Agent-Driven Development: How GitHub's Applied Science Team Ships Code
GitHub's Applied Science team shipped 11 agents and 28,858 lines of code in three days using agent-first development. Here's the workflow that made it possible.
feature
GitHub Advanced Security: A Developer's Guide to Built-In Protection
GitHub Advanced Security bundles secret scanning, Dependabot, CodeQL, and Copilot Autofix into your workflow. Free for public repos, it catches leaked keys and vulnerable dependencies before attackers do.
GitHub Advanced Security: A Practical Guide to Built-In Tools
GitHub Advanced Security is free on public repos and includes secret scanning, Dependabot, CodeQL, and Copilot Autofix. Here's what actually works and what's just noise.
GitHub Actions 2026 Security Roadmap: Dependency Locks, Egress Firewalls, and Policy-First CI/CD
GitHub's 2026 Actions roadmap adds dependency locking with cryptographic hashes, policy-driven execution controls, scoped secrets, and a native egress firewall for runners. Here's what changes for teams running CI/CD at scale.
GitHub Actions 2026 Security Roadmap: Dependency Locks, Scoped Secrets, and Egress Firewalls
GitHub's 2026 Actions roadmap adds dependency locking, policy-driven execution, scoped secrets, and egress firewalls. Public previews start in 3-6 months. Here's what changes for CI/CD security at scale.
Open Source Vulnerability Trends 2025: What the Data Actually Says
GitHub published 19% more advisories for new vulnerabilities in 2025, but total numbers dropped because the backlog is nearly cleared. npm malware surged 69%, and resource exhaustion bugs spiked. Here's what the data means for your Dependabot alerts.
Open Source Vulnerabilities in 2025: What the Data Actually Shows
GitHub's 2025 vulnerability data reveals a 19% increase in new advisories, a 69% spike in npm malware, and major shifts in vulnerability types. Here's what changed and how to prioritize fixes.