Skip to content

Enable OAuth Device Authentication Flow for Apps

From today the OAuth Device Authorization flow feature must be manually enabled for all OAuth and GitHub Apps. This change reduces the likelihood of Apps being used in phishing attacks against GitHub users by ensuring integrators are aware of the risks and make a conscious choice to support this form of authentication.

If you own or manage an OAuth App or GitHub App that makes use of the OAuth Device Authorization flow, you can enable it for your App via its settings page:

Enable device flow

The OAuth Device Authorization flow API endpoints will respond with status code 400 to Apps that have not enabled this feature.

Learn more about the OAuth Device Authorization flow.

Today, we are announcing the beta of the new file tree experience for pull requests!

  • Jump between files more quickly
  • Understand the size and scope of the change before you start reviewing
  • Focus your review by filtering the tree on part of a file or folder name

How to use the tree

On the Files changed tab of a pull request, click a file in the tree to see its changes.

PR Files Changed tab showing tree

To filter the tree, type into the Filter changed files text input. File names matching this input and all files under a folder name matching this input will be shown. You can also filter the tree by file extension, viewed or not, owned by you or your team, and more using the File filter menu.

To hide or show the tree, click the toggle button above the tree.

Note: The file tree only appears if the pull request has at least 2 changed file and your browser window is sufficiently wide. During the beta, you can disable the tree completely via the feature preview dialog. When disabled, you will no longer have the option to hide or show the tree from the pull request page. If you change your mind, you can re-enable the tree in the feature preview dialog.

We want to hear from you

Join the public discussion and tell us what you like and don't like about the new file tree.

Learn more

Learn more about reviewing proposed changes and filtering files in a pull request.

See more

GitHub Enterprise Server 3.4 is Generally Available
We are excited to announce that the newest version of GitHub Enterprise Server is now available. This update includes enhancements to make developing software even easier for everyone with a host of improvements for security, compliance and administration teams. You can find all changes in the release notes, but here are a few highlights from the release:

  • Reusable workflows for GitHub Actions (#257)
  • Dependabot security updates (#343)
  • Ruby support for GitHub Advanced Security’s code scanning feature (#136)

Accompanying these new features are a collection of productivity enhancements for developers, including keyboard shortcuts, auto-generated release notes, and more.

  • Organizations can now publish a README.md Read more.
  • Right-to-left languages are now supported natively in Markdown files, issues, pull requests, discussions, and comments.
  • Automatically generated release notes. Read more.

To learn more about all the new features in GitHub Enterprise Server 3.4, read the release notes or download it today. Are you using the latest GitHub Enterprise Server version? Use the Upgrade Assistant to find the upgrade path from your current version of GitHub Enterprise Server to your desired version.

See more