GitHub Enterprise Server 3.3 RC showcases security enhancements

By Daniel Robinson
-
GitHub Enterprise Server 3.3 RC showcases security enhancements

GitHub has made available a release candidate for GitHub Enterprise Server 3.3, previewing the changes in the upcoming release such as a new webhook for GitHub Actions and enhancements to security and the user interface.

GitHub Enterprise Server is a self-contained instance of GitHub that can be deployed on premises or in the cloud as a virtual appliance. According to the firm, the upcoming release will deliver some much-anticipated improvements to CI/CD and security.

On the security side, release 3.3 adds a security manager role, enabling security professionals to manage security alerts and settings organisation-wide, as well as giving them read permission for all repositories in the organisation. Those allocated the security manager role also have access to the organisation-level security tab and the ability to change security settings at the organisation and repository levels.

Another security enhancement is the option to set an expiration date for personal access tokens. This feature will allow users to request renewal of tokens via email. These can easily be regenerated with the same properties as the original, according to GitHub. When a personal access token is used with the GitHub API, a new GitHub-Authentication-Token-Expiration header is included in the response, which indicates the token’s expiration date.

CodeQL, part of GitHub Advanced Security, continues to expand support for more libraries and frameworks. According to GitHub, CodeQL can now detect more potential sources of untrusted user data, the steps through which that data flows, and potentially dangerous sinks where the data may end up.

Another change helps developers who desire each job to be run on a new, clean environment. This is delivered through support for ephemeral (single job) runners and a new workflow_job webhook, which makes it easier to register, de-register and automatically scale runners.

A small tweak to the user interface is a new high contrast dark theme, adding a contrasting edge to features in dark mode, which was itself added in the last release of GitHub Enterprise Server.

GitHub Enterprise Server 3.3 release candidate is available for download now, but should be tested in a non-production environment, GitHub warns. The release notes are also available from GitHub.

New C# 12 feature proves controversial: Primary constructors 'worst feature I've ever seen implement...
Node 22 released with experimental support for require targeting ECMAScript modules and more
Visual Studio analysed: will it ever migrate from .NET Framework?
Dapr: not just for Kubernetes or the Microsoft platform, says co-creator Mark Fussell
AWS combines "building block" blueprints with CodeCatalyst for rapid project creation including DevO...
Sourcegraph coding assistant now supports Anthropic Claude 3 – though limited to 7K token input
Supabase moves out of beta, adds supports for Swift, plugs in Oriole storage engine
Go dev survey shows frustration with Python’s dominance of AI
React Native and why Microsoft uses it for its own cross-platform development
AI coding: Hugging Face engineer extols benefits of open source models, but hard questions remain
Meta based its Threads on Instagram to ship it quickly – and now has to unpick it
VS Code updated with test coverage API, fixed floating windows, TypeScript 5.4 and more