enterprise

Subscribe to all “enterprise” posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

Previously, three aspects of repository forks caused friction to innersource collaboration and administration:

  1. Repositories could not be forked within a single organization.
  2. Repositories with internal visibility could not be forked to an organization.
  3. Enterprise owners lacked control over where repositories could be forked.

These obstacles have been addressed with the following new features. We're always looking for new ways to improve repository collaboration and we welcome your ideas.

Fork a repository to the same organization as its parent

Previously, a repository could be forked only to a different organization or user account.

Now, a repository can be forked to the same organization as its parent repository, addressing situations where people are working in one organization and don't want to fork a repository to a different organization or user account.

Fork internal repositories to enterprise organizations

Previously, when a repository with internal visibility was forked, the fork was automatically created in the person's personal account space and its visibility was changed to private.

Now, people can fork an internal repository to an organization in the same enterprise, and the fork will retain its internal visibility. When forking an internal repository, you can choose which of the enterprise's organizations should receive the fork – similar to forking a public repository, except that:

  1. The destination organizations will be limited to those within the enterprise of the parent repository.
  2. You will not be permitted to change the internal visibility of the fork while forking it.

Enterprise owners can limit where forks can be created

Previously, enterprise owners couldn't restrict where repositories in the enterprise could be forked. This was important for them to keep confidential repositories from accidentally being forked to an exposed location.

Now, enterprise owners can control where enterprise members can fork repositories. Forking can be limited to preset combinations of enterprise organizations, the same organization as the parent repository, user accounts, and everywhere.

Image of enterprise settings for controlling where repositories can be forked

More information

Learn more about working with forks, or enforcing a policy for forking repositories, in the GitHub documentation.

We appreciate feedback on this and other topics in GitHub's public feedback discussions.

See more

Custom repository roles are now GA for GitHub.com and Enterprise Server 3.5.

Organization admins can create custom repository roles available to all repositories in their organization. Roles can be configured from a set of 35 fine grained permissions covering discussions, issues, pull requests, repos, and security alerts. Once a role is created, repository admins can assign a custom role to any individual or team in their repository.

Custom repository roles can be managed in the Repository roles tab of your Organization settings:

image

Custom repository roles are also supported in the GitHub REST APIs. The Custom Roles API can be used to list all custom repository roles in an organization, and the existing APIs for granting repository access to individuals and teams support custom repository roles.

To get started with custom repository roles, read the docs.

See more

GitHub Enterprise Cloud owners now have the ability to opt-in to display enterprise members’ IP addresses for all
events involving enterprise-owned private repositories and enterprise-owned assets, such as issues and projects, in your
audit log.
This additional information can be used to improve threat analyses and
further secure your software.
Note, IP addresses will continue to not be displayed for activity related to public repositories.

For additional information, read about displaying IP addresses in the audit log for your enterprise.

See more

Enterprises that use Enterprise Managed Users (EMUs) to authenticate their accounts via Azure Active Directory can now use Azure AD location-based Conditional Access policies to protect the use of PATs and SSH keys. This requires the use of a new OpenID Connect-based application rather than a SAML integration. To learn more, read about enforcing Azure AD Conditional Access for PATs and SSH keys.

Note: this feature is currently in public beta for new and existing Azure AD EMU enterprises.

For more information:

See more

image

You can now download the latest version of GitHub Enterprise Server. This new release introduces GitHub Container registry and continues the strong emphasis on security. Your teams will be able to take advantage of the full complement of Dependabot capabilities and use GitHub Advanced Security with even greater language coverage and better protection for your secrets. You can read a detailed summary of new features for this release in the GitHub blog or you can take a look at all the changes in the release notes. You can check out a few of these highlights:

  • Container Registry, containers supporting OCI, granular permissions and anonymous downloads #118
  • Actions self-hosted runner group restrictions #255
  • Actions re-usable workflows are now generally available! #256
  • CodeQL detects more security issues and supports new language versions #460 Read more

New and of particular interest to administrators:

  • IP exception list for post-maintenance validation #448
  • 41 GitHub Enterprise Server Metrics for insight into platform usage #497 Read more
  • Audit Log now includes git events #322

To learn more about all the new features in GitHub Enterprise Server 3.5, read the release notes or download it today. Are you using the latest GitHub Enterprise Server version? Use the Upgrade Assistant to find the upgrade path from your current version of GitHub Enterprise Server to your desired version.

See more

Via our new beta feature, enterprise owners can now revoke pending member invitations from the pending invitations page within the enterprise account: https://github.com/enterprises/<enterprise>/pending_members. This beta feature only applies to enterprise member invitations not invites for enterprise administrators and outside collaborators.

To learn more, please read about viewing people in your enterprise.

See more

Enterprise administrators can now view a quick summary of the members associated with their enterprise on the enterprise account's member's page: https://github.com/enterprises/<enterprise>/people. This new summary section breaks down user counts across roles, licenses, and deployments applicable to your enterprise.

See more

The GitHub Enterprise Server 3.5 Release Candidate is available. New GitHub Advanced Security features are an exciting headline for this release alongside enhancements for enterprise administrators with Git events added to the audit log, the ability to analyze your Server usage over time, and a refinement of maintenance mode control. Read about these features and more in the full GitHub Enterprise Server 3.5 release notes.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments.

Download it today.

See more

Enterprise owners can now prevent organization owners from inviting outside collaborators to repositories in their enterprise. The "Repository outside collaborators" policy includes an additional option, "Enterprise admins only", which restricts the ability to invite outside collaborators only to users with admin permissions to the enterprise. For more info, see "Enforcing a policy for inviting outside collaborators to repositories".

Shows the new option "Enterprise admins only" in the "Repository outside collaborators" policy

See more

GitHub Enterprise Server 3.4 is Generally Available
We are excited to announce that the newest version of GitHub Enterprise Server is now available. This update includes enhancements to make developing software even easier for everyone with a host of improvements for security, compliance and administration teams. You can find all changes in the release notes, but here are a few highlights from the release:

  • Reusable workflows for GitHub Actions (#257)
  • Dependabot security updates (#343)
  • Ruby support for GitHub Advanced Security’s code scanning feature (#136)

Accompanying these new features are a collection of productivity enhancements for developers, including keyboard shortcuts, auto-generated release notes, and more.

  • Organizations can now publish a README.md Read more.
  • Right-to-left languages are now supported natively in Markdown files, issues, pull requests, discussions, and comments.
  • Automatically generated release notes. Read more.

To learn more about all the new features in GitHub Enterprise Server 3.4, read the release notes or download it today. Are you using the latest GitHub Enterprise Server version? Use the Upgrade Assistant to find the upgrade path from your current version of GitHub Enterprise Server to your desired version.

See more

Support for Actions in internal repositories is now generally available for GitHub organizations owned by an enterprise account.

You can innersource automation by sharing Actions in internal repositories, without publishing them publicly.
And then manage the repository settings or use our API support to allow access to workflows in other repositories:

  • In the same organization or
  • In any other organization in the enterprise

Learn more about Sharing Actions and workflows with your enterprise.

See more

The GitHub Enterprise Server 3.4 Release Candidate is available. This release brings over 60 new features including reusable workflows for GitHub Actions, Ruby support for GitHub Advanced Security Code Scanning, and a host of improvements for security, compliance and administration teams.

Read the blog post to discover the highlights in this release, or dive into the full GitHub Enterprise Server 3.4 release notes.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments.

Download it today.

See more