GitHub version 3.2.0 is a feature release which includes a new dark mode, SSH Authentication with Security Keys and GitHub Actions Environments. It also includes multiple updates to markdown, repositories, GitHub Actions and more.
Features
- DARK AND DARK DIMMED THEMES
- Dark and dark dimmed themes are now available for the web UI. GitHub Enterprise Server will match your system preferences when you haven’t set theme preferences in GitHub Enterprise Server. You can also choose which themes are active during the day and night. For more information, see “Managing your theme settings.”
- SSH AUTHENTICATION WITH SECURITY KEYS
- SSH authentication using a FIDO2 security key is now supported when you add a
sk-ecdsa-sha2-nistp256@openssh.com
orsk-ssh-ed25519@openssh.com
SSH key to your account. SSH security keys store secret key material on a separate hardware device that requires verification, such as a tap, to operate. For more information, see “Generating a new SSH key and adding it to the ssh-agent.”
- SSH authentication using a FIDO2 security key is now supported when you add a
- GITHUB ACTIONS ENVIRONMENTS
- Environments, environment protection rules, and environment secrets are now generally available for GitHub Actions on GitHub Enterprise Server. For more information, see “Environments.”
Changes
- TOKEN CHANGES
- The format of authentication tokens for GitHub Enterprise Server has changed. The change affects the format of personal access tokens and access tokens for OAuth Apps, as well as user-to-server, server-to-server, and refresh tokens for GitHub Apps.The different token types now have unique identifiable prefixes, which allows for secret scanning to detect the tokens so that you can mitigate the impact of someone accidentally committing a token to a repository. GitHub recommends updating existing tokens as soon as possible. For more information, see “About authentication to GitHub” and “About secret scanning.”
- REPOSITORIES CHANGES
- Repositories on user profiles and organization profiles now support sorting by star count.
- When viewing the commit history of a single file, you can now click to view that file at the selected point in history.
- When a submodule is defined with a relative path in your GitHub Enterprise Server instance, the submodule is now clickable in the web UI. For more information about working with submodules, see Working with submodules on the GitHub Blog.
- The web UI can now be used to synchronize an out-of-date branch of a fork with the fork’s upstream branch. For more information, see “Syncing a fork.”
- MARKDOWN CHANGES
- The markdown editor used when creating or editing a release in a repository now has a text-editing toolbar. For more information, see “Managing releases in a repository.”
- Uploading video files is now supported everywhere you write Markdown on GitHub Enterprise Server. For more information, see “Attaching files.”
- Markdown files will now automatically generate a table of contents in the header when there are 2 or more headings. The table of contents is interactive and links to the selected section. All 6 Markdown heading levels are supported.
- There is a new keyboard shortcut,
cmd+e
on macOS orctrl+e
on Windows, to insert codeblocks in Markdown files, issues, pull requests, and comments. - Appending
?plain=1
to the URL for any Markdown file will now display the file without rendering and with line numbers. The plain view can be used to link other users to specific lines. For example, appending?plain=1#L52
will highlight line 52 of a plain text Markdown file. For more information, “Creating a permanent link to a code snippet.”
- ISSUES AND PULL REQUESTS CHANGES
- With the latest version of Octicons, the states of issues and pull requests are now more visually distinct so you can scan their status more easily. For more information, see the GitHub Blog.
- A new “Require conversation resolution before merging” branch protection rule and “Conversations” menu is now available. For more information, see “About pull request reviews” and “About protected branches.”
- To prevent the merge of unexpected changes after auto-merge is enabled for a pull request, auto-merge is now disabled automatically when new changes are pushed by a user without write access to the repository. For more information about auto-merge, see “Automatically merging a pull request.”
- People with maintain permissions can now manage the repository-level “Allow auto-merge” setting. For more information, see “Managing auto-merge for pull requests in your repository.”
- The assignees selection for issues and pull requests now supports type ahead searching so you can find users in your organization faster. Additionally, search result rankings have been updated to prefer matches at the start of a person’s username or profile name.
- When a review is requested from a team of more than 100 people, developers are now shown a confirmation dialog box in order to prevent unnecessary notifications for large teams.
- Back-tick
code blocks
are now supported in issue titles, pull request titles, and in any place issue and pull request titles are referenced in GitHub Enterprise Server. - Events for pull requests and pull request reviews are now included in the audit log for both enterprises and organizations. For more information, see “Reviewing the audit log for your organization.”
