GitHub Actions on GitHub AE uses a new AE hosted runner, only available for GitHub AE, that enables you to customize the size, image, and networking configuration of the runners. These runners are a finished-service CI compute environment with auto-scaling and management, fully managed by GitHub. During the beta, the use AE hosted runners is free of charge. For more information, see "Adding AE hosted runners."
Please note that when GitHub Actions is enabled during this upgrade, two organizations named "GitHub Actions" (@actions and @github) will appear in your enterprise. These organizations are required by GitHub Actions. Users named @ghost and @actions appear as the actors for creation of these organizations in the audit log.
GitHub Packages is a package hosting service, natively integrated with GitHub Actions, APIs, and webhooks. Create an end-to-end DevOps workflow that includes your code, continuous integration, and deployment solutions. For more information, see "About GitHub Packages."
During this beta, GitHub Packages is free of charge to GitHub AE customers.
GitHub Advanced Security is available in beta and includes both code scanning and secret scanning. Repository administrators and organization owners can opt into Advanced Security features in the settings for a repository or organization, within the Security and analysis tab. For more information, see "About GitHub Advanced Security."
During this beta, Advanced Security features are free of charge to GitHub AE customers.
Customers using SCIM (System for Cross-domain Identity Management) can now sync security groups in Azure Active Directory with GitHub teams. Once a team has been linked to a security group, membership will be automatically updated in GitHub AE when a user is added or removed from their assigned security group. For more information, see "Synchronizing a team with an identity provider group."
Enterprise and organization owners can now use IP allow lists to restrict traffic to the enterprise or specific organizations. After you configure an IP allow list, only visitors from IP addresses on the list are permitted to access the resources protected by the list.
This functionality is provided in addition to the ability to request network security group changes that filter traffic to the entirety of the GitHub AE tenant.
For more information, see "Restricting network traffic to your enterprise" and "Managing allowed IP addresses for your organization."
With auto-merge, pull requests can be set to merge automatically when all merge requirements have been satisfied. This saves users from needing to constantly check the state of their pull requests just to merge them. Auto-merge can be enabled by a user with permission to merge and on pull requests that have unsatisfied merge requirements (like missing approvals or pending or failing required status checks). For more information, see "Automatically merging a pull request."
- Organization owners can now disable publication of GitHub Pages sites from repositories in the organization. This will not unpublish existing sites.
- Repositories that use GitHub Pages can now build and deploy from any branch.
- When writing an issue or pull request, the list syntax for bullets, numbers, and tasks will now be autocompleted after you press
- You can now delete a directory in a repository from the repository page. When navigating to a directory, a new kebab button next to the "Add file" button gives the option to delete the directory.
- It’s now easier and faster to reference issues or pull requests, with search across multiple words after the "#".
- Enterprise owners can now publish a mandatory message. The message is shown to all users and they must acknowledge it. This can be used to display important information, terms of service or policies.
- The GitHub App single file path permission can now support up to ten files.
- When configuring a GitHub App, the authorization callback URL is a required field. Now we will permit the integrator to specify multiple callback URLs. GitHub AE denies authorization if the callback URL from the request is not listed.
- A new API endpoint enables the exchange of a user to server token for a user to server token scoped to specific repositories.
- Events are now logged in the audit log on promoting a team member to be a team maintainer and on demoting a team maintainer to be a team member.
- The OAuth device authorization flow is now supported. This allows any CLI client or developer tool to authenticate using a secondary system.
- A user can no longer delete their account if SCIM provisioning is enabled.
Enterprise and organization owners can now set the default branch name for new repositories. Enterprise owners can also enforce their choice of default branch name across all organizations or allow individual organizations to choose their own. For more information, see "Enforcing repository management policies in your enterprise" and "Managing the default branch name for repositories in your organization."
Existing repositories are unaffected by these settings, and their default branch name will not be changed.
This change is one of many changes GitHub is making to support projects and maintainers that want to rename their default branch. To learn more, see github/renaming.
- Users can no longer set a backup email address on their profile. Their email address is set through the IdP only.
- You can no longer enable two-factor authentication after configuring authentication through your IdP.
- GitHub AE can now connect to Azure Boards.
- Version headers were missing from the APIs, and have now been set to "GitHub AE."
- Links to documentation have been fixed.
- Configuration of audit log forwarding within the enterprise's settings was failing.
- Navigating to gists could result in a 500 error.
- The Support email or URL was failing to save. It now saves after a period of a few minutes.
- Organization level pull request templates were not being applied to all pull requests in the organization.
- Geographic location data is not shown in the audit log. Location information can otherwise be discerned from the IP address associated with each event.
- The link to GitHub Packages from a repository page shows an incorrect search page when that repository does not have any packages.