Actions environments now makes it more secure to review and control deployments using manual approvals.
Previously, any user could trigger a workflow and also manually approve/reject a deployment job targeting a protected environment, if they are a required reviewer.
We are now introducing an option for environment admins to prevent required reviewers from self-reviews to secure deployments targeting their critical environments.
This would enforce that a different reviewer could approve and sign off the deployments, rather than the same user who triggered the run – making the deployments more secure.
Learn more about securing environments using deployment protection rules.
For questions, visit the GitHub Actions community.
To see what's next for Actions, visit our public roadmap.
GitHub Advanced Security customers that have validity checks enabled for secret scanning will see the validation status for the following Discord tokens:
View our supported secrets documentation to keep up to date as we expand validation support.
Need to roll back a change to a ruleset? How about easily moving your ruleset around?
With today’s public beta you now have new tools to manage your ruleset.
Rulesets are now easier to share and reuse, with the ability to import and export rulesets as JSON files. Giving you the ability to share rules across repositories and organizations or to share your favorite rules with the community. Which is what we’re doing. The ruleset-recipes repository is home to a collection of pre-baked rulesets covering a number of popular scenarios ready for you to use.
If you are a repository or organization administrator of GitHub Enterprise cloud, we’re adding a history experience so you can track changes and revert rulesets. Now, it’s easy in the ruleset UI to see who changed a ruleset, when it happened, and what changed. Then, quickly get back to a known good state.
Only changes made to a ruleset after the public beta are included in ruleset history.
Click here to learn more. If you have feedback, please share and let us know in our community discussion.