GitHub Advanced Security users can now filter their secret scanning alerts by validity in the UI at the repository, organization, and enterprise level. Valid statuses are active, inactive, or unknown. Validity checks must be enabled for the repository, organization, or enterprise.
Starting today, apps and tokens used to create a release via the REST API endpoint will require the workflow scope or workflows:write permission in certain cases.
The workflow scope or workflows:write will be required when creating a release that targets a commit SHA (target_commitish) that modifies an Actions workflow file and that SHA does not have an existing ref (branch head or tag).
For more details see the REST API documentation or visit the GitHub Actions community if you have any questions.
Opt-in and opt-out options enhanced to easily subscribe or unsubscribe from sponsorship related notifications.
Head to the settings page of your Sponsors profile to update your email preferences.