The GitHub Enterprise Server 3.5 Release Candidate is available

The GitHub Enterprise Server 3.5 Release Candidate is available. New GitHub Advanced Security features are an exciting headline for this release alongside enhancements for enterprise administrators with Git events added to the audit log, the ability to analyze your Server usage over time, and a refinement of maintenance mode control. Read about these features and more in the full GitHub Enterprise Server 3.5 release notes.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments.

Download it today.

Dependabot keeps `@types` dependencies in sync with updated packages

Dependabot will now update @types dependencies alongside their corresponding packages in TypeScript projects.

Before this change, users would see separate pull requests for a package and its corresponding @types package. This could lead to packages and type definitions getting out of sync with one another, and require manual intervention. For example, if a project had dependencies on both jquery and @types/jquery, and a vulnerability triggered Dependabot to update jquery from 3.4.1 to 3.5.0, the package @types/jquery would remain at its original 3.4.x version.

Now, Dependabot can help TypeScript users keep their dependencies and @types packages up-to-date and in sync. When triggered to create an update, Dependabot will check if that package has a corresponding @types package. If so, Dependabot will update both the package and the corresponding @types package in a single PR. Or, if the @types package is no longer needed, that dependency will be removed instead.

The feature is automatically enabled on repositories containing @types packages in the project's devDependencies as listed in package.json. You can disable this behavior by setting the ignore field in your dependabot.yml file to @types/*. Let us know what you think in this feedback discussion.

See more

Codespaces: Default Image Improvements

When you work in a codespace, the environment you are working in is created using a development container, hosted on a virtual machine. If you don’t define a configuration in your repository, GitHub creates a codespace using a default Linux image. This Linux image includes common languages and runtimes such as Python, Node.js, JavaScript, TypeScript etc. to help you get started with an environment that you can further customize or use as is based on your team’s needs.

‘Zero-configuration’ getting started experience for machine learning users

With this update, we’ve released a new version of the default image that enables a seamless getting started experience for machine learning scenarios:

  • The default image now has Jupyter pre-installed by default so that you can immediately run jupyter notebook or jupyter lab from the terminal to get started with your data science project.
  • The default image also has the following commonly used machine learning specific Python libraries pre-installed by default:
    • For numeric computing: numpy, pandas, scipy
    • For data visualizations: matplotlib, seaborn
    • For model building: scikit-learn, tensorflow, keras, torch
    • For data fetching: requests
  • Lastly, you can include any additional project-dependent Python packages in the requirements.txt file, and those will be automatically installed at a user scope when you create your codespace.

Additional updates

  • Alongside these improvements, the default image has been updated with the following tools to optimize for speed and costs associated with default codespaces. We’ve also updated the major version of the image to 2 since the removal of these toolsets introduces breaking changes. While some of the tools are not included by default anymore, you can always add these by creating your own devcontainer configuration.
    Tools added:
    • Node 14
    • Node 16
    • Python 3.9
    • Python 3.10
    • Conda 4.12
    • Java 11
    • Maven 3.8
    • Ruby 3.0
    • Ruby 3.1
    • PHP 8.0
    • PHP 8.1
    • PHP Composer 2.3
    • Hugo 0.96
    Tools removed:
    • Node 12
    • Python 3.8
    • Conda 4.8
    • .NET 5.0
    • Ruby 2.7
    • PHP 7.2
    • PHP 7.3
    • PHP Composer 2.0
    • Hugo 0.90
    • Maven 3.6
    • PowerShell
    • Az CLI
    • Rust
  • Lastly, as a part of this update, for tools that have LTS support (e.g. node, python), the default image will include the latest two LTS releases going forward.

To learn more, check out the latest Codespaces default image configuration.

See more
View all changes