Skip to content

Removal of source IP addresses from API error messages related to IP allow lists

For security reasons, source IP addresses have been removed from error messages that are returned from the GitHub API when callers try to access protected resources from non-permitted IP addresses.

To learn more about IP allow lists, visit Restricting network traffic to your enterprise with an IP allow list in the GitHub documentation.

If you'd like to learn more about your source IP addresses, please contact GitHub Support.

The code scanning REST API updated_at field has been improved to help you review your most recently changed alerts.

The updated_at timestamp now returns the alert's most recent state change on the branch that you requested. We consider a state change to be a significant event, including an alert being introduced, fixed, dismissed, reopened or reintroduced. This is implemented in both the repo API and org API so it can be used consistently at scale.

Previously, the updated_at timestamp changed whenever an alert was found in an analysis or the alert state changed, and so was updated very regularly. This improvement lets you efficiently use updated_at to sort and focus on your most recently changed alerts.

The code scanning REST API list alerts endpoints code-scanning/alerts returns the value for the default branch, unless another branch is specificed. The alert endpoint code-scanning/alerts/{alert_number} reports at the alert level, so will return the maximum value for the alert across all branches.

This is now live on for the repository level API. This will be live for the organization level API over the next few days because it requires data reindexing. This will ship to GitHub Enterprise Server version 3.11. For more information, see the code scanning REST API documentation.

See more

When you migrate to with GitHub Enterprise Importer, user activity (e.g. issues, pull requests, comments) is linked to placeholder identities called "mannequins".

After you've finished migrating, you can "reclaim" those mannequins, linking the migrated activity to users' accounts. As part of this process, users receive invitations, asking them to accept the mannequin attribution.

Now, organizations using Enterprise Managed Users (EMU) can reclaim mannequins immediately, skipping the invitation process. This can be done one-by-one, or in bulk using a CSV.

To use this new feature, you'll need to update to the new v1.0.0 version of the GitHub Enterprise Importer CLI, released today.

For more details, see "Reclaiming mannequins for GitHub Enterprise Importer" in the GitHub Docs.

See more