Available in public beta today, the security coverage page now includes multi-repository enablement, which lets you enable or disable security features across several repositories at once. This feature improves upon…
Many of us are aware of the benefits that a strong focus on automation can bring, particularly in our development workflow and DevOps lifecycle. But silos across businesses can lead to duplication of effort, and potential to lose out on best practices. In this post, we’ll explore how CI/CD can be shared across your entire organization alongside policies, for a well-governed experience with GitHub Actions.
You can now filter by repository topic or team on the organization-level Dependabot, code scanning, and secret scanning pages in security overview. These improvements have shipped to GitHub.com and will…
GitHub enterprise and organization owners can now use a REST API to delete their organizations and all corresponding repositories. Organization names will be locked for 90 days following the organization…
Organization owners can now automate the approval and auditing of fine-grained personal access tokens (PATs) in their organization using a GitHub app. New APIs and webhook events allow a GitHub…
Enabling CodeQL analysis with code scanning default setup for eligible repositories in your organization is now as easy as a single click from the organization’s settings page or a single…
GitHub Security was notified about an issue where users still had access to organizations after being removed. Our Security team investigated potential instances and determined there were occasional instances where…
GitHub organization owners can now opt-in to a public beta to display organization members’ IP addresseses in audit logs events. When enabled, IP addresses will be displayed for all audit…
Organizations on github.com with an enterprise plan can now create 5 custom repository roles, an increase from the previous limit of 3. This increase will also appear in GitHub Enterprise…
Organization admins and security managers can now enable private vulnerability reporting for all public repositories within an organization at once. With this enhancement, you no longer have to enable the…
The GitHub Packages RubyGems registry now runs on a new architecture, unlocking great new capabilities: Publishing packages at organization level with GitHub Packages Previously, RubyGems packages published to GitHub Packages…
GitHub Enterprise Cloud admins can now display critical announcements to members of their enterprise or specific organizations. GitHub Enterprise Server already has this capability. With this enhancement, Enterprise Cloud admins…
Today, we are announcing public beta of required workflows in GitHub Actions 🎉 Required workflows allow DevOps teams to define and enforce standard CI/CD practices across many source code repositories…
You can now view (GET) the security feature enablement status for all repositories in your organization using the “list organization repositories” endpoint in the REST API for the following security…
GitHub Security was recently notified about a caching issue affecting npm. This bug had been present since 2016 and sporadically caused npm maintainers to be re-invited upon removal from packages…
The GitHub Packages NuGet registry now runs on a new architecture, unlocking great new capabilities: Publishing packages at organization level with GitHub Packages Previously, NuGet packages published to GitHub Packages…
The organization-level security overview page has been replaced by the risk and coverage views as previously announced and is no longer available. The risk view is designed to help you…
GitHub organizations can now use the code scanning organization-level API endpoint to retrieve code scanning alerts on public repositories; this no longer requires a GitHub Advanced Security license. This new…
You can now enable and disable the following GitHub security features for a single repository from the organization-level security coverage view: Dependency graph Dependabot alerts Dependabot security updates If you…
Whether you invite a user to an organization via the API or via our user interface, we are bringing enhancements to make this experience better. From today, you can: search…
Security overview’s new risk and coverage views provide greater visibility into your security posture and risk analysis. Each new view offers a refreshed design with several key improvements, including insights…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Catch up on the GitHub podcast, a show dedicated to the topics, trends, stories and culture in and around the open source developer community on GitHub.
