Skip to content

GitHub Enterprise Cloud self-service compliance reports for 2021 are now available

GitHub Enterprise Cloud administrators can now download and view the latest GitHub SOC 1, Type 2 and SOC 2, Type 2 compliance reports for 2021. These reports can be found under the Compliance settings tab of their enterprise account:"your-enterprise"/settings/compliance.

For organizations, these reports can be found under the Organization Security settings tab of their organization:"your-org"/settings/security.

On February 16, 2022, all non-audit-related npm Advisory APIs will be deprecated. Historically these undocumented APIs have been used to programmatically access advisory data. If you don’t use these APIs, you don’t need to take any action at this time.

Why the change?

Earlier this year, all npm advisory APIs were updated to be powered by the GitHub Advisory Database. As part of this work, we have created a service that converts the GitHub Advisory entries into a format that is compatible with the npm CLI and other tools that rely on our audit APIs that manage POST requests.

All non-audit-related npm Advisory APIs will be deprecated as the data being served from them has been modified from the original source, the GitHub Advisory Database.

What do I need to do?

We recommend customers who wish to continue utilizing advisory data should switch to the GitHub Security Advisory GraphQL API.

See more