Category: GitHub

In GitHub, while you can see a list of packages the organization level, the packages are installed to a specific repository. We can see here the instructions for pushing various package ecosystems to GitHub npm, NuGet, Maven, Docker. In case you are storing artifacts/packages in Azure Artifacts, Dependabot also supports private feeds, including Azure Artifacts.…

Git-leaks is a SAST tool for detecting and preventing hardcoded secrets like Passwords, API keys and tokens in GitHub Repository. Git-leaks is an easy-to-use, all-in-one solution for detecting secrets, past or present, in your code. Git-leaks would be configured as part of GitHub actions workflow for all the repositories we want to monitor for any…

GitHub Packages is a software-package hosting service, like npmjs.org, rubygems.org, or hub.docker.com, that allows you to host your packages and code in one place. You can host software packages privately or publicly and use them as dependencies in your projects. The GitHub Package Registry allows you to develop your code and host your packages in…

In GitHub we have services that integrate with GitHub which can help you do anything from enabling continuous integration to closing stale issues and pull requests. A GitHub App acts on its own behalf, taking actions via the API directly using its own identity, which means you don’t need to maintain a bot or service…

GitHub Action: GitHub Actions is a continues integration and continues delivery platform that allows you to automate your build, test, deployment pipeline. GitHub actions let you run workflows when other events happen in your repository. GitHub provides Linux, Windows, and macOS virtual machines to run your workflows, or you can host your own self-hosted runners…

About Context Contexts basically helps to get the information about workflow runs, runner environments, jobs, and steps. Contexts, objects, and properties will vary importantly under different workflow run conditions. For example, the matrix context is only populated for a matrix job. Now we will talk about valuable Context GitHub Context The GitHub context contains information about the…

A reusable workflow is a pre-defined GitHub Actions workflow that can be called from another workflow. Reusable workflows make it easy to treat a workflow like an Action. It can be referenced and executed from other workflows in the caller’s context. This allows teams to share common workflow patterns, to centralize best practices, and to…

GitHub is a version management and collaboration tool for programming. It allows you and others to collaborate on projects from any location. Developer Workflow A standardized workflow which dictates how changes/updates can be done for an application will help developers follow the required development practices to ship secure and robust code. Traditionally a development workflow…

Codespaces is a cloud developer environment that allows us to run, test, debug, push, and do everything we're used to doing in a development environment without the need for any of the machine setup we're used to. This essentially launches a container, which will contain all your necessary tools as well as a Visual Studio…

In this blog we will see how GitHub can help your organization with more securities than ever before. GitHub has a suite of security tools that enable developers to identify security vulnerabilities in their codebases.  GitHub Advanced Security helps you create secure applications with a community-driven, developer-first approach. GitHub’s security features provide developers with powerful tools…