Display SAML SSO authentication data in audit log – Public Beta

GitHub Enterprise Cloud customers can now participate in a public beta displaying SAML single sign-on (SSO) identities for relevant users in audit log events.

SAML SSO gives organization and enterprise owners a way to control and secure access to resources like repositories, issues, and pull requests. Organization owners can invite GitHub users to join an organization backed by SAML SSO, allowing users to become members of the organization while retaining their existing identity and contributions on GitHub.

With the addition of SAML SSO identities in the audit log, organization and enterprise owners can easily link audit log activity with the user's corporate identity used to SSO into GitHub.com. This provides increased visibility into the identity of the user and enables logs from multiple systems to quickly and easily be linked using a common SAML identity.

To learn more, read our documentation about SAML SSO authentication data in our audit logs. Enterprise and organization owners can provide feedback at the logging SAML SSO authentication data for enterprise and org audit log events community discussion page.

npm provenance general availability

npm provenance is now generally available.

npm packages built on a supported cloud CI/CD system can publish with provenance. Today this includes GitHub Actions and GitLab CI/CD.

Publishing with provenance verifiably links the package back to its source repository and build instructions. Provenance is restricted to public packages and public source repositories only.

npm will check the linked source commit and repository when you view a package's provenance information on npmjs.com. If the linked source commit or repository cannot be found, an error displays at the top of the page and alongside the provenance information to let you know that provenance for this package can no longer be established. This can happen when a repository is deleted or made private.

Once published, packages display provenance on the registry website:

Provenance displayed on the registry website

For more information, see generating provenance.

See more

Breaking change to GitHub Copilot service endpoints

Starting tomorrow Tuesday, September 26, 2023 we are updating the service endpoints for organizations with GitHub Copilot Chat beta enabled. If your organization uses a firewall to restrict network traffic, we recommend updating your allowlist to include *.githubcopilot.com if you haven’t done so already. This endpoint is required to deliver Copilot Chat messages.

If you are not ready to upgrade to this new endpoint, you can pin your GitHub Copilot Chat version to 0.7.1 or earlier.

If your organization doesn’t use a firewall to restrict network traffic, then no change is necessary. For a complete list of GitHub Copilot service endpoints, see our docs.

See more
View all changes