GitHub enables secret scanning push protection by default

In response to the alarming trend of API keys, tokens, and other confidential data being inadvertently exposed, GitHub has taken further steps to fortify its platform against potential breaches.

Within the first two months of 2024, GitHub has uncovered one million leaked secrets across public repositories, averaging over a dozen incidents per minute. Such alarming figures underscore the pressing need for robust safeguards to protect users and their data.

Since August...

GitHub incentivises open-source investments with sponsor-only repos

GitHub is launching private repositories that only sponsors have access to, helping to incentivise open-source investments.

Open-source mostly relies on developers voluntarily giving up their time to build and improve projects. Priority is naturally given to work that helps to keep a roof over their heads and food on the table—meaning that open-source projects can be underdeveloped at best or be left with devastating vulnerabilities at worst.

A growing number of...

GitHub launches preview of improved code search

GitHub is making significant improvements to its code searching experience and has launched a technology preview for an early peek.

The current search index covers more than five million of the most popular public repositories. In addition, developers can also search any private repositories they have access to.

GitHub recommends trying five search functions to see how they could improve your workflow:

Try a simple search and see how the smart ranking and...

GitHub’s secret scanning for private repos launches alongside security overview

GitHub has launched its secret scanning tool for private repositories alongside a new security overview dashboard.

The world’s largest repo host first unveiled the fraud-preventing secret scanning feature in May last year as part of GitHub Advanced Security—a package of features that includes code scanning, secret scanning, and dependency reviews.

Secret scanning has been in beta until today. Since it was first announced, GitHub says it has:

Expanded secret...

GitHub ‘sincerely apologises’ to Jewish employee fired over Nazis remark

GitHub has issued a public apology directed at a Jewish employee who was fired after making remarks about Nazis.

Following the US Capitol attack from groups with known associations to Nazis and other white supremacists, the employee posted in an internal Slack channel: “Stay safe homies, Nazis are about."

A co-worker complained about the comment–-calling it “untasteful conduct” and not how to describe the rioters.

Speaking to TechCrunch under conditions...

Universe 2020: GitHub simplifies open-source investing, adds dark mode, and more

GitHub is announcing a new way for businesses to invest in open-source alongside other features on day one of its virtual Universe conference.

Businesses will now be able to show their support and appreciation for their favourite open-source projects via ‘GitHub Sponsors for Companies’.

The new feature enables companies to invest in open-source projects using their existing GitHub billing arrangements. Several high-profile businesses – including Amazon Web...

GitHub CLI 1.0 enables a full repo workflow from the terminal

GitHub CLI, a tool for bringing full repo functionality to your terminal, has reached its first stable version after a very successful beta.

“Developers spend a lot of time in their terminals, and our CLI helps to mitigate the frequent context switching between your terminal and GitHub.com,” says Amanda Pinsker, Product Designer at GitHub.

“Command-line tools enable developers to script nearly any action and automate their workflows, which in turn allows developers...

GitHub makes its core tools free for all development teams

GitHub has given developers a welcome helping hand during these difficult times by making its core tools free.

Organisations can now make private repositories without paying any fees. Previously, even small teams would’ve had to pay for a premium membership starting from $7/month.

Last year, GitHub made private repositories available for free users but with restrictions in areas such as the number of collaborators; which hindered teams. Unlimited collaborators and...