Learn how GitHub Artifact Attestations can enhance your build security and help your organization achieve SLSA Level 3. This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing your build process. The post Enhance build security and reach SLSA Level 3 with GitHub Artifact…

We’re open sourcing Annotated Logger, a Python package that helps make logs searchable with consistent metadata. The post Introducing Annotated Logger: A Python package to aid in adding metadata to logs appeared first on The GitHub Blog. What it is Annotated Logger is a Python package that allows you to decorate functions and classes, which…

Come and join 150M developers on GitHub that can now code with Copilot for free in VS Code. The post Announcing 150M developers and a new free tier for GitHub Copilot in VS Code appeared first on The GitHub Blog. GitHub has a long history of offering free products and services to developers. Starting with…

We released a new open source byte-pair tokenizer that is faster and more flexible than popular alternatives. The post So many tokens, so little time: Introducing a faster, more flexible byte-pair tokenizer appeared first on The GitHub Blog. Large language models (LLMs), such as those used by GitHub Copilot, do not operate directly on bytes…

In November, we experienced one incident that resulted in degraded performance across GitHub services. The post GitHub Availability Report: November 2024 appeared first on The GitHub Blog. In November, we experienced one incident that resulted in degraded performance across GitHub services. November 19 10:56 UTC (lasting 1 hour and 7 minutes) On November 19, 2024,…

In this post, I’ll walk you through the vulnerabilities I uncovered in the GStreamer library and how I built a custom fuzzing generator to target MP4 files. The post Uncovering GStreamer secrets appeared first on The GitHub Blog. In this blog post, I’ll show the results of my recent security research on GStreamer, the open…

As development teams grow, what once worked for a small team often becomes a bottleneck. Code standards become inconsistent, operational silos develop, and technical debt accumulates faster. What was a well-oiled machine is now dysfunctional as more team members, projects, and tools are added on. Many teams experience these challenges as they grow, but how…

Most teams start with basic security practices, such as branch protection and simple access controls. But, there’s often a moment when teams realize they need more. It could be when they land their first enterprise client, when they start handling sensitive data, or when they experience their first security incident. If you’re unsure whether you’re…

In previous entries in this series, we covered how we used GitLab Duo to generate tests for our code as well as what we learned while using GitLab Duo for generating automated tests. We also shared some of the ways we addressed making changes to GitLab Duo generated tests. This last article in the series…

Git commands allow developers to manage different versions of code and collaborate as a team. If you’re in a Windows environment, you may have heard of Git Bash, a Bash terminal emulator that includes a Windows-friendly version of Git. Discover everything you need to know about installing Git Bash in this guide. How does Git…