Dotfiles are a common way to specify custom, user-specific behavior for applications (like Vim or Emacs) and shells on your codespaces. If enabled, dotfiles stored in a user's public dotfiles repository would be used for this configuration. With this change, any user owned repo, including private repos, can be used to install dotfiles into your codespaces.
For more information, see "Dotfiles".
GitHub Advanced Security customers can now use the GitHub REST API to retrieve commit details of secrets detected in private repository scans. Now available on cloud, the new endpoint will surface details of a secret's first detection within a file, including the secret's location and commit SHA.
Learn more about the secret scanning REST API
Learn more about private repository scanning with Advanced Security
You can now control which GitHub App a required status check is provided by. If status is then provided by a different app or by a user via a commit status, merging will be prevented. This ensures all changes are validated by the intended app.
Existing required status checks will continue to accept status from any app, but can be updated to only accept status from a specific app (see Editing a branch protection rule). Newly-added required status checks will default to the app that most recently reported the status, but you can choose a different app or allow any app to provide the status.
For more information see our documentation about protected branches.