Skip to content

Dependabot: explaining when an update isn’t possible

Sometimes, Dependabot security updates can't create a pull request for you because any update we could make would break the requirements of another package that you depend on. When this happens, Dependabot will now tell you the latest version of your package that you can install and the earliest version that contains the security fix. Soon, it will also tell you the name of the blocking package.

API Generally Available

The GitHub Apps API for managing installations has now graduated from an API preview to a generally available API. The preview header is no longer required to access these endpoints.

IP Allow lists for Apps

Integrators can set an IP allow list for a GitHub App by adding individual IP addresses or address ranges for the hosted service. If an enterprise account or organization has enabled IP allow lists and chosen to allow installed GitHub Apps to configure allowed IPs, then the IP addresses provided for a GitHub App will be inherited by the customers allow lists.

Multiple Callback URLs

When configuring a GitHub App, the authorization callback URL is a required field. But now we allow the developer to specify multiple callback URLs. This can be used in services with multiple domains or subdomains. GitHub will always deny authorization if the callback URL from the request is not in the authorization callback URL list.

File Access without repository contents

Finally, GitHub Apps can request a permission that allows the app to access a single file in a repository. App developers are encouraged to use this permission rather than requesting access to all files in the repo. Based on feedback from developers, the permission has been updated to allow an app developer to specify up to 10 files for read-only or read-write access that their app can request access to.

See more

Jump to definition and find all references are now available for all C# repositories on GitHub.

When you view a C# file on, you can click on a function or method name and see a code navigation card with links to all of its definitions and references within the same repository. We use the tree-sitter library to find definitions and call sites in your code.

Special thanks to @damieng, @initram and @noellelc for their contributions in tree-sitter to make C# support happen!

Learn more about jump to definition and find all references

Check out the tree-sitter library

See more