photo in the top-right corner of GitHub.com and select the organization or enterprise you want to view. For organizations, go to the <strong>Security</strong> tab and scroll to the bottom of the <strong>Detection</strong> view on the <strong>Overview</strong> dashboard. For enterprises, click <strong>Code Security</strong> in the sidebar, then select <strong>Overview</strong> and scroll to the bottom of the <strong>Detection</strong> view.</p> <p>The SAST vulnerabilities summary is now generally available on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.16.</p> <p><a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/security-overview/viewing-security-insights">Learn more about security overview insights</a> and join the discussion within the <a href="https://github.com/github-community/community/discussions/categories/code-security">GitHub Community</a></p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-31-sast-vulnerabilities-summary-now-available-on-the-security-overview-dashboard" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-81042"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-31-sast-vulnerabilities-summary-now-available-on-the-security-overview-dashboard" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80899" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80899 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-copilot changelog-label-dependabot changelog-label-security changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-29-copilot-autofix-for-dependabot-now-available-for-typescript-repositories-private-preview" rel="bookmark">Copilot Autofix for Dependabot now available for TypeScript repositories (private preview)</a></h2> <time datetime="2024-10-29" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 29, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/dependabot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">dependabot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80899" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Copilot Autofix for Dependabot is now available in private preview for TypeScript repositories.</p> <p>This new feature combines the power of GitHub Copilot with Dependabot, making it easier than ever to automatically fix breaking changes introduced by dependency updates. With Copilot Autofix, you can save time and minimize disruptions by receiving AI-generated fixes to resolve breaking changes caused by dependency upgrades in Dependabot-authored pull requests.</p> <h3 id="why-copilot-autofix-for-dependabot">Why Copilot Autofix for Dependabot?<a href="#why-copilot-autofix-for-dependabot" class="heading-link pl-2 text-italic text-bold" aria-label="Why Copilot Autofix for Dependabot?"></a></h3> <p>Dependency updates can introduce breaking changes that lead to failing CI tests and deployment delays. Identifying the exact cause of these breaks and implementing the correct fix can require significant time and effort, making it challenging to stay on the most up-to-date and secure version of a dependency.</p> <p>Dependabot can now leverage the power of Copilot Autofix to analyze dependency updates that fail CI tests and suggest fixes, all within the pull request. Copilot Autofix for Dependabot not only helps keep your dependencies up to date, but also keeps your CI green. Staying up-to-date on dependencies upgrades with breaking changes is now easier and faster than ever.</p> <h3 id="how-to-join-the-private-preview">How to join the private preview<a href="#how-to-join-the-private-preview" class="heading-link pl-2 text-italic text-bold" aria-label="How to join the private preview"></a></h3> <p>To sign up for the feature waitlist, fill out the <a href="https://github.com/features/preview/copilot-autofix-for-dependabot">form</a> to express your interest. We’ll notify selected participants as we roll out the feature over the coming weeks.</p> <p>This feature is available in private preview to GitHub Advanced Security customers on cloud deployments. Starting today, we support TypeScript repos with tests set up in GitHub Actions. As we continue to develop this feature, we will expand coverage for additional languages and testing requirements.</p> <h3 id="learn-more">Learn more<a href="#learn-more" class="heading-link pl-2 text-italic text-bold" aria-label="Learn more"></a></h3> <p>Please keep an eye on future changelogs for more updates as the feature moves to public preview and general availability.</p> <p>To learn more, please join the <a href="https://github.com/features/preview/copilot-autofix-for-dependabot">waitlist</a> or check out the <a href="https://github.com/features/preview">latest GitHub feature previews</a>.</p> <p>To hear what others are saying and offer your own take, join the discussion in the <a href="https://github.com/orgs/community/discussions/141502">GitHub Community</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-29-copilot-autofix-for-dependabot-now-available-for-typescript-repositories-private-preview" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80899"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-29-copilot-autofix-for-dependabot-now-available-for-typescript-repositories-private-preview" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80940" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80940 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-copilot changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-29-security-campaigns-with-copilot-autofix-are-now-in-public-preview" rel="bookmark">Security campaigns with Copilot Autofix are now in public preview</a></h2> <time datetime="2024-10-29" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 29, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80940" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Security campaigns with Copilot Autofix are now in public preview. Available as part of <a href="https://github.com/enterprise/advanced-security">GitHub Advanced Security</a>, security campaigns rapidly reduce your backlog of application security debt. By using Copilot Autofix to generate contextual explanations and code suggestions for up to 1,000 historical code scanning alerts at a time, security campaigns help developers and security teams collaborate to fix vulnerabilities with speed and confidence.