product

Subscribe to all “product” posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

GitHub Enterprise Server 3.14 is generally available

GitHub Enterprise Server 3.14 gives customers enhanced deployment requirements and security controls. Here are a few highlights in the 3.14 release:

  • SCIM for GHES is a popularly requested enterprise identity management feature, now available in public beta! SCIM stands for “System for Cross-domain Identity Management” and is a leading standard for user lifecycle management in SaaS applications. Enterprise administrators can configure SCIM for their GitHub Enterprise Server instance, which supports automatic provisioning of new user accounts and groups through our SCIM API. We support several paved path applications such as Entra ID and Okta that combine SAML and SCIM support in one place. Additionally, you may bring your own SAML identity provider and SCIM implementation to GitHub Enterprise Server to satisfy your unique identity and user lifecycle management needs. To get started, visit our SCIM documentation for GitHub Enterprise Server. While in public beta, we recommend testing SCIM support for your identity system in a non-production GHES environment before adding SCIM to your current setup. SCIM support can be added onto existing SAML implementations, but it will require using a new application that supports automated provisioning via SCIM in your IdP. Existing private beta customers should also reconfigure their implementation with updated IdP applications.
  • SAML settings are now visible as a read-only configuration in the enterprise settings page. Enterprise administrators are able to view these settings in the same place where SCIM support is configured for your enterprise instance.

  • We’re introducing custom organization roles, allowing you to delegate some of the organization’s administrative duties to trusted teams and users. Organization admins will have both the UI and API to manage these custom roles. See custom organization roles.

  • Code scanning option for repository rules is now available in public beta in GHES. Now, you can create a dedicated code scanning rule to block pull request merges instead of relying on status checks. This makes it easier than ever to prevent new vulnerabilities from being introduced into a code base. See set code scanning merge protection.

  • Dependabot grouped security updates are now generally available. This feature automatically groups Dependabot pull requests and lets you specify several additional options to fine tune groupings. You can enable grouped security updates for Dependabot at the repository or organization-level. If you would like more granular control over Dependabot’s grouping, you can also configure the dependabot.yml file in a repository.

  • With Generation 2 VM support, Operators can scale the GHES appliance vertically. New installs of 3.14 and later will boot on newer generation hardware by supporting both boot firmwares, BIOS, and UEFI. See Generation 2 VMs.

  • On an instance with multiple replica nodes, to start or stop replication for all nodes in a single configuration run, Operators can use the ghe-repl-start-all and ghe-repl-stop-all commands.

Read more about GitHub Enterprise Server 3.14 in the release notes, or download it now. If you have any issues upgrading your GitHub Enterprise Server Appliance to version 3.14, or problems using new features, please contact our Support team.

Join the community discussion to share your feedback and ask questions.

See more

The GitHub Enterprise Server 3.14 release candidate is here

GitHub Enterprise Server 3.14 gives customers enhanced deployment requirements and security controls. Here are a few highlights in the 3.14 release:

  • SCIM for GHES is a popularly requested enterprise identity management feature, now available in public beta! SCIM stands for “System for Cross-domain Identity Management” and is a leading standard for user lifecycle management in SaaS applications. Enterprise administrators can configure SCIM for their GitHub Enterprise Server instance, which supports automatic provisioning of new user accounts and groups through our SCIM API. We support several paved path applications such as Entra ID and Okta that combine SAML and SCIM support in one place. Additionally you may bring your own SAML identity provider and SCIM implementation to GitHub Enterprise Server to satisfy your unique identity and user lifecycle management needs. To get started, visit our SCIM documentation for GitHub Enterprise Server. While in public beta we recommend testing SCIM support for your identity system in a non-production GHES environment before adding SCIM to your current setup. SCIM support can be added onto existing SAML implementations, but will require using a new application that supports automated provisioning via SCIM in your IdP. Existing private beta customers should also reconfigure their implementation with updated IdP applications.
  • SAML settings are now visible as a read-only configuration in the enterprise settings page. Enterprise administrators are able to view these settings in the same place where SCIM support is configured for your enterprise instance.

  • We’re introducing custom organization roles, allowing you to delegate some of the organization’s administrative duties to trusted teams and users. Organization admins will have both the UI and API to manage these custom roles. See custom organization roles.

  • Code scanning option for repository rules is now available in public beta in GHES. Now, you can create a dedicated code scanning rule to block pull request merges instead of relying on status checks. This makes it easier than ever to prevent new vulnerabilities from being introduced into a code base. See set code scanning merge protection.

