Skip to content

Security alert digests now follow watching settings

In June, we announced that security alert notifications are opt-in on a per-repository basis, using the repository's watch settings. Today, we have updated security alert digest emails to also respect these settings.

If you are no longer receiving digest emails for a repository and want to, please update your notification subscription settings on that repo to include Security Alerts.

Expiration options for personal access tokens

You can now set an expiration date on your new and existing personal access tokens.

Setting an expiration date on personal access tokens is highly recommended as this helps keep your information secure. GitHub will send you an email when it's time to renew a token that's about to expire. Tokens that have expired can be regenerated, giving you a duplicate token with the same properties as the original.

When using a personal access token with the GitHub API, you'll see a new response header, GitHub-Authentication-Token-Expiration, indicating the token's expiration date. You can use this in scripts, for example to log a warning message as the expiration date approaches.

Learn more about personal access tokens and how to use them.

See more

Improvements to the code scanning branch filter

We have shipped improvements to the code scanning alerts branch filter! These changes make it clearer which code scanning alerts are being displayed on the alerts page.

By default, the code scanning alerts are filtered to show alerts for the default branch of the repository only. You can use the branch filter to display the alerts on any of the non-default branches. Any branch filter that has been applied is shown in the search bar.

We have simplified the search syntax to the format branch: You can use this syntax multiple times in the search bar to filter on multiple branches. The previous syntax ref:refs/heads/[branch name] is still supported, so any saved URLs will continue to work.

Branch filter

See more
View all changes