Skip to content

Pull request commits now ordered chronologically

We are changing the way commits are ordered in the pull request timeline and commits view. Commits are currently ordered by author date, which can cause commits to appear out of order in some scenarios, like after rebasing. With this change, commits are ordered according to their chronological order in the head branch, which is consistent with the ordering in Git.

This ordering is also reflected in the List commits on a pull request REST API and PullRequest object's timeline connection in GraphQL.

Learn more about pull requests

Enable Dependabot, dependency graph, and other security features across your organization

You can now enable or disable the dependency graph, Dependabot alerts, Dependabot security updates, and secret scanning for all repositories in an organization with one click. You can also set whether each feature will be enabled or disabled for newly-created repositories. Look for the "Security & analysis" tab in your organization settings page and on your user settings page.

In addition, we've consolidated the repository-level settings for dependency graph, Dependabot alerts, Dependabot security updates, and secret scanning to a "Security & analysis" tab in the repository settings page.

Learn more in the docs

See more

Default visibility for new repositories

When you create a repository, you can choose whether it should be private or public.

Now, when you're signed into GitHub through an organization's single sign on service and create a new repository through the website navigation, the default selection is Private. This helps prevent sensitive company data from unintentionally being pushed to public repositories. See the about repository visibility article for more information about this choice.

See more
View all changes