  • Dependabot grouped security updates are now generally available. This feature automatically groups Dependabot pull requests and lets you specify several additional options to fine tune groupings. You can enable grouped security updates for Dependabot at the repository or organization-level. If you would like more granular control over Dependabot’s grouping, you can also configure the dependabot.yml file in a repository.

  • With Generation 2 VM support, Operators can scale the GHES appliance vertically. New installs of 3.14 and later wll boot on newer generation hardware by supporting both boot firmwares, BIOS, and UEFI. See Generation 2 VMs.

  • On an instance with multiple replica nodes, to start or stop replication for all nodes in a single configuration run, Operators can use the ghe-repl-start-all and ghe-repl-stop-all commands.

Release Candidates are a way for you to try the latest features early, and they help us gather feedback to ensure the release works in your environment. They should be tested on non-production environments. Read more about the release candidate process.

To learn more about GHES 3.14, check out release notes, or download the 3.14 release candidate now.
If you have any feedback or questions about the release candidate, please contact our Support Team.

See more

The GitHub Enterprise Server 3.13 release is generally available

GitHub Enterprise Server 3.13 gives customers more fine-grained control over deployment requirements and enhanced security controls. Here are a few highlights:

  • We are introducing a new feature for repositories called custom properties, a major enhancement to how repositories are managed and classified across GitHub organizations. Properties offer a flexible way to add meaningful metadata to your repositories that simplifies repository classification, enhances discoverability, and seamlessly integrates with rulesets. Check out the demo! For more information, see custom properties for repositories.
  • Elasticsearch will be upgraded from version 5 to version 8, when the appliance is upgraded to 3.13. Elasticsearch powers all search experiences in GHES including code search and audit logs. Upgrading ES5 to ES8 allows the platform to take advantage of better performance and improved security posture in ES8. For more information regarding what to expect during ES8 upgrade, see Preparing for Elasticsearch upgrade in GHES 3.13.
  • Enterprise and organization audit log events now include the applicable SAML and SCIM identity data associated with the user. For more information, see Reviewing the audit log for your organization.
  • Developers who use devcontainer.json files to define their development containers will now be able to use Dependabot version updates to keep their dependencies in the container up-to-date. Once configured in dependabot.yml, Dependabot will open PRs on a specified schedule to update the listed dependencies to latest.
  • Pull Requests rebases are now faster! Under the hood, rebase commits now use the merge-ort. Rebases that timed out for large repositories before are now a lot more likely to be successful.
  • Using Project Status Updates, you can now provide high level details on the status, timing, and progress of your project, directly from the project! This makes it easy to know and share with others how your work is progressing, any risks, and a history of when and why something changed, all in the same place where you’re tracking your work.

Read more about GitHub Enterprise Server 3.13 in the release notes,
or download it now.

If you have any issues upgrading your GitHub Enterprise Server Appliance to version 3.13, or problems using new features, please contact our Support team.

Please join us on GitHub Community to share your feedback or ask any questions about the new features!

See more

The GitHub Enterprise Server 3.13 release candidate is here

GitHub Enterprise Server 3.13 gives customers more fine-grained control over deployment requirements, and enhanced security controls. Here are a few highlights:

  • We are introducing a new feature for repositories called custom properties, a major enhancement to how repositories are managed and classified across GitHub organizations. Properties offer a flexible way to add meaningful metadata to your repositories that simplifies repository classification, enhances discoverability, and seamlessly integrates with rulesets. Check out the demo! For more information, see custom properties for repositories.
  • Elasticsearch will be upgraded from version 5 to version 8, when the appliance is upgraded to 3.13. Elasticsearch powers all search experiences in GHES including code search and audit logs. Upgrading ES5 to ES8 allows the platform to take advantage of better performance and improved security posture in ES8. For more information regarding what to expect during ES8 upgrade, see Preparing for Elasticsearch upgrade in GHES 3.13. Downnload the 3.13 RC candidate now, upgrade your staging environment and share your feedback with us!

  • Enterprise and organization audit log events now include the applicable SAML and SCIM identity data associated with the user. For more information, see Reviewing the audit log for your organization.

  • Developers who use devcontainer.json files to define their development containers will now be able to use Dependabot version updates to keep their dependencies in the container up-to-date. Once configured in dependabot.yml, Dependabot will open PRs on a specified schedule to update the listed dependencies to latest.

  • Pull Requests rebases are now faster! Under the hood, rebase commits now use the merge-ort. Rebases that timed out for large repositories before are now a lot more likely to be successful.

