GitHub Upgrade – 3.1.0/3.1.1

UPDATE: The 3.1.1 patch has released, so we will be upgrading to 3.1.1 instead of 3.1.0. The 3.1.1 upgrade is a bugfix patch. See the bugfixes section for more details on what this patch fixes.

The 3.1.0 upgrade is a Feature release, with improvements to the Dependabot alerts, Pull Request Auto Merge, and more!

Additionally, this patch appears to have fixed the permissions bug with GitHub Actions, and so we will be enabling Actions for those who have requested access to pilot the feature. If you’d like to have your organization included in the pilot program, please send the organization name in a request to github@help.ncsu.edu.

Features

  • Dependabot Improvements
  • Workflow Visualizations for GitHub Actions
    • View and understand complex workflows
    • Track progress of workflows in real-time
    • Troubleshoot runs quickly by easily accessing logs and jobs metadata
    • Monitor progress of deployment jobs and easily access deployment targets
    • For more information, see “Using the visualization graph.”
  • OAuth 2.0 Device Authorization Grants
    • OAuth 2.0 Device Authorization Grant allows any CLI client or developer tool to authenticate using a secondary system with a browser.
    • Administrators using OAuth Apps and GitHub Apps can enable and configure OAuth 2.0 Device Authorization Flow, in addition to the existing Web Application Flow.
  • Pull Request Automerge
    • With auto-merge, pull requests can be set to merge automatically when all merge requirements have been satisfied. This saves users from needing to constantly check the state of their pull requests just to merge them. Auto-merge can be enabled by a user with permission to merge and on pull requests that have unsatisfied merge requirements. For more information, see “Automatically merging a pull request.”
  • Filtering for GitHub Mobile
    • GitHub for mobile filtering allows you to search for and find issues, pull requests, and discussions from your device. New metadata for issues and pull request list items allow you to filter by assignees, checks status, review states, and comment counts.

Changes

  • By precomputing checksums, the amount of time a repository is under the lock has reduced dramatically, allowing more write operations to succeed immediately and improving monorepo performance.
  • GitHub Actions now supports skipping push and pull_request workflows by looking for some common keywords in your commit message.
  • Check annotations older than four months will be archived.
  • SARIF upload support increased to a maximum of 5000 results per upload.
  • You can specify multiple callback URLs while configuring a GitHub App. This can be used in services with multiple domains or subdomains. GitHub will always deny authorization if the callback URL from the request is not in the authorization callback URL list.
  • The GitHub App file permission has been updated to allow an app developer to specify up to 10 files for read-only or read-write access that their app can request access to.
  • When configuring a GitHub App, the authorization callback URL is a required field. Now, we allow the developer to specify multiple callback URLs. This can be used in services with multiple domains or subdomains. GitHub will always deny authorization if the callback URL from the request is not in the authorization callback URL list.
  • Delete an entire directory of files, including subdirectories, from your web browser. For more information, see “Deleting a file or directory.”
  • Include multiple words after the # in an issue, discussion, or pull request comment to further narrow your search.
  • When you’re writing an issue, pull request, or discussion comment the list syntax for bullets, numbers, and tasks autocompletes after you press return or enter.

Bug Fixes

  • After upgrading, a mismatch of internal and external timeout values created service unavailability.
  • References to the “Dependency graph” and “Dependabot alerts” features were not shown as disabled on some repositories.
  • Setting an announcement in the enterprise account settings could result in a 500 Internal Server Error.
  • HTTP POST requests to the /hooks endpoint could fail with a 401 response due to an incorrectly configured hookID.

Bug Fixes (3.1.1)

  • SVN 1.7 and older clients showed an error when using the svn co and svn export commands.
  • After upgrading, users experienced reduced availability during heavy usage, because services restarted too frequently. This would occur due to timeout mismatches between the nomad configuration and that of the internal services.

The update will be applied Monday June 14th , 2021 at 5:00PM.

See the complete upgrade notes at GitHub Enterprise:
https://docs.github.com/en/enterprise-server@3.1/admin/release-notes#3.1.0
https://docs.github.com/en/enterprise-server@3.1/admin/release-notes#3.1.1