Previously, repository admins could pin up to four important discussions above the list of discussions for the repository or organization. Now, they can also pin discussions to a specific discussion category to provide context relevant to that category. These pins appear above the list of discussions in that category and are not affected by pagination or search.
More enhancements to Discussions available today:
To learn more about GitHub Discussions, read the overview or documentation, and start conversations with your community today.
You can now require approval from a user with write permissions to the repository before a workflow run can be triggered from a private fork. This can be useful for some inner source scenarios, where you want to ensure that the code is reviewed before it is run.
Learn more about enabling workflows for forks of private repositories
For questions, visit the GitHub Actions community.
To see what's next for Actions, visit our public roadmap.
The dependency review API is now generally available.
The Dependency Review GitHub Action now allows you to reference a local or external configuration file. There are also new configuration options:
fail-on-scopes: contains a list of strings representing the build environments you want to support (development, runtime, unknown). The action will fail on pull requests that introduce vulnerabilities in the scopes that match the listallow-ghsas: contains a list of GitHub Security Advisory IDs that can be skipped during detectionlicense-check and vulnerability-check: a boolean option that allows you disable either one of the checks Learn more about the dependency graph and dependency review