  • Using Project Status Updates, you can now provide high level details on the status, timing, and progress of your project, directly from the project! This makes it easy to know and share with others how your work is progressing, any risks, and a history of when and why something changed, all in the same place where you’re tracking your work.

Release Candidates are a way for you to try the latest features early, and they help us gather feedback to
ensure the release works in your environment. They should be tested on non-production environments.
Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.13 in the release notes,
or download the release candidate now.
If you have any feedback or questions, please contact our Support team.

See more

GitHub Enterprise Server 3.12 is generally available

GitHub Enterprise Server 3.12 is now generally available and gives customers more fine-grained control over deployment requirements, as well as enhanced security controls. Here are a few highlights:

  • Restrict your deployment rollouts to select tag patterns in Actions Environments.
  • Enforce which Actions workflows must pass with organization-wide repository rulesets.
  • Scale your security strategy with Dependabot Alert Rules. This public beta allows customers to choose how to respond to Dependabot alerts automatically by setting up custom auto-triage rules in their repository or organization.
  • Automate pull request merges using Merge Queues. Previously developers needed to manually update their pull requests prior to merging, to ensure their changes wouldn’t break the main branch. These updates would initiate a round of continuous integration checks that needed to pass before a pull request could be merged. But with merge queues, this process is automated by ensuring each pull request queued for merging is tested with other pull requests queued ahead of it.
  • Enhance the security of your code with a public beta of Secret Scanning for non-provider patterns, and an update to Code Scanning’s default setup to support all CodeQL languages.
  • GitHub Project templates are available at the organization level, allowing customers to share out and learn best practices in how to set up and use projects to plan and track their work.
  • Updated global navigation to make using and finding information better, as well as improve accessibility and performance.
  • Highlight text in markdown files with accessibility aspects in mind with the alerts markdown extension, which gives you five levels to use (note, tip, important, warning, and caution).

Read more about GitHub Enterprise Server 3.12 in the release notes,
or download it now.
If you have any feedback or questions, please contact our Support team.

See more

The GitHub Enterprise Server 3.12 release candidate is here

GitHub Enterprise Server 3.12 gives customers more fine-grained control over deployment requirements, enhanced security controls, and some . Here are a few highlights:

  • Restrict your deployment rollouts to select tag patterns in Actions Environments.
  • Enforce which Actions workflows must pass with organization-wide repository rulesets.
  • Scale your security strategy with Dependabot Alert Rules. This public beta allows customers to choose how to respond to Dependabot alerts automatically by setting up custom auto-triage rules in their repository or organization.
  • Automate pull request merges using Merge Queues. Previously developers needed to manually update their pull requests prior to merging, to ensure their changes wouldn’t break the main branch. These updates would initiate a round of continuous integration checks that needed to pass before a pull request could be merged. But with merge queues, this process is automated by ensuring each pull request queued for merging is tested with other pull requests queued ahead of it.
  • Enhance the security of your code with a public beta of Secret Scanning for non-provider patterns, and an update to Code Scanning’s default setup to support all CodeQL languages.
  • GitHub Project templates are available at the organization level, allowing customers to share out and learn best practices in how to set up and use projects to plan and track their work.
  • Updated global navigation to make using and finding information better, as well as improve accessibility and performance.
  • Highlight text in markdown files with accessibility aspects in mind with the alerts markdown extension, which gives you five levels to use (note, tip, important, warning, and caution).

Release Candidates are a way for you to try the latest features early, and they help us gather feedback to
ensure the release works in your environment. They should be tested on non-production environments.
Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.12 in the release notes,
or download the release candidate now.
If you have any feedback or questions, please contact our Support team.

See more

GitHub Enterprise Server 3.11 is generally available

GitHub Enterprise Server 3.11 is now generally available.
With this version, customers have access to tools and features that provide a better understanding and visibility into the security of their code.

Highlights of this version include:

  • Scale your application security testing with code scanning's default setup, which now helps you to schedule weekly scans and deploy across your organization in just a few clicks.
  • The new Activity view makes viewing repository history much easier by showing activities like pushes, merges, force pushes, tag changes, and branch changes.
  • Prevent secret leaks with data-driven insights and new metrics on secret leak prevention in security overview.
  • A GitHub CLI extension for the Manage GitHub Enterprise Server API to interact with your GitHub Enterprise Server instance via the gh command-line interface.

To learn more about GitHub Enterprise Server 3.11 read the release notes,
or download it now.
If you have any feedback or questions, please contact our Support team.

