GitHub Enterprise Cloud administrators may need to review external identity information via the GraphQL API. Historically, this has required a token with the admin:org or admin:enterprise scope. We've taken a "least privilege" mindset in reviewing this flow and have now made this information available via the read:enterprise and read:org scopes for enterprise owner and organization owner actors.
For more information, see the GraphQL API documentation for Enterprise and Organization SAMLIdentity objects.
We now show bypassed branch protection rules in response to Git pushes. These are information messages and are not designed to block workflows.
Historically there was no indication after a Git push that branch rules had been bypassed.
Repo admins, actors with the bypass branch protections permissions, and actors in bypass lists on branch protections will now see a list of rules that were bypassed.
We appreciate your feedback in GitHub's public feedback discussions
The dependency graph shows a summary of the manifest and lock files stored in a repository. The repository view has an updated user experience that includes:
Access a repository's dependency graph from Insights > Dependency graph.