Notes

GitHub Enterprise Server Adds Code Security, Automation Features

What is Git? Control of version is vital for collaborative programming



Home Software Development GitHub



GitHub Enterprise Server adds code security, automation capabilities



Update to the software used by GitHub for managing repositories on private servers features GitHub Container Registry access Dependabot security alerts, updates, and reusable workflows.



By Paul Krill



Editor at Large, InfoWorld |



GitHub Enterprise Server 3.5, the most recent version of GitHub's software for hosting and managing repositories on private servers, adds new security features to code as well as new automation capabilities and access to the GitHub Container Registry that is now available in public beta.



GitHub Enterprise Server 3.5 will be available on May 31. It can be accessed through the GitHub Enterprise website. Access to the GitHub Container Registry is now accessible through the management console. Developers can configure the fine-grained permissions controls for containers and internal visibility settings for containers within organizations in addition to Private and Public. Also, data can be shared at an organizational level, reducing storage and bandwidth requirements. Developers can also securely access containers using workflows that use GITHUB_TOKEN.



[ Also on InfoWorld: The GitHub Copilot preview offers hope



GitHub Enterprise Server 3.5 makes full use of Dependabot automated dependency updates. Dependabot provides three services: Alerts to alert users when vulnerabilities in dependencies are discovered Security Updates to upgrade a dependency when the vulnerability is discovered by opening pull requests in a repo. Version updates to keep all dependencies current and reduce vulnerability exposure.



Other features of GitHub Enterprise Server 3.5 include:



- Anonymous access to public containers which allows users to gain access to these containers without revealing credentials. - The audit log now includes Git Events. - Management and storage of Open Container Initiative (OCI), images. GitHub Advanced Security users can now block pushes that contain secrets. They can access both an enterprise and organization-level security overview. - A new option for maintaining settings keeps GitHub Enterprise Server in a healthy state to serve production traffic after operational changes while in maintenance mode. Administrators can limit access to the appliance to a restricted number of IP addresses. - Users can collect 41 GitHub Enterprise Server metrics that let them see how they use the platform. GitHub Actions now offers reusable workflows. They were previously called templates. GitHub Actions allows users to save intermediate outputs and dependencies to workflows. This helps to make workflows more efficient.
Serverlist101

My Website: https://www.serverlist101.com/