- BRANCHES CHANGES
- The default branch name for new repositories is now
main
. Existing repositories are not impacted by this change. If users, organization owners, or enterprise owners have previously specified a default branch for new repositories, they are also not impacted.If you want to set a different default branch name, you can do so in the user, organization, or enterprise settings. - Branches, including the default branch, can now be renamed using the the GitHub Enterprise Server web UI. When a branch is renamed, any open pull requests and draft releases targeting the renamed branch will be retargeted automatically, and branch protection rules that explicitly reference the renamed branch will be updated.Admin permissions are required to rename the default branch, but write permissions are sufficient to rename other branches.To help make the change as seamless as possible for users:
- A notice is shown to contributors, maintainers, and admins on the repository homepage with instructions for updating their local repository.
- Web requests to the old branch will be redirected.
- A “moved permanently” HTTP response will be returned to REST API calls.
- An informational message is displayed to Git command line users that push to the old branch.For more information, see “Renaming a branch.”
- The default branch name for new repositories is now
- GITHUB ACTIONS CHANGES
- GitHub Actions now lets you control the permissions granted to the
GITHUB_TOKEN
secret. For more information, see “Authentication in a workflow.” - GitHub CLI 1.9 and later allows you to work with GitHub Actions in your terminal. For more information, see the GitHub changelog.
- The audit log now includes events associated with GitHub Actions workflow runs. For more information, see “Reviewing the audit log for your organization.”
- Performance improvements have been made to GitHub Actions, which may result in higher maximum job throughput. For more information on job throughput with internally-tested CPU and memory configurations, see “Getting started with GitHub Actions for GitHub Enterprise Server.”
- GitHub Actions now lets you control the permissions granted to the
- GITHUB PACKAGES CHANGES
- Any package or package version for GitHub Packages can now be deleted from GitHub Enterprise Server’s web UI. You can also undo the deletion of any package or package version within 30 days. For more information, see “Deleting and restoring a package“.
- CODE SCANNING AND SECRET SCANNING CHANGES
- Code scanning with CodeQL now generates diagnostic information for all supported languages. This helps check the state of the created database to understand the status and quality of performed analysis. The diagnostic information is available starting in version 2.5.6 of the CodeQL CLI. You can see the detailed diagnostic information in the GitHub Actions logs for CodeQL. For more information, see “Viewing code scanning logs.”
- Code scanning with CodeQL CLI now supports analyzing several languages during a single build. This makes it easier to run code analysis to use CI/CD systems other than GitHub Actions. The new mode of the
codeql database create
command is available starting version 2.5.6 of the CodeQL CLI. For more information about setting this up, see “Installing CodeQL CLI in your CI system.” - Code scanning alerts from all enabled tools are now shown in one consolidated list, so that you can easily prioritize across all alerts.
- Code scanning with CodeQL now includes beta support for analyzing C++20 code. This is only available when building codebases with GCC on Linux. C++20 modules are not supported yet.
- The depth of CodeQL’s analysis has been improved by adding support for more libraries and frameworks and increasing the coverage of our existing library and framework models for several languages (C++, JavaScript, Python, and Java). For more information, see the GitHub changelog.
- Code scanning now shows
security-severity
levels for CodeQL security alerts. For more information see “Defining which alert severity levels cause pull request check failure.” - Improvements to the branch filter for code scanning alerts make it clearer which code scanning alerts are being displayed on the alerts page.
- Free text search is now available for code scanning alerts.
- Secret scanning added patterns for 23 new service providers. For the updated list of supported secrets, see “About secret scanning.”
- API CHANGES
- Pagination support has been added to the Repositories REST API’s “compare two commits” endpoint, which returns a list of commits reachable from one commit or branch, but unreachable from another. The API can also now return the results for comparisons over 250 commits. For more information, see the “Repositories” REST API documentation and “Traversing with pagination.”
- The REST API can now be used to programmatically resend or check the status of webhooks. For more information, see “Repositories,” “Organizations,” and “Apps” in the REST API documentation.
The update will be applied Monday October 4, 2021 at 5:00 PM EDT.
See the complete upgrade notes on the GitHub Enterprise site: https://docs.github.com/en/enterprise-server@3.2/admin/release-notes#3.2.0