05/2019

Now, when you create a new repository, documentation will be within the list of default labels which you can add to issues and pull requests. Learn more about using default labels…

Milestones are now visible on project boards. If an issue or pull request belongs to a milestone, the name of the milestone will display on the project card as well…

Users with write access to two repositories can now use issue transfer to move issues between them. Previously, only users with admin permissions on both repositories had the ability to transfer…

Through the integration of Dependabot, we’ve released automated security fixes as a public beta. Automated security fixes are pull requests generated by GitHub to fix security vulnerabilities. They automate a…

Dependent repositories surface data from the GitHub dependency graph, showcasing which public repositories depend on the packages in that repository. Learn more

We’ve released maintainer security advisories as a public beta. Maintainer security advisories allow open source maintainers to privately discuss, fix, and publish notices about security vulnerabilities in repositories. GitHub may…

Token scanning is now generally available in all public repositories. Additionally, token scanning now supports detection of new token types from Alibaba Cloud, Mailgun, and Twilio. Learn more about token…

GitHub has partnered with WhiteSource to bring their vulnerability database into GitHub’s security vulnerability alerts. This additional data increases the number of known vulnerabilities to better protect your projects from…

Users can hover over a repository’s contributor count, and community contributors will show a hovercard of direct and transitive contributors to dependencies parsed from that repository’s dependency graph. Learn more…

Administrators of organization-owned repositories can now assign “triage” and “maintain” roles to collaborators and teams as part of a public beta preview. If a contributor proves their ability to drive…

Currently in limited public beta, GitHub Sponsors is a tool to financially support the developers who build the open source software you use every day. Open source developers can now…

Today we’re introducing the public beta of the Audit Log API. As a GitHub Enterprise Cloud organization administrator, you can now access log events using our GraphQL API and monitor…

The internal repository visibility option is available to customers with an Enterprise account. This new visibility option makes it easier to innersource code and projects to your organization members while…

The 2.17.0 release of GitHub Enterprise Server is now available for download. The latest release includes draft pull requests, security vulnerability alerts, batching suggested changes, and more. See the full…

Repositories may now specify a security policy by creating a file named SECURITY.MD. This file should be used to instruct users about how and when to report security vulnerabilities to…