GitHub Partner Portal

Why should Partners that create GitHub Actions get verified?

2022-11-07T00:00:00+00:00

Actions with the Verified Creator badge, indicate that GitHub has verified the creator of the action as a partner organization. All partners in the Technology Partnerships Program are eligible for the Verified Creator badge since it’s one of our many program benefits. We recommend that our partners who create actions request the verified creator badge by emailing us at partnerships@github.com because the badge provides several benefits that are outlined below.

Enterprises can limit to only actions created by Verified Creators: Admins have the ability to only allow GitHub Marketplace actions created by Verified Creators to be used by workflows. This is useful for Admins who want to ensure that only trusted Actions from the GitHub Marketplace are being used in their organizations.

Verified Publishers Rank Higher in search: The GitHub Marketplace is a great place for users to find Actions to use within their projects. Actions created by Verified Creators rank higher in search within the GitHub marketplace, which leads to higher visibility of those Actions.

Verified Creator badge builds trust with our community: Actions with the Verified Creator badge, indicate that GitHub has verified the creator of the action as a partner organization. This gives customers trust that the partner organization is a Technology Partner and has verified their domain, email and has a support contact with GitHub.

GitHub Advanced Security for Azure DevOps

2022-10-12T16:00:00+00:00

We are excited to announce that GitHub Advanced Security will be coming to Azure DevOps.

GitHub Advanced Security provides a native application security solution within the developer workflow, enabling organizations to manage open-source dependencies, custom code, and secrets across the software lifecycle. Automated security checks are run with every push and every pull request. Identified security issues are shared with developers immediately, with context, in their familiar workflow to empower them to fix vulnerabilities in minutes, not months

GitHub Advanced Security for Azure DevOps brings the same secret scanning, dependency scanning and CodeQL code scanning solutions already available for GitHub users and natively integrates them into Azure DevOps to protect your Azure Repos and Pipelines.

This is an opportunity for GitHub Technology Partners to extend their solutions to Azure DevOps. This announcement is the first step. In the next few weeks and months, the Technology Partnership and Engineering team will communicate with partners about their current or future integrations with Secret Scanning, Dependency Review, Code Scanning and Alerts experience.

We hope to be able to provide a meaningful set of features in the Private Preview that will highlight the partnership capabilities of GitHub Advanced Security on Azure DevOps.

You can read about the announcement in the Azure DevOps Blog and can sign up for the Private Preview.

For partners that would like to hear more about the latest news in the GitHub Technology Partner Program join us at GitHub Universe and Partner Connect.

GitHub Actions and Deploy Now are a match made in heaven!

2022-07-29T00:00:00+00:00

Deploy Now uses a combination of GitHub Actions and GitHub Apps to build, stage and deploy static sites, single-page applications and PHP apps.

@github Actions and Deploy Now are a match made in heaven!

Learn how the tool created by developers for developers is bringing together modern Git workflows and IONOS infrastructure.

➡️ https://t.co/j6yuAOgy8x pic.twitter.com/bFn2sq9wJW
— IONOS (@ionos_com) July 26, 2022

Monitor deployments and upload JavaScript source maps

2022-07-26T00:00:00+00:00

Monitor deployments and upload JavaScript source maps with https://t.co/ZvhN0GP9jC’s new GitHub Actions. Check out the details here: https://t.co/ic2MZIhyP8 @GitHubEnt #developerproductivity
— elmah.io (@elmah_io) July 19, 2022

Reduce databreach risks with Bearer GitHub Action

2022-07-01T00:00:00+00:00

Bearer is a Static Application Security Testing (SAST) tool that enables security and engineering teams to map sensitive data flows, implement data security controls and mitigate risks of data leaks throughout the development lifecycle.

Still haven’t set up @tryBearer on your codebases? Now you can enable Bearer's data discovery and risk management tool with our official GitHub Action. Read more about it on the blog: https://t.co/SOjEjtv7tX. Get the action now at https://t.co/OiwOwe2jlZ @GitHubEnt pic.twitter.com/naHIDCHv8e
— Bearer (@trybearer) June 30, 2022

Detect malicious build tools and packages in your GitHub Actions workflows

2022-07-01T00:00:00+00:00

GitHub Actions is a great platform for building CI/CD pipelines for your projects. StepSecurity is focused on creating open-source security solutions for CI/CD platforms and we’re excited to announce that we have partnered with GitHub to release a GitHub Action called Harden Runner that can detect compromised build tools and dependencies in your GitHub Actions workflows.

