We updated the web UI to make keeping forks in sync with their upstream repositories more intuitive. "Fetch upstream" has been renamed to "Sync fork," which better describes the button's behavior. If the sync causes a conflict, the web UI prompts users to contribute their changes to the upstream, discard their changes, or resolve the conflict.
Secret scanning: Admins can now provide a link to display when a push is blocked
GitHub Advanced Security customers using secret scanning can now specify a custom link that will show in the error message when push protection detects and blocks a potential secret. Admins can use the custom link to provide their developers with a point of reference on best practices with secrets.
Learn more about protecting pushes with secret scanning.
OpenID Connect (OIDC) support in GitHub Actions is now enhanced to support secure cloud deployments at scale.
Org & repo admins can use the new OIDC API support to:
- enable a standard OIDC configuration across their cloud deployment workflows by customizing the
subject
claim format. - ensure additional compliance & security for their OIDC based deployments by appending the
issuer
url with their enterprise slug - configure advanced OIDC policies by using the additional OIDC token claims like
repository_id
andrepo_visibility
.
Learn more about Security hardening your GitHub Workflows using OpenID Connect.