GitHub Desktop 2.9 includes squashing, reordering, amending, and more!

In GitHub Desktop 2.7, we released cherry-picking and introduced drag and drop, and in GitHub Desktop 2.8 we made several improvements to diffs. We’re continuing that momentum and expanding drag and drop to allow you to squash and reorder commits in your history, amend previous commits, start new branches from earlier commits, and more. There’s more...

4d

Blacktocats turn five

June 10, 2021 editor’s note We’ve corrected the quote attributed to Benjamin Banneker. Thanks to readers for catching the error.   What began as a small group effort in 2015 has now turned into a global initiative here at GitHub to amplify Black voices and talent in the tech community. Blacktocats is the first official Employee Resource Group at...

2w

What’s new from GitHub Changelog? May 2021 Recap

In May, GitHub shipped a total of 20 new features. We love what we do, but we know it’s a lot to keep up with. So we’re trying something new on the GitHub Blog—a monthly recap of everything that shipped to Changelog in the past month. Check out some of the updates you might have missed. What was big in May? You can now upload video (.mp4 and .mov...

2w

Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug

polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit. As a member of GitHub Security Lab, my job is to help improve the security of open source software by finding and reporting vulnerabilities. A few weeks ago, I found a privilege escalation vulnerability...

2w

Securing the open source supply chain by scanning for package registry credentials

GitHub secret scanning has been securing our users’ code by scanning for and revoking secrets since 2015. Recently, we’ve focused on scanning for package registry credentials as well—a significant and important expansion on our original service. TL;DR Package registry credentials grant access to services that host software that hundreds of thousands...

2w

Updates to our policies regarding exploits, malware, and vulnerability research

One month ago, we started a discussion with the community about proposed revisions to clarify GitHub’s policies on security research, malware, and exploits with the goal to enable, welcome, and encourage dual-use security research and collaboration on GitHub. We want to thank the broader security research community, project maintainers, and developers...

3w

Release Radar · May 2021 Edition

We’ve seen some amazing community projects this last month. This was a huge month for your community with hundreds of new releases. There’s everything from world-changing tech to weekend hobbies. It was almost too hard to choose what to include in this Release Radar since there are so many awesome ones. Nevertheless, we chose some of our favourites....

3w

GitHub Enterprise Server 3.1 is now generally available

GitHub Enterprise Server 3.1 is now generally available for all customers. It helps customers work with large, busy repositories, while enabling developers to develop and deploy with less effort than ever. This release includes: GitHub Actions workflow visualizations (#88): track and troubleshoot complex workflows at a glance. Automerge pull requests...

3w

GitHub Availability Report: May 2021

Introduction In May, we experienced two incidents resulting in significant impact and degraded state of availability for API requests, GitHub Pages, GitHub Actions and the GitHub Packages service, specifically the GitHub Packages Container registry service. May 8 06:46 UTC (46 minutes) This incident was caused by failures in an underlying MySQL database,...

3w

Github Social Impact: How we’re driving change with social sector organizations

We’re proud to share the new and improved Social Impact at GitHub website, and we’re really excited to share what our team has been working on! GitHub’s mission is to advance human progress. Our part in that mission is to leverage the company’s assets in unique and powerful ways that can drive change for nonprofits and the greater social sector. Our...

3w