See more

The GitHub Enterprise Server 3.11 release candidate is here

GitHub Enterprise Server 3.11 gives customers more visibility of their instance. Here are some highlights:

  • Code scanning's default setup now does even more to protect your code, by performing scans on a weekly scheudule (in addition to scanning pushes and pull requests) and allowing you to include Swift in your analysis.
  • View repository history using the new Activity view, to see repository activity like pushes, merges, force pushes, tag changes, and branch changes, and associate them with commits and users.
  • The value of secret scanning is now much more clear thanks to push protection metrics that are available in an organization's security overview pages.
  • A GitHub CLI extension for the Manage GitHub Enterprise Server API allows customers to interact with their GitHub Enterprise Server instance via the gh command-line interface.

Release Candidates are a way for you to try the latest features early, and they help us gather feedback to
ensure the release works in your environment. They should be tested on non-production environments.
Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.11 in the release notes,
or download the release candidate now.
If you have any feedback or questions, please contact our Support team.

See more

GitHub Enterprise Server 3.10 is generally available

GitHub Enterprise Server 3.10 gives customers more control over how their instance is used and run. Here are a few highlights:

  • GitHub Projects is generally available, with additions that help teams manage large projects
  • Always deploy safely, with custom deployment protection rules for GitHub Actions and new policy control over runners
  • Start finding vulnerabilities in all your repositories, in just a few clicks with a new default setup experience for GitHub Advanced Security code scanning, and track security coverage and risk at the enterprise level
  • Fine-grained personal access tokens (PATs) bring granular control to PATs
  • Branch protections meet more compliance needs with more control over merge policies
  • Backup instances faster and more incrementally, for more confident operations

If you are upgrading from Enterprise Server 3.8 then this release also includes an upgrade from MySQL 5.7 to 8, which will increase I/O utilization. Please read this page for more details on this increase and how to mitigate it if you see an unacceptable degradation of performance on your instance.

To learn more about about GitHub Enterprise Server 3.10 read the release notes,
or download it now.
If you have any feedback or questions, please contact our Support team.

See more

The GitHub Enterprise Server 3.10 release candidate is here

GitHub Enterprise Server 3.10 gives customers more control over how their instance is used and run. Here are a few highlights:

  • Code Scanning configuration can be customized per repository, allowing repository owners to decide which languages to analyze by default.
  • Fine-grained personal access tokens (PATs) are now available as a public beta on Enterprise Server, giving developers and administrators granular control over the permissions and repository access granted to a PAT.
  • Assess security risk and coverage data across all organizations in an enterprise via the Code Security tab.
  • Define who can merge pull requests, and how they are merged, to make it easier for you to meet your compliance and security goals.
  • Reduce data transfer required to backup your Enterprise Server by utilizing incremental backups of MySQL data in backup-utils v3.10.0.
  • GitHub Projects is now generally available in Enterprise Server.

If you are upgrading from Enterprise Server 3.8 then this release also includes an upgrade from MySQL 5.7 to 8, which will increase I/O utilization. Please read this page for more details on this increase and how to mitigate it if you see an unacceptable degradation of performance on your instance.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments. Here are some highlights for this release. Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.10 in the release notes, or download the release candidate now. If you have any feedback or questions, please contact our Support team.

See more

The GitHub Enterprise Server 3.9 release candidate is here

GitHub Enterprise Server 3.9 brings new capabilities to help companies create and ship secure software, more often. Here are a few highlights:

  • Autoscaling with self-hosted runners – Actions administrators can configure auto scaling self-hosted actions runners using the actions runner controller and runner scale sets.
  • The Projects public beta has seen numerous improvements – We're continuing to add more functionality to Projects in GitHub Enterprise Server, to make planning and tracking your work in GitHub even more effective.
  • REST API now has versioning – API releases will be named with the date on which they are released (for example, 2021-04-01). Users will pick what version they want to use on a request-by-request basis, and each version will be supported for two years.
  • Establishing semantic conventions for logging – As part of GitHub's gradual migration to internal semantic conventions for OpenTelemetry, we have updated many of the field names in our logging statements. This makes it clearer what each statement is referencing and allows you to troubleshoot problems quicker.

This release also includes an upgrade from MySQL 5.7 to 8, which will increase I/O utilization. Please read this page for more details on this increase and how to mitigate it if you see an unacceptable degradation of performance on your instance.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments. Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.9 in the release notes, or download the release candidate now. If you have any feedback or questions, please contact our Support team.

