Search

github.blog › engineering

The GitHub Engineering Blog

…secure key exchange methods for SSH access to better protect Git data in transit. How GitHub engineers tackle platform problems Our best practices for quickly identifying, resolving, and preventing issues at scale…

Apr 16, 2026 · Lawrence Gripper

github.blog › changelog

Expanded OIDC support for Dependabot and code scanning - GitHub Changelog

…With OIDC-based authentication, you can dynamically obtain short-lived credentials from your cloud identity provider, just like GitHub Actions workflows using OIDC federation . This builds on earlier support for OIDC authentication…

May 19, 2026 · Allison

github.blog › changelog

Deprecating the cost center integration on the enterprise People page - GitHub Changelog

…When the cost center integration was originally shipped in 2023, cost center data was only accessible via the API. Since then, we’ve introduced a dedicated cost center management page in Billing…

Mar 16, 2026 · Allison

github.blog › ai-and-ml › github-copilot

GitHub recognized as a Leader in the Gartner® Magic Quadrant™ for Enterprise AI Coding Agents for the third year in a row

…AI & ML Building a general-purpose accessibility agent—and what we learned in the process Learn about the experimental general-purpose accessibility agent that GitHub is piloting. AI & ML Dungeons & Desktops: Building…

May 22, 2026 · Mario Rodriguez

github.blog › changelog

Dependabot alerts are now assignable to AI agents for remediation - GitHub Changelog

…When a dependency update breaks your build or tests, the agent can analyze the failures, identify the root cause, and propose code changes to resolve them. Package downgrades : When a dependency is…

Apr 7, 2026 · Allison

github.blog › changelog

Notice about upcoming new format for GitHub App installation tokens - GitHub Changelog

…As with all access tokens, client apps must not take a dependency on the contents of this JWT. Scope Existing App installation tokens continue to work until they expire. This change applies…

Apr 24, 2026 · Allison

github.blog › news-insights › product-news

What's coming to our GitHub Actions 2026 security roadmap

…Specific repositories or organizations Branches or environments Workflow identities or paths Trusted reusable workflows without requiring callers to pass secrets explicitly What this changes Secrets are no longer implicitly inherited Access requires…

Mar 26, 2026 · Greg Ose, Stephen Glass

github.blog › ai-and-ml › github-copilot

Continuous AI for accessibility: How GitHub transforms feedback into inclusion

…They aren’t always accessibility experts, so they need a system that guides them and teaches accessibility concepts in the flow of work. Accessibility and service teams: Engineers and designers responsible for…

Mar 12, 2026 · Carie Fisher

github.blog › engineering › infrastructure

How GitHub uses eBPF to improve deployment safety

…In practice, however, many dependencies aren’t identified until an incident occurs, which can delay recovery. The obvious route would be to block access to github.com from the machines to validate…

Apr 16, 2026 · Lawrence Gripper, Aleksey Levenstein

github.blog › security › supply-chain-security

Investing in the people shaping open source and securing the future together

…pull request reviews, security vulnerability identification, and remediation, and more. It should not be another source of pressure. Maintainers of impactful open source projects already have access to Copilot Pro, which includes…

Mar 17, 2026 · Kevin Crosby