Passed the GitHub Foundations exam (GH-900).
I've been using GitHub for years. Pushing code. Opening PRs. Merging branches. The usual.
So I figured how hard could a foundations exam be?
Turns out I didn't know half of what GitHub actually does.
The exam covers everything from version control basics to enterprise level security architecture, Dependabot, CodeQL scanning, CVE tracking, SAML SSO, SCIM provisioning, branch rulesets, GitHub Actions CI/CD pipelines, Codespaces, Copilot, innersource strategies, and DevSecOps practices like shifting security left in the development lifecycle.
I walked in thinking I'd breeze through it. I walked out realizing I'd been using maybe 30% of the platform.
That's the thing about tools you use every day, you stop questioning whether you actually understand them.
This exam forced me to confront the gap between "I use GitHub" and "I understand GitHub.
If you use GitHub daily and think you know it well, take the exam. You might surprise yourself.
#GitHubFoundations #GitHub #DevSecOps #SoftwareEngineer
Enjoyed this post? Get in Touch — I'd love to hear your thoughts.