</p> <p>Code scanning detection engines such as <a href="https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql">GitHub’s CodeQL</a> are incredibly effective at automatically notifying developers about potential security vulnerabilities in their code in the form of code scanning alerts. Most developers fix these vulnerabilities with the help of <a href="https://github.blog/news-insights/product-news/secure-code-more-than-three-times-faster-with-copilot-autofix/">Copilot Autofix</a> when they’re <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests">flagged pull requests</a>. However, in situations where these alerts aren’t remediated in a timely manner, security debt can build up and pose a serious risk to deployed applications. Using security campaigns, security teams and developers can easily collaborate to remediate and eradicate security debt at scale, with the help of Copilot Autofix.</p> <p>A security campaign on GitHub can contain a large number of code scanning alerts, prioritized by your security team to be fixed within a chosen timeframe. When a campaign is created, Copilot Autofix automatically suggests fixes for all supported alerts, and developers who are most familiar with the code are notified. From there, they can review the fixes, open pull requests, and remediate the security debt.</p> <p>Security teams can monitor the progress of the campaign and track the number of alerts that have been fixed. Using security campaigns, security and developer teams work together with Copilot Autofix to remove security debt in targeted efforts aimed at maximizing impact by focusing on the alerts that matter.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/051a9919-87c1-4ff0-ac21-e3aca05c0d3e" alt="Organization-level view of a security campaign to remediate SQL injection alerts" loading="lazy"></p> <p>Security campaigns are available for users of GitHub Advanced Security on GitHub Enterprise Cloud. For more information about security campaigns, see <a href="https://docs.github.com/enterprise-cloud@latest/code-security/securing-your-organization/fixing-security-alerts-at-scale/about-security-campaigns">About security campaigns</a> in the GitHub documentation.</p> <p>If you have any feedback on security campaigns: join the discussion in the <a href="https://gh.io/security-campaigns-feedback">GitHub Community</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-29-security-campaigns-with-copilot-autofix-are-now-in-public-preview" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80940"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-29-security-campaigns-with-copilot-autofix-are-now-in-public-preview" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80905" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80905 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-copilot changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-29-copilot-autofix-now-supports-partner-code-scanning-tools" rel="bookmark">Copilot Autofix now supports partner code scanning tools</a></h2> <time datetime="2024-10-29" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 29, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80905" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p><a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/responsible-use-autofix-code-scanning">Copilot Autofix</a> now supports fix suggestions for problems detected by <a href="https://eslint.org/">ESLint</a>, a partner code scanning tool. Autofixes are available both in pull requests and for historical alerts.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/8b110e6c-4cee-482b-a09e-4dfb7274cba4" alt="Setting up ESLint using a starter workflow" width="700" loading="lazy"></p> <p>ESLint is the first partner tool supported by Copilot Autofix. Support for additional partner tools, such as JFrog SAST and Black Duck’s Polaris™ platform powered by Coverity®, will be announced by future changelogs when available. To opt out of fix suggestions for third-party tools, you can disable this feature from the code scanning settings page.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/5407a8e4-a3b1-47a2-bbd7-286e526cb8ef" alt="Example of a fix suggestion for an existing ESLint alert" width="700" loading="lazy"></p> <p>In order for Copilot Autofix to pick up ESLint alerts, you need to enable ESLint as a code scanning tool in the target repository. For reference, you can select an updated starter workflow when setting up a new GitHub Actions workflow in your repository. You can use both ESLint scanning and the CodeQL analysis in the same repository.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/4b9a860f-869b-4adb-97d4-6ea588d84957" alt="Disabling fix suggestions for third-party tools" width="700" loading="lazy"></p> <p>For more information, see: <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/responsible-use-autofix-code-scanning">Responsible use of Copilot Autofix for code scanning</a>. If you have feedback for Copilot Autofix for code scanning, please join the discussion <a href="https://github.com/orgs/community/discussions/142424">here</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-29-copilot-autofix-now-supports-partner-code-scanning-tools" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80905"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-29-copilot-autofix-now-supports-partner-code-scanning-tools" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80751" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80751 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-secret-scanning changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-24-secret-scanning-supports-delegated-bypass-for-push-protection-on-file-uploads-ga" rel="bookmark">Secret scanning supports delegated bypass for push protection on file uploads (GA)</a></h2> <time datetime="2024-10-24" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 24, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/secret-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">secret-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80751" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Secret scanning now supports delegated bypass controls for <a href="https://docs.github.com/en/enterprise-cloud@latest/repositories/working-with-files/managing-files/adding-a-file-to-a-repository#adding-a-file-to-a-repository-on-github-enterprise-cloud">repository file uploads</a> from the browser.</p> <p>If delegated bypass is configured for an organization or repository, anyone without bypass permissions will need to submit a bypass request to approved reviewers in order to upload a file that contains a secret. This helps ensure that secrets are not accidentally committed to a repository.</p> <p>For more information, see “<a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/introduction/about-secret-scanning">About secret scanning</a>” and “<a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection#about-delegated-bypass-for-push-protection">About delegated bypass for push protection</a>.”</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-24-secret-scanning-supports-delegated-bypass-for-push-protection-on-file-uploads-ga" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80751"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-24-secret-scanning-supports-delegated-bypass-for-push-protection-on-file-uploads-ga" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80745" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80745 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-secret-scanning changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-24-secret-scanning-support-for-public-leak-and-multi-repository-indicators-in-webhook-and-audit-log-events" rel="bookmark">Secret scanning support for public leak and multi-repository indicators in webhook and audit log events</a></h2> <time datetime="2024-10-24" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 24, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/secret-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">secret-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80745" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Public leak and multi-repository indicators are now included in <a href="https://docs.github.com/en/enterprise-cloud@latest/webhooks/webhook-events-and-payloads#secret_scanning_alert">webhook</a> and <a href="https://docs.github.com/en/enterprise-cloud@latest/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization#secret_scanning_alert">audit log event</a> payloads for secret scanning alerts.</p> <h3 id="what-are-public-leak-and-multi-repo-labels">What are public leak and multi-repo labels?<a href="#what-are-public-leak-and-multi-repo-labels" class="heading-link pl-2 text-italic text-bold" aria-label="What are public leak and multi-repo labels?"></a></h3> <p>To help you triage and remediate secret leaks more effectively, GitHub secret scanning indicates if a secret detected in your repository has also leaked publicly with a <code>public leak</code> label on the alert. The alert also indicates if the secret was exposed in other repositories across your organization or enterprise with a <code>multi-repo</code> label.</p> <p>These labels provide additional understanding into the distribution of an exposed secret, while also making it easier to assess an alert’s risk and urgency. For example, a secret which has a known associated exposure in a public location has a higher likelihood of exploitation. Detection of public leaks is only currently supported for <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#default-patterns">provider-based patterns</a>.</p> <p>The <code>multi-repo</code> label makes it easier to de-duplicate alerts and is supported for all secret types, including <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning">custom patterns</a>. You can only view and navigate to other enterprise repositories with duplicate alerts if you have appropriate permissions to view them.</p> <p>Both indicators currently apply only for newly created alerts.</p> <h3 id="learn-more">Learn more<a href="#learn-more" class="heading-link pl-2 text-italic text-bold" aria-label="Learn more"></a></h3> <p>Learn more about <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts#reviewing-alert-labels">reviewing alert labels</a> and how to <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/about-secret-scanning">secure your repositories with secret scanning</a>. Let us know what you think by participating in our <a href="https://github.com/orgs/community/discussions/141497">GitHub community discussion</a> or signing up for a <a href="https://github.com/orgs/community/discussions/141497#:~:text=60%20minute%20feedback%20session">60 minute feedback session</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-24-secret-scanning-support-for-public-leak-and-multi-repository-indicators-in-webhook-and-audit-log-events" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80745"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-24-secret-scanning-support-for-public-leak-and-multi-repository-indicators-in-webhook-and-audit-log-events" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80709" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80709 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-secret-scanning changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-23-bypass-controls-for-push-protection-are-generally-available" rel="bookmark">Bypass controls for push protection are generally available</a></h2> <time datetime="2024-10-23" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 23, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/secret-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">secret-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80709" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Secret scanning <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection">bypass privileges for push protection</a> are now generally available.</p> <p>These controls allow you to choose who is allowed to bypass push protection, and introduce a review and approval cycle for pushes containing secrets from all other contributors. This can ensure push protection blocks are not accidentally bypassed and prevent secrets from being committed to your repositories.</p> <p>Controls for bypass privileges can be set as part of your organization’s <a href="https://docs.github.com/en/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale#about-security-configurations">security configurations</a> or at the repository level in your code security settings. You can add specific roles or teams to your bypass list. The individuals in these roles and teams will be able to bypass push protection themselves, and will act as reviewers for any bypass requests submitted by another contributor. The requests can be approved or denied, determining whether the commit can proceed into the repository.</p> <p class="has-image"><img decoding="async" src="https://github.com/user-attachments/assets/b17d05a2-6e1e-479e-a433-ac9ee5481dc8" alt="screenshot of bypass privileges within security configurations" loading="lazy"></p> <p>Reviewers can view the requests under the Security tab at either the organization level or repository level. Requests can also be accessed through audit log and webhook events.