With updates to GitHub Actions, repositories, and GitHub Advanced Security, this new version of GitHub Enterprise Server is focused on bringing the best developer experience to companies.
GitHub Enterprise Server 3.8 is now generally available. This release continues our investment in bringing more features to our GitHub Enterprise Server (GHES) customers, whilst also delivering improvements for managing the GitHub Enterprise Server appliance itself.
Here are a few highlights:
Download GitHub Enterprise Server 3.8 now. For help upgrading, use the Upgrade Assistant to find the upgrade path from your current version of GHES to this new version.
Planning and tracking is at the heart of how great development teams operate and it’s essential to developer velocity. As teams and projects grow, how we work evolves. Tools that hard-code a specific methodology are too specific and rigid to flex to whatever the moment demands. Often we pull out a spreadsheet to jot down a few ideas—but then your planning is disconnected from where your development happens.
GitHub Projects helps to connect your planning directly to the work your teams are doing in GitHub, and it’s generally available in GitHub Enterprise Server 3.8.
With added flexibility, GitHub Projects can become whatever your team needs at any point. Built like a spreadsheet, project tables give you a live canvas to filter, sort, and group issues and pull requests. Whether you are a developer, project planner, or a designer, multiple teams are able to seamlessly use a GitHub Project to manage collaborative work.
Software teams no longer have to spend hours updating issues, keeping spreadsheets up to date, and generating status reports. With built-in workflows, tables, data, and insights, GitHub Projects allows teams to work faster, together.
Read more about the new GitHub Projects here, or get started jotting down your plans in GitHub.
GitHub Enterprise Server 3.8 supercharges GitHub Actions as a policy-driven automation platform, with standardization controls and cloud-ready security built in. Here are some of the highlights:
Required workflows allows DevOps teams to define and enforce standard CI/CD practices across many source code repositories within an organization without needing to configure each repository individually, which becomes an impossible task in large organizations.
Configuration variables make it easy to share non sensitive config such as server names across your workflows, too, by storing configuration data as plain text variables that can be reused across workflows.
Avoid the risk of storing sensitive cloud secrets and access keys by authenticating to object storage accounts in AWS, Azure, and GCP with OIDC.
What’s more, developers using GitHub Enterprise Server can also now share GitHub Actions workflows across your enterprise in private and internal repositories, dynamically name workflow runs so that you can more easily identify reusable workflows that are run in different environments, and restrict workflows to run only on defined runner groups.
Authentication in the Management Console is currently based on a single root password. In version GitHub Enterprise Server 3.8 we have added support for multiple user accounts for the Management Console, alongside a full log of actions—so you can track exactly who’s doing what on your GitHub Enterprise Server instance.
Instance administrators can create and invite new users with different types of access to the Management Console, with each user having their own password.
GitHub Enterprise Server 3.8 brings a host of new features across Dependabot and GitHub Advanced Security (GHAS).
Companies using GHAS can now keep their mobile applications more secure, too, with the addition of Kotlin support (beta) in CodeQL, the analysis engine that powers GitHub code scanning. Support for Kotlin marks our first investment in mobile application security testing for CodeQL and is an extension of our existing Java support.
And for those using Dependabot to keep dependencies up to date, a new REST API allows you to scale your policies, while developers can now leave comments when closing all types of security alerts (Dependabot alerts, secret scanning alerts, and code scanning alerts) so security teams can see exactly what’s happened, and why.
Enterprise administrators can also now control whether repository administrators are able to enable or disable GHAS features, making it easier to roll out across large companies.
GitHub is continually building new policy controls for administrators to build compliant workflows while encouraging code reuse. In this release, we’ve added new branch protection rules, such as allowing administrators to prevent pull requests from being approved by the person who last pushed to the repository, and a new policy to control repository forking.
To learn more about GitHub Enterprise Server 3.8, read the release notes, and download it now.
Not using GHES already? Start a free trial to innovate faster with the developer experience platform companies know and love.
Start your free trial for 30 days and increase your team’s collaboration. $21 per user/month after trial expires.
Curious about other plans?
Say goodbye to constant mouse clicking and hello to seamless navigation with GitHub shortcuts.
In March, we experienced two incidents that resulted in degraded performance across GitHub services.
GitHub-hosted runners now support Azure private networking. Plus, we've added 2 vCPU Linux, 4 vCPU Windows, macOS L, macOS XL, and GPU hosted runners to our runner fleet.
David Jarzebowski 
Melody Mileski 
