GitHub - News, Features, and Slideshows

News

• GitHub to mandate 2FA for all code contributors by 2023

  The world’s largest development platform will require all code-contributing users to enroll in two-factor authentication by the end of 2023.

• GitHub repositories compromised by stolen OAuth tokens

  Heroku and GitHub​ have both warned that compromised OAuth user tokens were likely used to download private data from organisations using Heroku.

• GitHub enhances secret scanning for tighter code security

  GitHub Advanced Security now allows developers to scan code for tokens, keys, and other security secrets as they push the code to a repository.

• GitHub Copilot available for Visual Studio 2022

  AI-driven coding assistant, still in technical preview, has raised questions about the fairness, legitimacy, and legality of its use of freely licensed software.

• Microsoft opens Azure-based Startups Founders Hub, easing eligibility rules

  Microsoft has made its Startups Founders Hub generally available and eased the eligibility criteria, meaning a founder only needs to have an idea to gain access.

• GitHub nabs New Relic A/NZ head to drive APAC

  GitHub has appointed former New Relic regional managing director and vice president of Australia and New Zealand (A/NZ) Sharryn Napier as vice president of sales for Asia Pacific.

• GitHub makes Advisory Database public to improve software supply chain security

  Researchers, academics, and enthusiasts can now contribute to and benefit from free, open source security data on software supply chain vulnerabilities.

• GitHub previews enhanced code search

  The popular code-sharing site also introduced improved code navigation for Python, with support for additional languages to come.

• GitHub will require 2FA for some NPM registry users

  Mandate will apply to maintainers and admins of top packages on the JavaScript registry, in response to two recent security incidents.

• GitHub: Dev productivity is back to pre-pandemic levels

  2021 State of the Octoverse report shows developers aren’t returning to the office; JavaScript, Python remain the hottest languages.

• GitHub Copilot preview offers hope

  Copilot technical preview doesn’t always generate good, correct, or even running code, but it’s still somewhat useful. Future versions could be real time-savers.

• GitHub introduces code review controls

  New controls in the popular code-sharing site are designed to deal with ‘drive-by‘ pull request approvals and ‘spammy’ change requests.

• GitHub Copilot adds Neovim, JetBrains IDE support

  GitHub is moving forward with its controversial AI-driven programming assistant, Copilot, adding support for more code editors and more languages.

• How corporate data and secrets leak from GitHub repositories

  Attackers constantly search public code repositories like GitHub for secrets developers might inadvertently leave behind, and any tiny mistake can be exploited.

• GitHub Enterprise Cloud connects with Azure AD, Okta

  GitHub’s Enterprise Managed Users service allow enterprises to manage GitHub team memberships and user access through their identity provider.