</p> <p>Learn more about <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning">secret scanning</a> and <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/push-protection-for-repositories-and-organizations">push protection</a>, or <a href="https://github.com/orgs/community/discussions/121816">join the discussion in the GitHub Community</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-23-bypass-controls-for-push-protection-are-generally-available" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80709"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-23-bypass-controls-for-push-protection-are-generally-available" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80644" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80644 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-secret-scanning changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-22-secret-scanning-improvements-for-alerts-with-known-public-leaks-and-enterprise-duplicates" rel="bookmark">Secret scanning: improvements for alerts with known public leaks and enterprise duplicates</a></h2> <time datetime="2024-10-22" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 22, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/secret-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">secret-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80644" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>You can now view exact locations of known public leaks for a secret scanning alert, as well as any repositories with duplicate alerts across your enterprise. Public leak and duplicate alert labels are now also surfaced via the <a href="https://docs.github.com/en/enterprise-cloud@latest/rest/secret-scanning/secret-scanning?apiVersion=2022-11-28">REST API</a>.</p> <h3 id="what-are-public-leak-and-multi-repo-labels">What are public leak and multi-repo labels?<a href="#what-are-public-leak-and-multi-repo-labels" class="heading-link pl-2 text-italic text-bold" aria-label="What are public leak and multi-repo labels?"></a></h3> <p>To help you triage and remediate secret leaks more effectively, GitHub secret scanning now indicates if a secret detected in your repository has also leaked publicly with a <code>public leak</code> label on the alert. The alert also indicates if the secret was exposed in other repositories across your organization or enterprise with a <code>multi-repo</code> label.</p> <p>These labels provide additional understanding into the distribution of an exposed secret, while also making it easier to assess an alert’s risk and urgency. For example, a secret which has a known associated exposure in a public location has a higher likelihood of exploitation. Detection of public leaks is only currently supported for <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#default-patterns">provider-based patterns</a>.</p> <p>The <code>multi-repo</code> label makes it easier to de-duplicate alerts and is supported for all secret types, including <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning">custom patterns</a>. You can only view and navigate to other enterprise repositories with duplicate alerts if you have appropriate permissions to view them.</p> <p>Both indicators currently apply only for newly created alerts.</p> <h3 id="learn-more">Learn more<a href="#learn-more" class="heading-link pl-2 text-italic text-bold" aria-label="Learn more"></a></h3> <p>Learn more about <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts#reviewing-alert-labels">reviewing alert labels</a> and how to <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/about-secret-scanning">secure your repositories with secret scanning</a>. Let us know what you think by participating in our <a href="https://github.com/orgs/community/discussions/141497">GitHub community discussion</a> or signing up for a <a href="https://github.com/orgs/community/discussions/141497#:~:text=60%20minute%20feedback%20session">60 minute feedback session</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-22-secret-scanning-improvements-for-alerts-with-known-public-leaks-and-enterprise-duplicates" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80644"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-22-secret-scanning-improvements-for-alerts-with-known-public-leaks-and-enterprise-duplicates" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80598" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80598 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-secret-scanning changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-21-copilot-secret-scanning-for-generic-passwords-is-generally-available" rel="bookmark">Copilot secret scanning for generic passwords is generally available</a></h2> <time datetime="2024-10-21" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 21, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/secret-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">secret-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80598" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Copilot secret scanning is now generally available. Copilot secret scanning, which detects generic passwords using AI, offers greater precision for unstructured credentials that can cause security breaches if exposed. Over 350,000 repositories have already enabled this password detection.</p> <p>To enable Copilot secret scanning, select “Scan for generic secrets” within your code security and analysis settings at the repository level, or the code security global settings at the organization level. You can also use the <a href="https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#update-a-repository">Update a repository API endpoint</a> for enablement at the repository level. Support for enablement through your organization’s code security configurations, as well as enablement for organizations and enterprises with the API, will come in a future release.</p> <p>Password detection is backed by the Copilot API and is available for all repositories with a GitHub Advanced Security license. You do not need a Copilot license to enable generic secret detection. Passwords found in git content will create a secret scanning alert in the “Experimental” tab, separate from regular alerts.