GitHub Upgrade – 3.0.8

Security Fixes

  • MEDIUM – Under certain circumstances, users who were removed from a team or organization could retain write access to branches they had existing pull requests opened for.

Bug Fixes

  • Users were experiencing service unavailability after upgrading due to a mismatch of internal and external timeout values.
  • References to the “Dependency graph” and “Dependabot alerts” features were shown on repositories where they were not enabled.
  • HTTP POST requests to the /hooks endpoint could fail with a 401 response due to the hookID being set incorrectly.

The update will be applied Tuesday June 1 , 2021 at 5:00PM.

Some fixes have been omitted based on relevance to NC State’s instance of GitHub Enterprise. See the complete upgrade notes at GitHub Enterprise: