GitHub Enterprise Server 3.5 has been released with more than 60 new features, and an emphasis on new capabilities for GitHub Advanced Security.
The release includes:
- Configure fine-grained permissions control for containers in their organization.
- Configure “Internal” visibility settings for containers within organizations in addition to “Private” and “Public.”
- Share data at the organization level, thereby decreasing bandwidth and storage requirements.
- Achieve tighter integrations with their Actions workflow and securely access containers from workflows via the GITHUB_TOKEN.
- Anonymously access public containers, thereby allowing customers to be able to access public containers without providing any credentials.
- Store and manage Open Container Initiative (OCI) images.
Dependabot has also bee released, and it includes:
- Dependabot alerts: alert you the moment vulnerabilities in your dependencies are detected
- Dependabot security updates: upgrades a dependency to patched version when a vulnerability is detected by opening a pull request to your repo
- Dependabot version updates: opens pull requests to keep all your dependencies up to date, decreasing your exposure to vulnerabilities and chance of getting stuck on an outdated version