Detect malicious build tools and packages in your GitHub Actions workflows using Harden Runner GitHub Action, available in the @github Marketplace @GitHubEnt. Blog post: https://t.co/JnekKCCfBi
— StepSecurity (@step_security) May 18, 2022

Getting Started with Ingesting GitHub GHAS Alerts slides

2022-05-26T00:00:00+00:00

These slides provide an overview of how to ingest GitHub Advanced Security alerts into third party solutions.

Figma Widget

2022-05-12T15:35:40+00:00

Go from brainstorming and planning to building with fewer steps in between with the new GitHub widget for FigJam!

Go from brainstorming and planning to building with fewer steps in between with the new GitHub widget for FigJam!https://t.co/SRiheAuQOU pic.twitter.com/D3B1qLg2wH
— GitHub (@github) May 10, 2022

Cloud 66

2022-05-12T07:04:15+00:00

Cloud66’s new GitHub App: Deploy your code, directly from the repository to your own servers on any cloud.

🥁 Cloud 66 is available on GitHub Marketplace. Now you can deploy your code, directly from the repository to your own servers on any cloud. @GitHubEnt @GitHub https://t.co/nFTfeEI47K pic.twitter.com/i97OYG6PXY
— Cloud 66 (@cloud66) May 11, 2022

GitHub Partner Program Newsletter – Apr 2022

2022-04-25T17:36:46+00:00

If you want to receive emails when we have future Newsletters, sign up: GitHub Technology Partner Program

So what’s new?

[GitHub Beta Feature Opportunity]: API Versioning Private Beta The current version of GitHub’s REST API is v3 and has been for over 10 years. Moving forward, we want to introduce a new versioning approach to the REST API that uses the YYYY-MM-DD API version-naming scheme and which indicates the date the API version was released. We’re looking to collect feedback until the end of May 2022. By providing your opinion, you will be able to help influence the direction of API versioning at its earliest stages.

Email us at partnerships@github.com with the subject line “API Versioning Beta: [Your Company Name]” if you would like to provide feedback on API versioning

New GitHub Issue closed reasons Last year we introduced updates to our issue icons and colors along with the commitment to address your feedback on showing the reason why an issue had been closed. Today we are starting to roll out a preview of issue closed reasons to a small group of users. Your repository should have been feature flagged in, let us know if you have any questions!

GHES Storage Partners Partners in the GitHub Technology Partnership Program have the opportunity to self-validate their storage solutions with GHES. More information on the how to get listed and details here, or email us at partnerships@github.com

Reminders

Co-market with GitHub! If you created a brand new GitHub Action or App and post it in the GitHub marketplace, we’d be happy to assist with amplifying your announcement. More info on our co-marketing guidelines here

Secure your API tokens by joining the GitHub secret scanning program We’re continuing to expand our secret scanning program. If your service issues API keys or other secrets end up committed in code, we can help you detect them if/when they’re ever leaked on GitHub. For example, via the secret scanning program we notify AWS when their credentials are found in public repos, allowing them to automatically protect their users. [Find out more about secret scanning]

If you need to update your Marketplace logo We’ve been getting some questions around how to update your Marketplace action or app logo. Please look at our guide with the necessary logo requirements. Co-marketing guide.

Verified apps on the Marketplace are being updated to ‘verified creator’ Learn about the badges that you may see for some apps and actions listings on GitHub Marketplace, and how you can get yours! [Marketplace badges]

Partner-owned documentation to docs.github.com A paved path now exists for our partners to contribute and maintain documentation on docs.github.com. This provides an opportunity for our partners to describe how their tools work with GitHub. [Open an issue using the appropriate template]

Integrating with code scanning A new pattern guide on how to integrate with code scanning is now available on our Partner Resources tab, applicable to all partners with a SAST offering. If your team has a static analysis tool, we built a new pattern guide on how to integrate with code scanning. It shows you how you can surface security vulnerabilities directly in the GitHub UI before developers deploy to production. [Our new guide]

Join our Technology Partner Program Get access to GitHub Enterprise Server developer licenses, a plethora of integration resources and guides, invites to private partner events, discounts on Event Sponsorships (GitHub Universe is coming up!), comarketing opportunities, and more. Our program has no cost. [Apply today]

You know where to reach us

As always, feel free to reach out to us for questions at partnerships@github.com or support.github.com

Happy coding!