If your organization uses IP allow lists to restrict access, any API requests made with an installation access token for a GitHub App installed on your organization already respects those settings.
GitHub is extending this so that the API request to create the installation access token will also respect your organization's allowed IP addresses.
GitHub Advanced Security customers can now specify custom patterns for use in private repo secret scanning. When a new pattern is specified, secret scanning searches a repository's entire git history for it, as well as any new commits.
User defined patterns are in beta on cloud and will be available on GHES next quarter. They can be defined at the repository and organization level.
Learn more about custom patterns
Learn more about secret scanning
GitHub Enterprise Server 3.1 is now generally available for all customers. It helps customers work with large, busy repositories, while enabling developers to develop and deploy with less effort than ever.
For more information about GitHub Enterprise Server 3.1, read the GitHub Enterprise Server 3.1 blog post and release notes or download it today.