Skip to content

GitHub Advisory Database contains all npm security advisories

GitHub Advisory Database now contains the full corpus of security advisories from the npm security database. More complete npm security data enables us to provide better Dependabot alerts and security updates. The npm security database will continue to publish advisories, but GitHub Advisory Database is now the source of truth for this data.

Repositories that use GitHub Pages can now build and deploy from any branch. Publishing to the special gh-pages branch will still work the same as it always has, but you can now choose a different branch in your repository as the publishing source. This functionality also removes the hardcoded dependency on user and organization pages having a master branch.

See more

Account and billing admins can now provide a list of email addresses to receive billing notifications, including threshold notifications for Actions and Packages.

The email addresses may belong to users such as repo admins, individuals who are not actually part of your GitHub organization (e.g. in the procurement department at your company), or even be distribution lists.

Visit the documentation on how to set a billing email to learn more.

See more