InfoQ Homepage Source Control Content on InfoQ
-
GitHub Push Protection Moved to General Availability
GitHub has moved push protection into general availability and made it free for all public repositories. Push protection helps detect secrets in code as changes are pushed. As part of the GA release, push protection is also available to all private repositories with a GitHub Advanced Security (GHAS) license.
-
GitHub Announces Code Scanning and Security Advisory Support for Swift
GitHub has launched code scanning support for Swift in beta and announced it will include Swift security advisories in its Advisory Database to extend the capabilities of its Dependabot vulnerability monitor.
-
AWS Shifts Strategy: Public GitHub Documentation to Be Retired
In the next few days, AWS will start retiring the AWS documentation currently available on GitHub. After reviewing the results of the project and considering the overhead of manually keeping the internal documentation in sync, the cloud provider recently decided to retire most of its public repositories.
-
GitHub Overhauls Code Search Using New Search Engine
GitHub has introduced its new code search feature, including a redesigned search interface, a new code view, and a search engine rebuilt from scratch to be faster, more capable, and to better understand code, says GitHub software engineer Colin Merkel.
-
Hugging Face Releases StarCoder, the Next-Generation LLM for Seamless Code Generation
Hugging Face and ServiceNow have partnered to develop StarCoder, a new open-source language model for code. The model created as a part of the BigCode initiative is an improved version of the StarCoderBase model trained on 35 billion Python tokens. StarCoder is a free AI code-generating system alternative to GitHub’s Copilot, DeepMind’s AlphaCode, and Amazon’s CodeWhisperer.
-
Open Source Git Project Releases Version 2.40
Recently, the open-source Git project released its latest version 2.40, bringing some new features and bug fixes. Highlights of this release include updates to git jump tool, enhancements to cat-file tool, and faster response on Windows.
-
GitHub Adds SBOM Export to Make it Easier to Comply with Security Requirements
GitHub has announced a new SBOM export feature meant to be used as part of security compliance workflows and tools. The new feature allows you to export NTIA-compliant SBOM easily, says GitHub.
-
GitHub Enhanced Copilot with New AI Model and Security-Oriented Capabilities
GitHub Copilot adopted a new AI model which is both faster and more accurate than the previous one, says GitHub. Additionally, GitHub has started using AI to detect vulnerabilities in Copilot suggestion by blocking insecure coding patterns in real-time.
-
GitHub Enhances CodeQL, Extends Language Support, Available Queries, and More
After adding support for Ruby at GitHub Universe 2022, CodeQL introduced Kotlin support in beta. Additionally, support for other languages has been extended to include more recent versions. GitHub has also extended available queries to fully cover several industry-wide vulnerability directories, and improved the CodeQL ecosystem.
-
Farewell to Subversion: GitHub Sunsets Support after 13 Years
Next January GitHub will remove Subversion support from GitHub.com, with GitHub Enterprise Server following soon after. Introduced in 2010 to provide developers with a path to Git, the SVN endpoint now receives only 0.02% of the requests to the source control service.
-
Octosuite: a GitHub Open Source Intelligence Framework
Octosuite, an open-source intelligence (OSINT) framework, recently released its latest version 3.1.0. Octosuite provides a wide range of commands to investigate publicly-visible GitHub accounts and repositories through GitHub’s Public APIs. Written in Python, Octosuite provides a secure and user-friendly interface to easily search and explore data related to a repository, organization, or user.
-
Kubernetes Report Finds Increase in Poorly Configured Workloads
Fairwinds, a provider of Kubernetes software, has released their Kubernetes Benchmark Report 2023. The report shows an overall trend of worsening configuration issues across the surveyed organizations. This includes increases in organizations running workloads allowing root access, workloads without memory limits set, and workloads impacted by image vulnerabilities.
-
GitHub Releases Copilot for Business amid Ongoing Legal Controversy
GitHub has announced Copilot for Business, a business plan for their OpenAI-powered coding assistant Copilot. The release follows a recent class action lawsuit against Microsoft, GitHub, and OpenAI for violating open-source licenses.
-
Git 2.39.1 Fixes Two Critical Remote Code Execution Vulnerabilities
Two vulnerabilities affecting Git's commit log formatting and .gitattributes parsing in Git versions up to and including Git 2.39 have been recently patched. Both may lead to remote code execution, so users are required to upgrade immediately to Git 2.39.1.
-
GitHub Introduces go-gh to Simplify the Creation of GitHub CLI Extensions
Introduced in GitHub CLI 2.0, extensions allow developers to add new features by writing small Go programs. To make it easier to create extensions, GitHub is now releasing a new library, go-gh. Additionally, the latest version of GitHub CLI introduces two new commands to search and browse the catalog of available extensions.