</p> <p>In effort to reduce false positives and detections of secrets that are used in tests, Copilot secret scanning will not:<br> – detect more than 100 passwords per push<br> – detect secrets in media files (<code>.svg</code>, <code>.png</code>, <code>.jpeg</code>)<br> – detect secrets in language files (<code>.js</code>, <code>.py</code>, <code>.ts</code>, <code>.java</code>, <code>.cs</code>, or <code>.rb</code>) that contain <code>test</code>, <code>mock</code>, or <code>spec</code> in the filepath<br> – detect additional secrets in files where five or more alerts have been marked as false positive</p> <p>Note that passwords will not be detected in non-git content, like GitHub Issues or pull requests. Passwords are also excluded from push protection, another feature of secret scanning designed to prevent sensitive information from being pushed to your repository.</p> <p>Learn more about <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/">secret scanning</a> and <a href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/about-the-detection-of-generic-secrets-with-secret-scanning">generic secret detection</a> or join our <a href="https://github.com/orgs/community/discussions/142208">community discussion</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-21-copilot-secret-scanning-for-generic-passwords-is-generally-available" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80598"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-21-copilot-secret-scanning-for-generic-passwords-is-generally-available" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80483" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80483 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-security-and-compliance changelog-label-security-overview"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-17-new-code-security-configurations-let-you-set-security-features-at-the-organization-level" rel="bookmark">New code security configurations let you set security features at the organization level</a></h2> <time datetime="2024-10-17" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 17, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-overview/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-overview</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80483" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>Now you can simplify the rollout of GitHub security products within your organization. Code security configurations now allow you to define collections of security settings and apply those settings to groups of repositories. Configurations help you maintain security settings for important features like code scanning, secret scanning, and Dependabot.</p> <p>As previously <a href="https://github.blog/changelog/2024-08-14-code-security-configurations-will-replace-feature-enablement-on-the-organization-level-security-coverage-page-on-october-15/">announced in August</a>, starting today, you can no longer enable or disable GitHub security features from the organization-level security coverage view, which has been deprecated and replaced with code security configurations for managing these settings.</p> <p>Learn more about <a href="https://docs.github.com/en/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale">code security configurations</a> and <a href="https://github.com/orgs/community/discussions/114519">send us your feedback</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-17-new-code-security-configurations-let-you-set-security-features-at-the-organization-level" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80483"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-17-new-code-security-configurations-let-you-set-security-features-at-the-organization-level" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80373" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80373 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-code-scanning changelog-label-codeql changelog-label-copilot changelog-label-security-and-compliance"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-10-now-you-can-choose-a-specific-branch-when-using-copilot-autofix-for-code-scanning" rel="bookmark">Now you can choose a specific branch when using Copilot Autofix for code scanning</a></h2> <time datetime="2024-10-10" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 10, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/codeql/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">codeql</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/copilot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">copilot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80373" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>When using Copilot Autofix for historical alerts, you can now choose the branch to which you want to commit an autofix. You can also decide whether to then open a pull request, check out the branch locally, or open it in GitHub Desktop.</p> <p>Copilot Autofix provides automatic fix suggestions for code scanning alerts in your codebase.</p> <p class="has-image"><img decoding="async" width="700" alt="Example of committing Copilot Autofix to branch" src="https://github.com/user-attachments/assets/cfcacb96-b197-4c3f-b1f0-44db703e551d" loading="lazy"></p> <p>This update integrates Autofix more closely within the developer workflow, so you can quickly iterate on fix suggestions and collaborate on those with your team.</p> <p>For more information, see: <a href="https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning">About Copilot Autofix for CodeQL code scanning</a>. If you have feedback for Copilot Autofix for code scanning, please join the discussion <a href="https://github.com/orgs/community/discussions/111094">here</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-10-now-you-can-choose-a-specific-branch-when-using-copilot-autofix-for-code-scanning" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80373"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-10-now-you-can-choose-a-specific-branch-when-using-copilot-autofix-for-code-scanning" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> <article id="changelog-80371" class="d-flex gutter-spacious flex-wrap position-relative changelog-line js-ajax-fetchable post-80371 changelog type-changelog status-publish hentry changelog-label-advanced-security changelog-label-advisory-database changelog-label-closing-down changelog-label-code-scanning changelog-label-dependabot changelog-label-dependency-graph changelog-label-secret-scanning changelog-label-security-and-compliance changelog-label-sunset"> <div class="pb-4 pt-5 pt-md-7 col-12 col-md-5 position-relative"> <div class="changelog-single-details position-sticky top-12"> <svg class="octicon octicon-commit position-absolute left-0 color-bg-default color-fg-muted" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="28" height="28"><path fill-rule="evenodd" d="M15.5 11.75a3.5 3.5 0 11-7 0 3.5 3.5 0 017 0zm1.444-.75a5.001 