Skip to content

Audit log improvements for Dependabot alerts

GitHub's audit log allows organization and enterprise admins to quickly review the actions performed by members of their organization or enterprise. For Dependabot alerts, the audit log includes actions such as repository enablement, creation or reintroduction of alerts, dismissal of alerts, and resolving of alerts.

The audit log now supports the following improvements:

  • Dismissal comments, if provided with a Dependabot alert, are now displayed in the audit log
  • The audit log API for Dependabot alerts now supports several new fields: alert_number, ghsa_id, dismiss_reason, and dismiss_comment.
  • Additional minor improvements, including links back to the alert and correct timestamps added to events.

This release is available for organization and enterprise admins (including GHES 3.7 and later).

For more information, view documentation on Dependabot alerts in the GitHub audit log.

New and improved Enterprise Reports now Generally Available

The recently enhanced GitHub Enterprise "consumed licenses" report and new "enterprise members" report are now generally available. These reports provide more insight into who has access to an enterprise, what level of access, and whether a license is consumed:

  • Consumed License Report: A breakdown of license usage for your GitHub Enterprise and any synced GitHub Enterprise Server instances;
  • Enterprise Members Report: An extensive list of licensed and non-licensed members associated with your Enterprise Cloud environment, including members synced from a GitHub Enterprise Server instance.

To learn more about these reports and how to access them, read our documents about viewing license usage for GitHub Enterprise and exporting membership information about your enterprise.

See more

Calendar-based versioning for the REST API

Today, we’re introducing calendar-based versioning for the REST API to give API integrators a smooth migration path and plenty of time to update their integrations when we need to make occasional breaking changes to the API.

You can learn more in today’s blog post and on the new “API Versions” page in our docs.

If you’re using the REST API, you don’t need to take any action right now. We’ll get in touch with plenty of notice before we drop support for any old versions.

See more
View all changes