Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News GitHub Enterprise Server 3.5 Improves Security, Updates GitHub Actions, and More

GitHub Enterprise Server 3.5 Improves Security, Updates GitHub Actions, and More

This item in japanese

The latest release of GitHub Enterprise Server brings many new features with a special emphasis on security and compliance, says GitHub, including Dependabot integration, improved security features, updates to GitHub Actions, and more.

Dependabot is an automated dependency management tool that has been among the most requested features from enterprise customers, says GitHub. It consists of three services aimed to increase security by reducing the cost of managing dependency updates.

Dependabot is able to raise an alert when you check in an insecure dependency or a new vulnerability is discovered in an existing dependency. The tool is also able to automatically open a PR to update an insecure dependency to a patched version when this becomes available. Similarly, it can open a PR including all required changes to update your dependencies to their latest versions.

GitHub Enterprise Server also brings a number of new security features under the GitHub Advanced Security moniker, which is a premium service on top of GitHub Enterprise Server and GitHub Enterprise Cloud. In particular, push protection scans your repos for secrets to prevent their leakage. Secret scanning can also be run in dry-mode to preview their results before publishing.

Additionally, GitHub Advanced Security extends CodeQL capabilities including new language versions, improved performance, and better CWE coverage.

GitHub Enterprise Server 3.5 updates GitHub Actions in several ways. First and foremost, Action templates are now generally available. GitHub Action Templates make it possible to reuse workflows as if they were simple actions. So, instead of copying and pasting workflow definitions, you can refer them as a single action.

To improve performance, actions can now cache intermediate outputs and dependencies. Additionally, they offer extended control access aimed to restrict which workflows and versions can access self-hosted runners.

As a final note, GitHub Enterprise Server 3.5 includes the GitHub Container registry public beta, which enables publishing and managing containers. The latest release brings fine-grained permissions control, tighter integration with GitHub Actions, anonymous access to public containers, and support for storing an managing Open Container Initiative (OCI) images.

About the Author

Rate this Article