GitHub has updated the default security alert email setting to be a single email which details the impact of a new vulnerability across all of your repositories. Previously, for a new vulnerability GitHub sent one email per repository. Users who have opted to receive a digest email of security vulnerabilities instead of individual emails are unaffected by this change.
To publish an action to the GitHub Marketplace, you are now required to have a properly formed actions metadata file placed at action.yml in the root of your action’s repository. This applies to both container-based actions and JavaScript-based actions.
If you have any questions or thoughts about these changes, we recommend sharing in our GitHub Community Forum’s Actions Board!
There are new improvements to the internal repository visibility available as part of our public beta.
The internal repository visibility option makes it easier to innersource code and projects to fellow enterprise members while restricting access to outside collaborators. It is currently available to customers with an Enterprise account.