Following our recent release of generating a software bill of materials from the repository's dependency graph, you can now generate an SBOM for a repository using a new REST API for SBOMs. The resulting JSON will represent the head of the repository's main branch.
Secret scanning now detects secrets leaked historically in issues
GitHub Advanced Security customers using secret scanning can now view any secrets exposed historically in an issue's title, description, or comments within the UI or the REST API. This expanded coverage will also detect and surface secrets matching any custom pattern defined at the repository, organization, or enterprise levels.
Following a successful beta with lots of great customer feedback, webhook forwarding in the GitHub CLI is now available to everyone.
Webhook forwarding makes it easy to test your webhooks integration in your local environment without having to worry about port forwarding.
All it takes to start receiving webhooks locally is one simple command:
gh webhook forward --repo monalisa/hello-world --events issues,pull_request --url http://localhost:4000/webhooks
To learn more, head over to "Receiving webhooks with the GitHub CLI" in the docs.