5.001 0 00-9.888 0H2.75a.75.75 0 100 1.5h4.306a5.001 5.001 0 009.888 0h4.306a.75.75 0 100-1.5h-4.306z" fill="currentColor"></path></svg> <h2 class="h5-mktg"><a class="Link--primary" href="https://github.blog/changelog/2024-10-09-upcoming-replacement-of-enterprise-code-security-enablement-ui-and-apis" rel="bookmark">Upcoming replacement of enterprise code security enablement UI and APIs</a></h2> <time datetime="2024-10-09" class="d-block f5-mktg text-medium color-fg-muted mt-14px">October 9, 2024</time> <ul class="d-inline-block list-style-none post-hero__categories mt-2"><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advanced-security/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advanced-security</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/advisory-database/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">advisory-database</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/closing-down/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">closing-down</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/code-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">code-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/dependabot/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">dependabot</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/dependency-graph/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">dependency-graph</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/secret-scanning/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">secret-scanning</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/security-and-compliance/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">security-and-compliance</a></li><li class="d-inline-block mr-2 mt-2"><a href="https://github.blog/changelog/label/sunset/" class="f5-mktg pill-label text-gradient-purple-coral text-bold">sunset</a></li></ul> </div> </div> <div class="col-12 col-md-7"> <div class="pb-5 pt-0 py-md-7 changelog-single-content-wrap border-bottom"> <div id="changelog-single-content-80371" class="post__content changelog-single-content js-show-all-target"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html><body><p>In the coming months, the current interface for managing code security settings for an enterprise will be deprecated and replaced with <a href="https://github.blog/changelog/2024-04-02-code-security-configurations-let-organizations-easily-roll-out-github-security-products-at-scale/">new and improved code security configurations</a> that will provide you a more consistent and scalable way to manage security settings across repositories within your enterprise.</p> <p>The current <a href="https://docs.github.com/en/enterprise-cloud@latest/rest/enterprise-admin/code-security-and-analysis?apiVersion=2022-11-28">REST API endpoint to enable or disable a security feature for an enterprise</a> is now deprecated. It will continue to work for an additional year in the current version of the REST API before being removed in September of 2025, but note that it may conflict with settings assigned in code security configurations if the configuration is unenforced, potentially resulting in a security configuration being unintentionally removed from a repository. To change the security settings for repositories at the enterprise level, you can use the current enterprise-level security settings UI or the upcoming code security configurations API.</p> <p><a href="https://github.com/orgs/community/discussions/114519">Send us your feedback!</a>.</p> </body></html> </div> <a href="https://github.blog/changelog/2024-10-09-upcoming-replacement-of-enterprise-code-security-enablement-ui-and-apis" role="button" class="Link--primary d-none d-md-inline-block mt-4 text-bold js-show-trigger" aria-expanded="false" aria-controls="changelog-single-content-80371"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> <a href="https://github.blog/changelog/2024-10-09-upcoming-replacement-of-enterprise-code-security-enablement-ui-and-apis" class="Link--primary d-inline-block d-md-none mt-4 text-bold js-show-trigger-alt"> See more <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </article> </div> <div class="container-xl mx-auto p-responsive-blog mt-6 mt-md-8"> <div class="d-flex gutter-spacious"> <div class="col-12 col-md-7 offset-md-5"> <a href="https://github.blog/changelog/label/security-and-compliance/page/2/" class="d-inline-block btn-mktg js-ajax-fetch changelog-single-content-wrap"> View more changes <svg class="octicon octicon-chevron-down" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path fill-rule="evenodd" d="M12.78 6.22a.75.75 0 010 1.06l-4.25 4.25a.75.75 0 01-1.06 0L3.22 7.28a.75.75 0 011.06-1.06L8 9.94l3.72-3.72a.75.75 0 011.06 0z" fill="currentColor"></path></svg> </a> </div> </div> </div> </div> </main> <div data-color-mode="dark" data-light-theme="light" data-dark-theme="dark"> <footer class="footer pt-6"> <div class="container-xl p-responsive-blog"> <div class="d-flex flex-wrap py-5 mb-5"> <div class="col-12 col-lg-4 mb-5"> <a href="https://github.com/" data-ga-click="Resources, go to home, resources footer" class="color-fg-default" aria-label="Go to GitHub homepage"> <svg height="30" class="octicon octicon-logo-github" viewBox="0 0 45 16" version="1.1" width="84" aria-hidden="true"> <path fill-rule="evenodd" d="M18.53 12.03h-.02c.009 0 .015.01.024.011h.006l-.01-.01zm.004.011c-.093.001-.327.05-.574.05-.78 0-1.05-.36-1.05-.83V8.13h1.59c.09 0 .16-.08.16-.19v-1.7c0-.09-.08-.17-.16-.17h-1.59V3.96c0-.08-.05-.13-.14-.13h-2.16c-.09 0-.14.05-.14.13v2.17s-1.09.27-1.16.28c-.08.02-.13.09-.13.17v1.36c0 .11.08.19.17.19h1.11v3.28c0 2.44 1.7 2.69 2.86 2.69.53 0 1.17-.17 1.27-.22.06-.02.09-.09.09-.16v-1.5a.177.177 0 00-.146-.18zM42.23 9.84c0-1.81-.73-2.05-1.5-1.97-.6.04-1.08.34-1.08.34v3.52s.49.34 1.22.36c1.03.03 1.36-.34 1.36-2.25zm2.43-.16c0 3.43-1.11 4.41-3.05 4.41-1.64 0-2.52-.83-2.52-.83s-.04.46-.09.52c-.03.06-.08.08-.14.08h-1.48c-.1 0-.19-.08-.19-.17l.02-11.11c0-.09.08-.17.17-.17h2.13c.09 0 .17.08.17.17v3.77s.82-.53 2.02-.53l-.01-.02c1.2 0 2.97.45 2.97 3.88zm-8.72-3.61h-2.1c-.11 0-.17.08-.17.19v5.44s-.55.39-1.3.39-.97-.34-.97-1.09V6.25c0-.09-.08-.17-.17-.17h-2.14c-.09 0-.17.08-.17.17v5.11c0 2.2 1.23 2.75 2.92 2.75 1.39 0 2.52-.77 2.52-.77s.05.39.08.45c.02.05.09.09.16.09h1.34c.11 0 .17-.08.17-.17l.02-7.47c0-.09-.08-.17-.19-.17zm-23.7-.01h-2.13c-.09 0-.17.09-.17.2v7.34c0 .2.13.27.3.27h1.92c.2 0 .25-.09.25-.27V6.23c0-.09-.08-.17-.17-.17zm-1.05-3.38c-.77 0-1.38.61-1.38 1.38 0 .77.61 1.38 1.38 1.38.75 0 1.36-.61 1.36-1.38 0-.77-.61-1.38-1.36-1.38zm16.49-.25h-2.11c-.09 