A simpler API for authoring commits

The new GraphQL mutation createCommitOnBranch makes it easier to add, update, and delete files in a branch of a repository.

This new API offers a simpler way to commit changes compared to the existing Git database REST APIs. With the new createCommitOnBranch mutation, you do not need to manually create blobs and trees before creating the commit. This allows you to add, update, or delete multiple files in a single API call.

Commits authored using the new API are automatically GPG signed and are marked as verified in the GitHub UI. GitHub Apps can use the mutation to author commits directly or on behalf of users.


See the GraphQL API reference for more information on using createCommitOnBranch. You can also try it in the GraphQL API Explorer! If you need a refresher on how to use the GraphQL API, see our guide.

GitHub Advanced Security customers can now view all their private repo secret scanning alerts in the organization security tab. This view is currently only available to organization owners, but will soon also be available to users with the security manager role.

For API use cases, please see the recent secret scanning org-level REST API release.

Org-level secret scanning results

Learn more about security overview
Learn more about GitHub Advanced Security

See more

The GitHub Enterprise Server 3.2 Release Candidate is available. This release includes more than 70 new features and changes to improve the developer experience and deliver new security capabilities for our customers.

Read the blog to discover the highlights in this release. Or, dive into the full GitHub Enterprise Server 3.2 release notes, and download it today.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments.

See more