Skip to content

GraphQL APIs for creating a branch linked to an issue

We've added GraphQL API support for creating a branch linked to an issue. Learn more about creating a branch for an issue in the UI in the documentation.

The GraphQL API supports:

Yellow security vulnerability repository banner is being removed

Removing the security vulnerability banner

The yellow banner stating "We found potential security vulnerabilities in your dependencies" is being removed. Please use the "Security" alert count in your repository navigation as an indicator for when your repository has Dependabot alerts. You can also adjust your notifications settings to opt-in to email and web notifications, as well as email digests for your Dependabot alerts.

About this change

We've been working to steadily improve our security alert notifications and indicators. As part of our notifications strategy, we are removing this legacy banner.

Available alert notifications and indicators

Today, when Dependabot detects a dependency-based vulnerability, Dependabot lets you know based on your user notifications settings and repository watching settings. You can opt to receive:

  • Web-based notifications on alerts in your GitHub inbox
  • Email based notifications on alerts
  • Email digests (weekly or daily roll-ups of alerts).

From the UI, you can also use the "Security" alert count in your repository navigation as an indicator for when your repository has alerts. This Security tab includes the count for all active Dependabot alerts, code scanning alerts, secret scanning alerts, and any security advisories that you have permissions to view.

Learn more about GitHub Advanced Security, Dependabot alerts, and configuring notifications for alerts.

See more

Display SAML SSO authentication data in audit log – Private Beta

GitHub Enterprise Cloud customers can now participate in a private beta displaying SAML single sign-on (SSO) identities for relevant users in audit log events.

SAML SSO gives organization and enterprise owners a way to control and secure access to resources like repositories, issues, and pull requests. Organization owners can invite GitHub users to join an organization backed by SAML SSO, allowing users to become members of the organization while retaining their existing identity and contributions on GitHub.

With the addition of SAML SSO identities in the audit log, organization and enterprise owners can easily link audit log activity with the user's corporate identity, used to SSO into GitHub.com. This not only provides increased visibility into the identity of the user, but also enables logs from multiple systems to quickly and easily be linked using a common SAML identity.

Enterprise owners interested in participating in the private beta should reach out to your GitHub account manager or contact our sales team to have this feature enabled for your enterprise. Once enabled, enterprise and organization owners can provide feedback at the logging SAML SSO authentication data for enterprise and org audit log events community discussion page.

See more
View all changes