See more

The GitHub Enterprise Server 3.8 is generally available

GitHub Enterprise Server 3.8 brings new capabilities to help companies build and deliver secure software. We've added over 100 features, and here are a few highlights:

  • GitHub Projects, the adaptable and flexible tool for planning and tracking work on GitHub is now available on Enterprise Server as a public beta.
  • GitHub Actions support organization-wide required workflows. You can define mandated workflows to run during the lifecycle of a repository’s pipeline.
  • Code scanning now supports Kotlin. We are launching a public beta for support of Kotlin, with this support enabled for all new code scanning users and any existing users that have already configured a Java analysis.
  • The Management Console now supports multiple users. We are introducing a multi-user concept with a user management interface to the Management Console to allow admins to invite new users with different types of access roles.

To learn more about about GitHub Enterprise Server 3.8, read the release notes, and download it now.

See more

The GitHub Enterprise Server 3.8 release candidate is here

GitHub Enterprise Server 3.8 brings new capabilities to help companies build and deliver secure software, more quickly. With over 100 new features, here are a few highlights:

  • Projects, the adaptable and flexible tool for planning and tracking work on GitHub, is now available on Enterprise Server as a public beta. A project is an adaptable spreadsheet that integrates with your issues and pull requests on GitHub to help you plan and track your work effectively. You can create and customize multiple views by filtering, sorting, grouping your issues and pull requests, and adding custom fields to track metadata specific to your team. Rather than enforcing a specific methodology, a project provides flexible features you can customize to your team’s needs and processes.
  • GitHub Actions support organization-wide required workflows. You can define mandated workflows to run during the lifecycle of a repository’s pipeline. Individual development teams at the repository level will be able to see what required workflows have been applied to their repository, what actions that workflow performs, and whom to contact if they have questions.
  • Code scanning now supports Kotlin. We are launching a public beta for support of Kotlin. In this public beta Kotlin support will be enabled by default for all new code scanning users, and existing users that have already configured a Java analysis.
  • The Management Console now supports multiple users. Authentication in the management console is currently based on a single admin password. In version 3.8 we are introducing a multi-user concept with a user management interface to the Management Console which will allow admins to invite new users with different types of roles.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments. Here are some highlights for this release. Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.8 in the release notes, or download the release candidate now. If you have any feedback or questions, please contact our Support team.

See more

GitHub Enterprise Server 3.7 is now generally available. This release continues our trend of bringing new features to GitHub Enterprise Server (GHES) in record numbers. Beyond the numbers, the features in GHES 3.7 not only enable developers to build world class software every day, but also provide administrators with the tools needed to reliably run GitHub at scale.

We're making more than 70 features available, including:

  • Reusable workflows and new support for Google Cloud Storage, making it easier to build with GitHub Actions at scale.
  • Security Overview dashboard to give all security teams a single view of code risk.
  • An improved management console to keep your instance more secure than ever with automated user onboarding and offboarding.
  • New forking and repository policies, so adopting innersource best practices is easier, all while balancing auditability and project maintenance in the long term.
  • Code scanning alerts are now more collaborative and part of the flow for GitHub Advanced Security customers.

To learn more about GitHub Enterprise Server 3.7, read the release notes, and download it now.

See more

The GitHub Enterprise Server 3.7 release candidate is here

GitHub Enterprise Server 3.7 brings new capabilities to help companies build and deliver secure software, more quickly. With over 70 new features, here are a few highlights.

  • It's easier to deploy GitHub Actions, securely, at scale. Teams looking to standardise their workflows with reusable workflows will benefit from the ability to nest reusable workflows in one another, and build matrixing into reusable workflows. What's more, Actions now supports Google Cloud Storage and security teams will love our enhancements to the OIDC connection patterns for Actions to support cloud deployments at scale
  • Security teams now have a single view of their code security posture. The Security Overview page, an at-a-glance view of your code security alerts and risk, is now available to all customers. And to ensure all repositories are covered by your company's policies, administrators can now restrict new repositories to Organizations only.
  • Forking is clearer and simpler, especially for companies adopting innersource. Developers will benefit from a whole host of enhancements that make working with forks easier, including the ability to fork within an organization and fork internal repositories.
  • Code scanning alerts for GitHub Advanced Security customers are now more collaborative and relevant, with alerts now appearing in pull requests. And, you can now improve Dependabot alert and update coverage by submitting dependencies directly to the Dependency graph via an API.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments. Here are some highlights for this release. Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.7 in the release notes, or download the release candidate now. If you have any feedback or questions, please contact our Support team.

See more