GitHub Enterprise Server 3.9 is now generally available

GitHub Enterprise Server 3.9 is now generally available. Organizations can now take advantage of more features that enable deeper collaboration, greater observability and faster workflows—so developer teams can drive more impact across enterprise environments. Here are a few highlights:

• GitHub Projects shows your roadmap in a new time-based view, and projects and issues can be more easily standardized and automated with tools such as issue forms.
• Secret scanning checks for custom patterns on push, saving developers precious time keeping sensitive information out of your codebase.
• Code scanning can be enabled in just a couple of clicks, making it easier than ever to keep vulnerabilities out of production.
• Auto-scale self-hosted runners with confidence, with the kubernetes based Actions Runner Controller, now backed by GitHub.
• Operators have more control and insight to manage GHES, with enhanced logs, new upgrade tools and a host of updates to the audit log.

GitHub Projects publishes your roadmap and automates workflows

Research has shown that developers work with up to 21 other engineers every day, meaning seamless collaboration really matters. GitHub Projects helps by allowing teams to plan their work next to their code.

In the 3.9 release, we’ve enhanced the beta of GitHub Projects on GHES with a new roadmap layout, automation tools, and more.

With GHES 3.9, teams can now:

• Use the roadmap layout to visualize issues and pull requests over time – making it easy for teams to share and iterate on their plans.
• Keep projects up-to-date with two new workflows:
  • Auto-add monitors your chosen repositories to add issues as they are created or as they are changed to meet your custom rules. For example, a label or milestone being added.
  • Auto-archive helps keep your projects clean and tidy, removing any item that has been closed for longer than a user-defined amount of time.
• Replicate the most effective project settings over and over again with our new copy functionality. Simply opt to copy a project to get a fresh new project, with all your favorite views and custom fields set up and ready to go.
• Create issue forms to guide team members on how to submit the right content for different issue scenarios.

In addition, there are a host of other smaller enhancements, including: sorting on boards and roadmaps, a new issue create modal, deep linking for draft issue URLs, colors and descriptions for single select fields, and new GraphQL endpoints for creating and deleting custom fields in projects.

Secure every repository with code scanning and custom push protections

Customers using GitHub Advanced Security will benefit from new tools across code scanning and secret scanning that make it easier to protect your code at every step.

First, to help teams protect more repositories with code scanning with CodeQL, administrators can now enable code scanning on a repository in just a few clicks. This new ‘default setup’ option simplifies getting started with code scanning on Python, JavaScript, and Ruby repositories, by providing an option to setup code scanning through the Security tab in repository settings—rather than configuring .yaml files.

And with code scanning set up on a repository, teams can now also monitor the health and coverage of their code scanning deployment, via a new detailed status page. This view helps teams resolve misconfigurations and scanning errors, with actionable information about the status and errors occurring in each scan.

With GHES 3.9, secret scanning will also scan for your company’s custom patterns on push. These patterns can be defined at the repository or organization level. Read more on how to push protect your custom patterns.

Finally, following the precedent set by Executive Order 14028, it’s becoming increasingly important that every project has an SBOM. Now, developers can easily do so through a repository’s dependency graph page or the API, where you can export the current state of the project’s dependency graph as a JSON file using an industry-standard SBOM format like SPDX.

Monitor and debug the appliance with ease, with enhanced observability

GitHub Enterprise Server is a critical service for thousands of companies, and availability of the service is job number 1 for operators. In GHES 3.9, we’ve added new tools and telemetry to help them more easily observe and manage the appliance. Here are a couple of highlights:

• GHES logs now use the OpenTelemetry structured log standard. This changes makes it much easier to parse logs to make debugging much faster. To help you understand the new standard, we’ve published a complete mapping table.
• New tools in ghe-manage provide visibility during upgrades: ghe-migrations shows the status and time taken for migrations during upgrades; and, ghe-backup-progress shows progress when generating a backup of your instance using backup-utils.

Auto-scale Actions, with auto-scaled runners

GitHub Actions remains the most popular CI/CD tool for GitHub users. And as companies scale their Actions deployments, they have to scale their runners too.

Organizations using GHES can now use the Actions Runner Controller (ARC), an open source project adopted by GitHub, as a trusted path to automatically scale and orchestrate runner sets using Kubernetes. We’ve also recently introduced a new auto scaling mode to scale your self-hosted runners in response to webhook events. Read more on autoscaling with self-hosted runners.

Try it out today

To learn more about GitHub Enterprise Server 3.9, read the release notes, and download it now.

Not using GHES already? Start a free trial to innovate faster with the developer experience platform companies know and love.