You can now control which GitHub App a required status check is provided by. If status is then provided by a different app or by a user via a commit status, merging will be prevented. This ensures all changes are validated by the intended app.
Existing required status checks will continue to accept status from any app, but can be updated to only accept status from a specific app (see Editing a branch protection rule). Newly-added required status checks will default to the app that most recently reported the status, but you can choose a different app or allow any app to provide the status.
For more information see our documentation about protected branches.
Team sync support for Okta is now generally available for GitHub Enterprise Cloud customers.
Team sync allows GitHub.com organizations to sync an identity provider's groups’ members to teams in GitHub. With this release, we are adding support for Okta as an identity provider alongside Azure Active Directory.
To use it, your organization needs Okta configured as an external identity provider at the organization level and SCIM enabled. Learn more about Okta team sync.
GitHub Actions workflows triggered by Dependabot will now be sent the Dependabot secrets.
This change will enable you to pull from private package registries in your CI using the same secrets you have configured for Dependabot to use and will improve how Actions and Dependabot work together.
Learn more about using Actions and Dependabot together