Organizations can now enable 2FA requirement without removing non-compliant members [GA]

Account management

November 8, 2024

Enterprises can now broadly roll out two-factor authentication (2FA) to all members of their organization through an enhanced 2FA enrollment experience in GitHub. With this update, non-compliant users will no longer be removed from organizations when an organization begins enforcing 2FA.

2FA will be enforced via conditional access policies, which means members who have not yet enabled 2FA will continue to have their organization membership, but be blocked from visiting any organization resources until they enable 2FA.

This enables organizations to enable a broader 2FA enrollment without disrupting the membership status of their members who are yet to enable 2FA. This also enables members without elevated privileges to enable or disable 2FA on their accounts without losing organization membership.

Learn more about how GitHub is securing developer accounts using 2FA, and why we’re urging more organizations to join us in these efforts.

Copilot Immersive update for Copilot Enterprise customers

November 7, 2024

copilot

Screenshot showing the empty state of the new Copilot immersive experience with a number of suggestions how to get started and an a message in the input that reads - Who contribute to those files - with a repository and two files selected for context.

We’ve enhanced the fullscreen Copilot chat experience on github.com/copilot with a streamlined UI and an even easier way to handle context:

Effortlessly see and navigate previous conversations with a new collapsible sidebar
Dynamically set and remove repository context to suit your workflow
Manage all your resources seamlessly in a unified attachment menu

These updates are available in preview for Copilot Business and Copilot Individual users. Check out the updates, and let us know what you think using the in-product feedback option.

See more See more

Deprecation – Dependabot no longer supports Composer v1

November 6, 2024

Ecosystem

As of November 6, 2024, Dependabot no longer supports Composer version 1, which has reached its end-of-life. If you continue to use Composer version 1, Dependabot will be unable to create pull requests to update your dependencies. If this affects you, we recommend updating to a supported release of Composer. As of October 2024, the newest supported version of Composer is 2.8, and the long-term supported version is 2.2.

View Composer’s official documentation for more information about supported releases.

See more See more

View all changes