GitHub Enterprise Server 3.5 now available You can also access the container registry and add Dependabot. It provides enhanced admin capabilities as well as GitHub Advanced Security capabilities.
Version 3.5 adds 60 new features. Security is a key concern for developers. Before you can use the code, it is essential to “cleanse” it. This will help prevent open-source software bugs.
GitHub Advanced Security customers now have the ability to block pushes containing secrets. Push protection scans highly identifiable secrets at a false negative rate of 1%. Developers have the choice of reviewing the identified secrets and removing them or bypassing the block, if necessary. See “Protecting pushes using secret scanning” for more information.
CodeQl makes it easy for developers to create secure applications. This tool scans code for known security flaws. Version 3.5 is faster and can detect more types of security flaws.
Secure data is another feature. The platform can automatically block secure data if it detects that code contains sensitive information such as encryption keys. Developers can use the platform to verify that their applications comply with cybersecurity best practices. This platform uses data from CodeOL, Dependabot, and 41 additional metrics.
Github has recently informed told Australian tech news blog that customers can now access a security overview at both the organization and enterprise levels. Security overview aggregates security results from both alert-centric and repo-centric views. This includes code scanning and secret scanning.
New GitHub Enterprise Server Statistics
To help customers understand how they use GitHub Enterprise, 41 metrics can be gathered by GitHub Enterprise. These metrics give insight into user usage and help understand how teams function.
Security Audit Logs
Along with existing audit log events, git.clone.git.fetch.git.push. will be available for search via UI, export via JSON/CSV and search via API and streaming. The audit log will allow customers to see more information about their CLI activity and UI activity. Customers will be better equipped for meeting compliance and security requirements.
Which other items are included?
Securely access containers using workflows using GITHUB_TOKEN for tighter integration with your Actions workflow.
- Customers can access public containers anonymously.
- Images from the Open Container Initiative (OCI) can be managed and stored.
- You can create fine-grained permissions that allow you to manage containers within your company.
You can also configure visibility settings for containers within an organization, including “Internal”, “Private”, or “Public”.
Data sharing at the organisational level reduces bandwidth and storage requirements.
To ensure that it can continue to serve production traffic, they have added a maintenance option GitHub Enterprise Server. Administrators can restrict access to certain IP addresses with this modification.
The Upgrade assistant is available for those who are currently using GitHub Enterprise Server version. It can help determine the best upgrade path to your preferred version.