0-.17.08-.17.17v4.09h-3.31V2.6c0-.09-.08-.17-.17-.17h-2.13c-.09 0-.17.08-.17.17v11.11c0 .09.09.17.17.17h2.13c.09 0 .17-.08.17-.17V8.96h3.31l-.02 4.75c0 .09.08.17.17.17h2.13c.09 0 .17-.08.17-.17V2.6c0-.09-.08-.17-.17-.17zM8.81 7.35v5.74c0 .04-.01.11-.06.13 0 0-1.25.89-3.31.89-2.49 0-5.44-.78-5.44-5.92S2.58 1.99 5.1 2c2.18 0 3.06.49 3.2.58.04.05.06.09.06.14L7.94 4.5c0 .09-.09.2-.2.17-.36-.11-.9-.33-2.17-.33-1.47 0-3.05.42-3.05 3.73s1.5 3.7 2.58 3.7c.92 0 1.25-.11 1.25-.11v-2.3H4.88c-.11 0-.19-.08-.19-.17V7.35c0-.09.08-.17.19-.17h3.74c.11 0 .19.08.19.17z"></path> </svg> </a> </div> <div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"><h2 class="h5 mb-3 text-mono color-text-tertiary text-normal">Product</h2><ul class="list-style-none text-gray f5"><li class="lh-condensed mb-3"><a href="https://github.com/features" data-ga-click="Site Foundation Components, go to Features, site foundation components footer" class="Link--secondary">Features</a></li><li class="lh-condensed mb-3"><a href="https://github.com/security" data-ga-click="Site Foundation Components, go to Security, site foundation components footer" class="Link--secondary">Security</a></li><li class="lh-condensed mb-3"><a href="https://github.com/enterprise" data-ga-click="Site Foundation Components, go to Enterprise, site foundation components footer" class="Link--secondary">Enterprise</a></li><li class="lh-condensed mb-3"><a href="https://github.com/customer-stories?type=enterprise" data-ga-click="Site Foundation Components, go to Customer Stories, site foundation components footer" class="Link--secondary">Customer Stories</a></li><li class="lh-condensed mb-3"><a href="https://github.com/pricing" data-ga-click="Site Foundation Components, go to Pricing, site foundation components footer" class="Link--secondary">Pricing</a></li><li class="lh-condensed mb-3"><a href="https://resources.github.com/" data-ga-click="Site Foundation Components, go to Resources, site foundation components footer" class="Link--secondary">Resources</a></li></ul></div><div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"><h2 class="h5 mb-3 text-mono color-text-tertiary text-normal">Platform</h2><ul class="list-style-none text-gray f5"><li class="lh-condensed mb-3"><a href="https://developer.github.com/" data-ga-click="Site Foundation Components, go to Developer API, site foundation components footer" class="Link--secondary">Developer API</a></li><li class="lh-condensed mb-3"><a href="https://partner.github.com/" data-ga-click="Site Foundation Components, go to Partners, site foundation components footer" class="Link--secondary">Partners</a></li><li class="lh-condensed mb-3"><a href="https://atom.io/" data-ga-click="Site Foundation Components, go to Atom, site foundation components footer" class="Link--secondary">Atom</a></li><li class="lh-condensed mb-3"><a href="https://www.electronjs.org/" data-ga-click="Site Foundation Components, go to Electron, site foundation components footer" class="Link--secondary">Electron</a></li><li class="lh-condensed mb-3"><a href="https://desktop.github.com/" data-ga-click="Site Foundation Components, go to GitHub Desktop, site foundation components footer" class="Link--secondary">GitHub Desktop</a></li></ul></div><div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"><h2 class="h5 mb-3 text-mono color-text-tertiary text-normal">Support</h2><ul class="list-style-none text-gray f5"><li class="lh-condensed mb-3"><a href="https://docs.github.com/" data-ga-click="Site Foundation Components, go to Docs, site foundation components footer" class="Link--secondary">Docs</a></li><li class="lh-condensed mb-3"><a href="https://github.community/" data-ga-click="Site Foundation Components, go to Community Forum, site foundation components footer" class="Link--secondary">Community Forum</a></li><li class="lh-condensed mb-3"><a href="https://services.github.com/" data-ga-click="Site Foundation Components, go to Training, site foundation components footer" class="Link--secondary">Training</a></li><li class="lh-condensed mb-3"><a href="https://www.githubstatus.com/" data-ga-click="Site Foundation Components, go to Status, site foundation components footer" class="Link--secondary">Status</a></li><li class="lh-condensed mb-3"><a href="https://support.github.com/" data-ga-click="Site Foundation Components, go to Contact, site foundation components footer" class="Link--secondary">Contact</a></li></ul></div><div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"><h2 class="h5 mb-3 text-mono color-text-tertiary text-normal">Company</h2><ul class="list-style-none text-gray f5"><li class="lh-condensed mb-3"><a href="https://github.com/about" data-ga-click="Site Foundation Components, go to About, site foundation components footer" class="Link--secondary">About</a></li><li class="lh-condensed mb-3"><a href="https://github.blog/" data-ga-click="Site Foundation Components, go to Blog, site foundation components footer" class="Link--secondary">Blog</a></li><li class="lh-condensed mb-3"><a href="https://github.com/about/careers" data-ga-click="Site Foundation Components, go to Careers, site foundation components footer" class="Link--secondary">Careers</a></li><li class="lh-condensed mb-3"><a href="https://github.com/about/press" data-ga-click="Site Foundation Components, go to Press, site foundation components footer" class="Link--secondary">Press</a></li><li class="lh-condensed mb-3"><a href="https://shop.github.com/" data-ga-click="Site Foundation Components, go to Shop, site foundation components footer" class="Link--secondary">Shop</a></li></ul></div> </div> </div> <div class="color-bg-subtle"> <div class="container-xl p-responsive-blog f6 py-4 d-sm-flex flex-justify-between flex-row-reverse flex-items-center"> <ul class="list-style-none d-flex flex-items-center mb-3 mb-sm-0 lh-condensed-ultra"> <li class="mr-3"> <a href="https://twitter.com/github" data-ga-click="Blog, go to X, resources footer" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 1227" class="d-block" height="18"> <title>X icon</title> <path xmlns="http://www.w3.org/2000/svg" d="M714.163 519.284 1160.89 0h-105.86L667.137 450.887 357.328 0H0l468.492 681.821L0 1226.37h105.866l409.625-476.152 327.181 476.152H1200L714.137 519.284h.026ZM569.165 687.828l-47.468-67.894-377.686-540.24h162.604l304.797 435.991 47.468 67.894 396.2 566.721H892.476L569.165 687.854v-.026Z" fill="currentColor"></path> </svg> <span class="sr-only">GitHub on X</span> </a> </li> <li class="mr-3"> <a href="https://www.facebook.com/GitHub" data-ga-click="Blog, go to Facebook, resources