GitHub Enterprise Server 3.3 is now generally available for all customers. There are three exciting new betas to explore, dozens of productivity enhancements and performance improvements for CI/CD.
For more information about GitHub Enterprise Server 3.3, read the blog post and release notes or download it today. Alternatively, enjoy this ten minute overview presentation.
Are you using the latest GitHub Enterprise Server version? Use the Upgrade Assistant to find the upgrade path from your current version of GitHub Enterprise Server to your desired version.
We have added support for sigstore container signing to the default GitHub Actions starter workflow for publishing container images. New workflows on public repositories will use this by default. If you have an existing workflow, you will need to update your workflow to take advantage of this capability.
For more information, please read the announcement on the GitHub Blog.
GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans may prevent data leaks and any fraud associated with exposed data.
We have partnered with Typeform to scan for their access tokens and help secure our mutual users. Typeform API tokens allow Typeform users to create forms, retrieve responses, and configure webhooks. More information about Typeform API tokens can be found here.
We’ll forward access tokens found in public repositories to Typeform, who will verify and automatically disable the token. Typeform will then notify the user with the detection details (token name, where it was detected, and the token scopes).
We continue to welcome new partners for public repo secret scanning. GitHub Advanced Security customers can also scan their private repositories for leaked secrets.