GitHub rotates credentials following vulnerability discovery

GitHub has rotated encryption keys following the discovery of a vulnerability that could have enabled threat actors to steal credentials, the company revealed Tuesday.  

The Microsoft-owned firm said it first became aware of the high-severity security flaw tracked as CVE-2024-0200 on 26 December 2023. After investigating the issue and verifying there was no evidence it had been exploited in attacks, GitHub moved swiftly to rotate potentially exposed keys the same day as a...

17 January 2024 | Developer

GitHub opens Copilot Chat to all developers

GitHub has announced that Copilot Chat is now available to all developers, ushering in a new era of AI-powered software development.

Copilot Chat was launched for ‘Business’ users in July. The AI assistant is capable of assisting developers in their preferred natural language and promises to reduce repetitive tasks.

Developers can use the assistant to explore new languages or frameworks, troubleshoot bugs, and/or seek answers to coding questions, all while remaining...

21 September 2023 | Artificial Intelligence

Mathew Payne, GitHub: Protecting code while nurturing user experience

Developer caught up with Mathew Payne, Principal Field Security Specialist at GitHub, to discuss the platform’s security strategies and how they aim to strike a balance between robustness and a seamless user experience.

At the heart of GitHub's security philosophy lies a commitment to safeguarding user code. Payne emphasised that a major focus is on securing the code created by both users and developers.

“The first thing that we focus on at GitHub is the security...

18 August 2023 | Development Tools

GitHub introduces passwordless authentication

GitHub is introducing passwordless authentication to enhance account security and provide a more seamless user experience.

Passkeys are touted as offering a secure and easy-to-use method of protecting user accounts, with the aim of eliminating password-based breaches altogether. Unlike conventional security measures, passkeys offer improved security by combining two-factor authentication (2FA) with enhanced user verification.

Passkeys require something the user is or...

14 July 2023 | Development Tools

GitHub releases Blackbird code search engine

GitHub has released its reworked code search engine, Blackbird, which is built on Rust and promises faster and more comprehensive software repository exploration.

This revision, which has been in development for three years, is part of GitHub's efforts to enhance text-based search techniques for code queries.

With Blackbird, developers can quickly search, navigate, and comprehend their code, contextualize critical information and ultimately increase productivity. Colin...

10 May 2023 | Developer

GitHub now serves over 100M developers

GitHub has achieved its goal to serve 100 million developers with two years to spare.

In 2019, GitHub set a goal to have 100 million developers using the service by 2025. In a blog post, GitHub announced that it’s already reached that historic milestone.

GitHub CEO Thomas Dohmke wrote:

“Today, I’m excited to share that there are now officially more than 100 million developers using GitHub to build, maintain, and contribute to software...

30 January 2023 | Developer

GitHub is ending Sponsors payments via PayPal

GitHub has announced that it’s ending the ability for Sponsors to make payments via PayPal.

In a statement, GitHub wrote:

“Starting on February 23, 2023, GitHub Sponsors will no longer support PayPal as a payments processor. As such, it will no longer be possible to sponsor individuals or organizations using PayPal.

If you are sponsoring anyone on GitHub using PayPal, please update your GitHub payment method to pay by credit or debit...

24 January 2023 | Developer

Hackers compromised Okta’s private GitHub repos

Okta says hackers compromised its private GitHub repos earlier this month and stole its source code.

BleepingComputer got hold of a “confidential” email notification sent by Okta to its “security contacts” about the breach.

The Identity and Access Management (IAM) solutions leader says GitHub alerted Okta to the suspicious access earlier this month.

“Upon investigation, we have concluded that such access was used to copy Okta code repositories," wrote...

21 December 2022 | Git

GitHub Copilot will enable developers to code using their voice

A new GitHub Copilot feature will enable developers to code using their voice.

Copilot was introduced last year and uses AI to help speed up mundane coding tasks by suggesting how to complete lines.

Behind the Copilot feature is an AI model developed by OpenAI called Codex. OpenAI claims that Codex has a broad knowledge of how people use code and is “significantly more capable than GPT-3” in generating code.

Microsoft-owned GitHub announced at its annual...

10 November 2022 | Development Tools

GitHub now sends Dependabot alerts for vulnerable Actions

GitHub has announced that it will begin sending Dependabot alerts when it detects vulnerable GitHub Actions.

GitHub Actions makes it easy for developers to automate their workflows. Dependabot, meanwhile, automatically updates dependencies to keep your projects secure.

When an Action vulnerability is discovered, GitHub’s team of security researchers will create an advisory to document it. Following the creation of an advisory, Dependabot alerts will be sent to impacted...

11 August 2022 | Git