The new GitHub Issues – June 23rd update

This marks 1️⃣ year since our initial private beta announcement! 🎉

Today's Changelog brings you the ability to bulk add items to projects and GraphQL API improvements!

🪷 Bulk add items

To make it even easier to add your issues and pull requests to a project, we have now added a new way to bulk add issues to your projects.

  • Hit the + button by the omnibar.
  • Select Add item from repository.
  • Pick your repository and get adding.

2022-06-22 19-30-46 2022-06-22 20_02_27

🤖 GraphQL API improvements

The projects GraphQL API is now generally available 🎉. With this update, we are announcing:

1) The introduction of new ProjectV2 object and mutations.
2) The deprecation of ProjectNext object and mutations, scheduled for 1st October 2022.

What are the new changes?

We have added a new ProjectV2 object to our GraphQL API to programmatically access a project.

The fields of the project are now available as:

The items of the project are represented by the ProjectV2Item object. It contains a field type to identify the item type – Issue, Pull Request, Draft Issue or Redacted. The values of the item are available under the fieldValues field.

We are also adding the following mutations for updating a project:

Based on feedback that more granular scopes would be useful, we have introduced new OAuth scopes specifically for this update:

  • The read:project scope provides query access to ProjectV2 objects.
  • The project scope provides query access to ProjectV2 objects and access to mutations.

✨ Bug fixes & improvements

Other changes include:

  • Bug fix where @mentions didn't include all users when editing a comment.
  • Ability to open the issues side-panel using the spacebar.
  • Long project titles no longer truncate when there is room to display the full title.
  • Bug fix to resolve a flash that occurs when creating or editing a project view title.

See how to use GitHub for project planning with GitHub Issues, check out what's on the roadmap, and learn more in the docs.

Dependabot alerts: Filter alerts by the scope of the dependency (runtime and development)

Today, we're shipping a new filter for the Dependabot alerts list view. In the alerts list view, you can now filter for scope:development or scope:runtime. Alerts for development dependencies also feature a label in the UI.

Dependency scope information will be available for alerts opened on or after June 23, 2022.

Which ecosystems are supported?

The following ecosystems are supported as of June 23, 2022:

Language Ecosystem Dependency Scope
Ruby RubyGems
JavaScript npm
JavaScript Yarn No, defaults to runtime
PHP Composer
Go Go modules No, defaults to runtime
Java Maven test maps to development, all else default to runtime
Python Poetry
Python pip ✅ for pipfile, for requirements.txt scope is development if the filename contains “test” or “dev”, else it is runtime
.NET NuGet ✅ only for .nuspec when tag != runtime; for all other cases defaults to runtime
Rust Cargo

For more information, learn more about Dependabot alerts in our documentation.

See more

Secret scanning’s REST API endpoints now support cursor-based pagination

GitHub Advanced Security customers can now use cursors to paginate over alert results they retrieve via the repository and organization level REST APIs.

Paginating with cursors, using the new before and after query parameters, can help assure data consistency and improve response times. To receive an initial cursor on your first request, include an empty "before" or "after" query string in your API call.

Learn more about the secret scanning REST API
Learn more about private repository scanning with Advanced Security

See more
View all changes