footer" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 15.3 15.4" class="d-block" height="18"> <title>Facebook icon</title> <path d="M14.5 0H.8a.88.88 0 0 0-.8.9v13.6a.88.88 0 0 0 .8.9h7.3v-6h-2V7.1h2V5.4a2.87 2.87 0 0 1 2.5-3.1h.5a10.87 10.87 0 0 1 1.8.1v2.1h-1.3c-1 0-1.1.5-1.1 1.1v1.5h2.3l-.3 2.3h-2v5.9h3.9a.88.88 0 0 0 .9-.8V.8a.86.86 0 0 0-.8-.8z" fill="currentColor"></path> </svg> <span class="sr-only">GitHub on Facebook</span> </a> </li> <li class="mr-3"> <a href="https://www.youtube.com/github" data-ga-click="Blog, go to YouTube, resources footer" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.17 13.6" class="d-block" height="16"> <title>YouTube icon</title> <path d="M18.77 2.13A2.4 2.4 0 0 0 17.09.42C15.59 0 9.58 0 9.58 0a57.55 57.55 0 0 0-7.5.4A2.49 2.49 0 0 0 .39 2.13 26.27 26.27 0 0 0 0 6.8a26.15 26.15 0 0 0 .39 4.67 2.43 2.43 0 0 0 1.69 1.71c1.52.42 7.5.42 7.5.42a57.69 57.69 0 0 0 7.51-.4 2.4 2.4 0 0 0 1.68-1.71 25.63 25.63 0 0 0 .4-4.67 24 24 0 0 0-.4-4.69zM7.67 9.71V3.89l5 2.91z" fill="currentColor"></path> </svg> <span class="sr-only">GitHub on YouTube</span> </a> </li> <li class="mr-3 flex-self-start"> <a href="https://www.twitch.tv/github" data-ga-click="Blog, go to Twitch, resources footer" style="color: #959da5;"> <svg role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" class="d-block" height="18"> <title>Twitch icon</title> <path d="M11.571 4.714h1.715v5.143H11.57zm4.715 0H18v5.143h-1.714zM6 0L1.714 4.286v15.428h5.143V24l4.286-4.286h3.428L22.286 12V0zm14.571 11.143l-3.428 3.428h-3.429l-3 3v-3H6.857V1.714h13.714Z" fill="currentColor"/> </svg> <span class="sr-only">GitHub on Twitch</span> </a> </li> <li class="mr-3 flex-self-start"> <a href="https://www.tiktok.com/@github" data-ga-click="Blog, go to TikTok, resources footer" style="color: #959da5;"> <svg role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" class="d-block" height="18"> <title>TikTok icon</title> <path d="M12.525.02c1.31-.02 2.61-.01 3.91-.02.08 1.53.63 3.09 1.75 4.17 1.12 1.11 2.7 1.62 4.24 1.79v4.03c-1.44-.05-2.89-.35-4.2-.97-.57-.26-1.1-.59-1.62-.93-.01 2.92.01 5.84-.02 8.75-.08 1.4-.54 2.79-1.35 3.94-1.31 1.92-3.58 3.17-5.91 3.21-1.43.08-2.86-.31-4.08-1.03-2.02-1.19-3.44-3.37-3.65-5.71-.02-.5-.03-1-.01-1.49.18-1.9 1.12-3.72 2.58-4.96 1.66-1.44 3.98-2.13 6.15-1.72.02 1.48-.04 2.96-.04 4.44-.99-.32-2.15-.23-3.02.37-.63.41-1.11 1.04-1.36 1.75-.21.51-.15 1.07-.14 1.61.24 1.64 1.82 3.02 3.5 2.87 1.12-.01 2.19-.66 2.77-1.61.19-.33.4-.67.41-1.06.1-1.79.06-3.57.07-5.36.01-4.03-.01-8.05.02-12.07z" fill="currentColor"/> </svg> <span class="sr-only">GitHub on TikTok</span> </a> </li> <li class="mr-3 flex-self-start"> <a href="https://www.linkedin.com/company/github" data-ga-click="Blog, go to Linkedin, resources footer" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19 18" class="d-block" height="18"> <title>LinkedIn icon</title> <path d="M3.94 2A2 2 0 1 1 2 0a2 2 0 0 1 1.94 2zM4 5.48H0V18h4zm6.32 0H6.34V18h3.94v-6.57c0-3.66 4.77-4 4.77 0V18H19v-7.93c0-6.17-7.06-5.94-8.72-2.91z" fill="currentColor"></path> </svg> <span class="sr-only">GitHub on LinkedIn</span> </a> </li> <li> <a href="https://github.com/github" data-ga-click="Blog, go to github's org, resources footer" style="color: #959da5;"> <svg height="20" class="octicon octicon-mark-github d-block" alt="" viewBox="0 0 16 16" version="1.1" width="20" aria-hidden="true"> <title>GitHub icon</title> <path fill-rule="evenodd" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"></path> </svg> <span class="sr-only">GitHub’s organization on GitHub</span> </a> </li> </ul> <ul class="list-style-none d-flex flex-wrap text-gray"> <li class="mr-3">© 2024 GitHub, Inc.</li> <li class="mr-3"> <a href="https://docs.github.com/en/github/site-policy/github-terms-of-service" data-ga-click="Site Foundation Components, go to terms, site foundation components footer" class="Link--secondary">Terms</a> </li> <li class="mr-3"> <a href="https://docs.github.com/en/github/site-policy/github-privacy-statement" data-ga-click="Site Foundation Components, go to privacy, site foundation components footer" class="Link--secondary">Privacy</a> </li> <li class="mr-3"> <button type="button" class="btn-link Link--secondary" onClick="_ghcc.showPreferences()">Manage Cookies</button> </li> <li class="mr-3"> <button type="button" class="btn-link Link--secondary" onClick="_ghcc.showPreferences()">Do not share my personal information</button> </li> </ul> </div> </div> </footer> </div> <div id="ghcc" style="position: sticky; bottom: 0; z-index: 99999;"></div><script src="https://ghcc.githubassets.com/ghcc.min.js" id="github_cookie_consent-js"></script> <script src="https://js.monitor.azure.com/scripts/c/ms.analytics-web-4.js" id="github_microsoft_analytics-js"></script> <script type="text/javascript" src="https://github.blog/_static/??/wp-content/plugins/gh-cookie-consent-and-tracking/dist/js/cookie-consent-and-tracking.js,/wp-includes/js/dist/hooks.min.js?m=1732206009j" ></script><script src="https://github.blog/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6" id="wp-i18n-js"></script> <script id="wp-i18n-js-after"> wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } ); </script> <script type="text/javascript" src="https://github.blog/wp-includes/js/dist/url.min.js?m=1732206009g" ></script><script src="https://github.blog/wp-includes/js/dist/api-fetch.min.js?ver=4c185334c5ec26e149cc" id="wp-api-fetch-js"></script> <script id="wp-api-fetch-js-after"> wp.apiFetch.use( wp.apiFetch.createRootURLMiddleware( "https://github.blog/wp-json/" ) ); wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware( "7660532aa1" ); wp.apiFetch.use( wp.apiFetch.nonceMiddleware ); wp.apiFetch.use( wp.apiFetch.mediaUploadMiddleware ); wp.apiFetch.nonceEndpoint = "https://github.blog/wp-admin/admin-ajax.php?action=rest-nonce"; </script> <script type="text/javascript" src="https://github.blog/wp-content/themes/github-2021/dist/js/site-script.js?m=1732205351g" ></script><script integrity="sha256-kAnFXX7lCXF9K2o4g5q1lKyk167yRq6C4TiXWtbgvQw=" crossorigin="anonymous" src="https://analytics.githubassets.com/v1.1.0/hydro-marketing.min.js?ver=6.6.2" id="hydro-analytics-js"></script> <script src="https://stats.wp.com/e-202447.js" id="jetpack-stats-js" data-wp-strategy="defer"></script> <script id="jetpack-stats-js-after"> _stq = window._stq || []; _stq.push([ "view", JSON.parse("{\"v\":\"ext\",\"blog\":\"153214340\",\"post\":\"0\",\"tz\":\"-8\",\"srv\":\"github.blog\",\"hp\":\"vip\",\"j\":\"1:13.9.1\"}") ]); _stq.push([ "clickTrackerInit", "153214340", "0" ]); </script> </body> </html>