New Branch Protections: Last Pusher and Locked Branch

Today we're releasing two new branch protections.

Require approval from someone other than the last pusher

Now, before a pull request can be merged, you can require it to be approved by someone other than the last pusher.
Meaning, the most recent user to push their changes will need a pull request approval regardless of the Require approvals branch protection. Or in the case of 1 approval required, someone other than the last user to push their changes will also need to approve. If the approvals come from other folks than the last pusher, those two approvals will be sufficient.

Screenshot of Last Push protection enabled.

Lock branch

This allows for branches to be locked, prohibiting changes. You can lock a branch allowing you to have a maintenance window and prevent changes, or to protect a fork so it only receives changes from its upstream repository.

To use this feature in a branch protection rule, enable Lock branch.

Screenshot of Lock branch with fork sync enabled

For more information, read About protected branches in the GitHub documentation.

We appreciate feedback on this and other topics in GitHub's public feedback discussions.

We are excited to share with you that we have added a bunch of new capabilities to our GitHub app in Slack. You can now create, track and manage your GitHub issues directly from Slack.

Create issues as you collaborate

You can now create issues with just a click, right from the place where you interact with your team i.e. from your channel, personal app, group or direct chat.
image

  • The content of the chat is automatically added into the description along with the link to the slack conversation.
  • The last used repo in the channel will be automatically filled in. However, you can go ahead and change to the repo if needed.
  • You can optionally fill in labels, assignees and milestones when you create an issue.

Once the issue is created you will receive a confirmation card in the channel/chat where you created the issue.

Issue card updates and threading

You can also update the issue directly from slack. When you see an issue notification card in Slack, you will now be able to comment, edit and close/reopen.
image

As part of this enhancement, we have also introduced threading functionality. Notifications for any issue are grouped under a parent card as replies. Threading gives context, reduces noise in the channel and helps improve collaboration.

For more information about these enhancements, please visit the GitHub app guidance for Slack.

See more

OpenID Connect (OIDC) support in GitHub Actions enables secure cloud deployments using short-lived tokens that are automatically rotated for each deployment.

You can now use the enhanced OIDC support to configure the subject claim format within the OIDC tokens, by defining a customization template at either org or repo levels. Once the configuration is completed, the new OIDC tokens generated during each deployment will follow the custom format.

This enables organization & repository admins to standardize OIDC configuration across their cloud deployment workflows that suits their compliance & security needs.

Learn more about Security hardening your GitHub Workflows using OpenID Connect.

See more