GitHub has made available a release candidate for GitHub Enterprise Server 3.3, previewing the changes in the upcoming release such as a new webhook for GitHub Actions and enhancements to security and the user interface.
GitHub Enterprise Server is a self-contained instance of GitHub that can be deployed on premises or in the cloud as a virtual appliance. According to the firm, the upcoming release will deliver some much-anticipated improvements to CI/CD and security.
On the security side, release 3.3 adds a security manager role, enabling security professionals to manage security alerts and settings organisation-wide, as well as giving them read permission for all repositories in the organisation. Those allocated the security manager role also have access to the organisation-level security tab and the ability to change security settings at the organisation and repository levels.
Another security enhancement is the option to set an expiration date for personal access tokens. This feature will allow users to request renewal of tokens via email. These can easily be regenerated with the same properties as the original, according to GitHub. When a personal access token is used with the GitHub API, a new GitHub-Authentication-Token-Expiration header is included in the response, which indicates the token’s expiration date.
CodeQL, part of GitHub Advanced Security, continues to expand support for more libraries and frameworks. According to GitHub, CodeQL can now detect more potential sources of untrusted user data, the steps through which that data flows, and potentially dangerous sinks where the data may end up.
Another change helps developers who desire each job to be run on a new, clean environment. This is delivered through support for ephemeral (single job) runners and a new
workflow_job webhook, which makes it easier to register, de-register and automatically scale runners.
A small tweak to the user interface is a new high contrast dark theme, adding a contrasting edge to features in dark mode, which was itself added in the last release of GitHub Enterprise Server.