GitHub Advanced Security customers can now view all their code scanning alerts in the organization security tab. This view is available to organization owners and members of teams with the security manager role.
Learn more about security overview
Learn more about GitHub Advanced Security
We have introduced a new policy setting that controls whether GitHub Actions can approve pull requests. This protects against a user using Actions to satisfy the "Required approvals" branch protection requirement and merging a change that was not reviewed by another user.
To prevent breaking existing workflows Allow GitHub Actions reviews to count towards required approval is enabled by default. However, an organization admin can disable it under the organization's Actions settings.
GitHub is updating the retention policy as it pertains to Checks data. Checks created by GitHub Actions and third-party GitHub Apps will be affected by the new retention policy.
Starting on February 14th, 2022 GitHub will begin archiving detailed checks data older than 400 days. As part of the archiving process we will create a rollup commit status representing the state of all checks for that commit. As a consequence, the merge box in any pull request with archived required checks will be in a blocked state and checks will need to be rerun in order to merge it.