📣 这不是 Enterprise Server 的最新版本。 请使用最新版本获取最新的安全性、性能和 bug 修复程序。
Packages have been updated to the latest security versions.
After a site administrator adjusted the cutoff date for allowing SSH connections with RSA keys using ghe-config app.gitauth.rsa-sha1, the instance would still disallow connections with RSA keys if the connection attempt was signed by the SHA-1 hash function.
During the validation phase of a configuration run, a No such object error may have occurred for the Notebook and Viewscreen services.
When enabling automatic TLS certificate management with Let's Encrypt, the process could fail with the error The certificate is not signed by a trusted certificate authority (CA) or the certificate chain in missing intermediate CA signing certificates.
In some cases, users were unable to convert existing issues to discussions. If an issue is stuck while being converted to a discussion, enterprise owners can review the "Known issues" section below for more information.
When a timeout occurs during diff generation, such as when a commit displays an error that the diff is taking too long to generate, the push webhook event will deliver empty diff information. Previously, the push webhook event would fail to be delivered.
On a freshly set up GitHub Enterprise Server instance without any users, an attacker could create the first admin user.
Custom firewall rules are removed during the upgrade process.
Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters.
When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
The GitHub Packages npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.
Actions services need to be restarted after restoring an instance from a backup taken on a different host.
In a repository's settings, enabling the option to allow users with read access to create discussions does not enable this functionality.
In some cases, users cannot convert existing issues to discussions.
Custom patterns for secret scanning have .* as an end delimiter, specifically in the "After secret" field. This delimiter causes inconsistencies in scans for secrets across repositories, and you may notice gaps in a repository's history where no scans completed. Incremental scans may also be impacted. To prevent issues with scans, modify the end of the pattern to remove the .* delimiter.
Following an upgrade to GitHub Enterprise Server 3.6 or later, existing inconsistencies in a repository such as broken refs or missing objects, may now be reported as errors like invalid sha1 pointer 0000000000000000000000000000000000000000, Zero-length loose reference file, or Zero-length loose object file. Previously, these indicators of repository corruption may have been silently ignored. GitHub Enterprise Server now uses an updated Git version with more diligent error reporting enabled. For more information, see this upstream commit in the Git project.