GitHub Advanced Security users can now use the REST API to enable or disable secret scanning validity checks for a repository, organization, or enterprise. Validity checks retrieve a status for supported tokens from their relevant partner (
unknown). This status is displayed in the secret scanning alert view and the REST API.
Codespaces Host Image Version Preference
A GitHub codespace is a development environment provided by a container that runs on a virtual machine (VM). The development environment that the developer works within is defined by the dev container configuration. The VM configuration defines the operating system which builds and runs the dev container. GitHub maintains this VM configuration, and regularly upgrades it to improve security, functionality, and performance.
While our regular security patching does not impact capabilities, occasionally we need to upgrade components that may have an impact on the way the container environment functions in certain cases. Therefore, we are introducing a way to opt into the beta image configuration, allowing you to test the changes in your specific environments and provide feedback before we ship the changes to the stable image.
The upgraded host image is initially made available as a beta release, which enables you to ensure your existing dev container configurations are compatible with the next iteration of the VM configuration. Once enabled, all newly created or resumed codespaces will use the specified host configuration. This enables you to test your configurations without impacting other developers who use the same dev container. You may switch between the beta and stable host configurations at any time. Whenever you switch, all of your subsequently created or resumed codespaces will receive the configuration you specified. Changing this setting does not impact currently running codespaces.