Enterprise organizations can now create custom repository roles

Organizations using GitHub Enterprise Cloud now have more granular control over the repository access permissions they can grant to users, with custom repository roles – now available in Beta.

A custom repository role is created by an organization owner, and is available across all repositories in that organization. Each role can be given a custom name, and a description. It can be configured from a set of over 40 fine grained permissions. Once created, repository admins can assign a custom role to any user, team or outside collaborator in their repository.

Custom repository roles can be created, viewed, edited and deleted via the new Repository roles tab in Organization settings.

Screenshot 2021-10-25 at 12 59 46 PM

Custom repository roles are also fully supported in the GitHub REST APIs. The Organizations API can be used to list all custom repository roles in an organization, and the existing APIs for granting repository access to individuals and teams have been extended to support custom repository roles.

To get started with custom repository roles, read the docs.

A command palette beta is now available for all users across github.com. Quickly navigate to your organizations and repositories, and use modes to find and jump-to pull requests, issues, projects, files, and more. Execute commands to optimize your workflows, all from the keyboard.

Open the command palette using one of the following keyboard shortcuts:

  • Windows and Linux: Ctl k or Ctl alt k
  • Mac: ⌘ k or ⌘ option k

To open directly to command mode:

  • Windows and Linux: Ctrl shift k or Ctl shift k
  • Mac: ⌘ shift k or ⌘ shift k

With the command palette open, use modes to find specific types of resources and execute commands:

  • > Enter command mode
  • # Search for issues, pull requests, discussions, and projects
  • ! Search for projects
  • @ Search for users, organizations, and repositories
  • / Search for files within a repository scope

Documentation, Share feedback

See more

Ruby is the 10th most popular language within the open source community. To help more open source maintainers and organizations find potential vulnerabilities in their code, we’ve added Ruby support (beta) to the CodeQL engine that powers GitHub code scanning.

Our CodeQL analysis identifies security issues in your code, along with the flow of data to the vulnerable location. To help secure services and tools created with Ruby, the CodeQL beta release spots many of the most common security issues:

We’ve been putting this beta through its paces by analyzing some of the world's largest Ruby codebases at GitHub and select customers. The feedback has been overwhelmingly positive, and in many cases CodeQL identified real vulnerabilities, all while keeping the number of false-positives at a minimum.

CodeQL for Ruby is available by default in GitHub.com code scanning, the CodeQL CLI, and the CodeQL extension for VS Code starting today. It will also be included in GitHub Enterprise Server 3.4. Ruby joins the list of supported CodeQL languages, which also includes C/C++, C#, Java, JavaScript/TypeScript, Python, and Go.

We currently support all common Ruby versions, up to and including 3.02. Check out the documentation for more details on compatibility.

To start using the new Ruby analysis, simply update your existing workflow file by adding Ruby to the language matrix:

jobs:
  analyze:
    name: Analyze
    ...
    strategy:
      fail-fast: false
      matrix:
        # add here
        language: ['ruby']

If you’re new to code scanning, set up a CodeQL analysis workflow from the Security tab in your repository.

Want to contribute or write your own CodeQL queries for Ruby? This guide will help you get started.

To give us feedback, join the Ruby beta discussion in the public CodeQL repository, which is also a good place to ask questions about anything CodeQL.

See more