The GitHub Blog provides updates, announcements, and insights from the world's leading software development platform, covering topics such as new features, community highlights, and industry trends. Developers can learn about GitHub's latest developments, best practices for collaboration, and tips for maximizing productivity on the platform.

GitHub Blog

GitHub has launched a free Code Security Risk Assessment that lets organization admins and security managers scan up to 20 active repositories using CodeQL with a single click. The dashboard shows vulnerabilities by severity, language, and repository, and highlights how many issues are eligible for Copilot Autofix. It complements the existing Secret Risk Assessment, giving teams a unified view of both secret leaks and code vulnerabilities. No license or configuration is required, and GitHub Actions minutes used don't count against quotas. In 2025, Copilot Autofix resolved over 460,000 security alerts, cutting mean remediation time roughly in half compared to manual fixes.

How exposed is your code? Find out in minutes—for free