GitHub Enterprise Server Adds Code Security, Automation Features

What is Git? Version control for collaborative programming

Home Software Development GitHub

GitHub Enterprise Server offers code security and automation capabilities

Update to GitHub's software for managing repositories on private servers features GitHub Container Registry access as well as Dependabot security alerts and updates, as well as workflows that can be reused.
Wow servers

By Paul Krill

Editor at Large, InfoWorld |

GitHub Enterprise Server 3.5, the latest version of the software used by GitHub for hosting and managing repositories on private servers, adds new security features to code, new automation capabilities, and access to the GitHub Container Registry that is now in public beta.

GitHub Enterprise Server 3.5 will be generally available May 31. It can be accessed from the GitHub Enterprise website. With this version access to the GitHub Container Registry can be enabled through the management console. Developers can customize the fine-grained permissions controls for containers, as well as internal visibility settings for containers within organizations in addition to Private and Public. Data can be shared at the organizational level, which reduces the bandwidth and storage requirements. Developers can also securely access containers through workflows using GITHUB_TOKEN.

[ Also on InfoWorld: The GitHub Copilot preview gives us hope ]

GitHub Enterprise Server 3.5 fully takes advantage of Dependabot automated dependency updates. Dependabot comprises three services: alerts to notify users when vulnerabilities are found in dependencies. security updates, to update the dependency to a patched version when vulnerabilities are discovered by making a pull request on a repo and then version updates to ensure that all dependencies are up-to-date and minimize vulnerability.

Other features of GitHub Enterprise Server 3.5 include:

- Anonymous access to public containers, allowing users to access these containers without requiring credentials. The audit log now contains Git events. - Management and storage of Open Container Initiative (OCI), images. - GitHub Advanced Security users now can block pushes that include secrets. They have access to both an organization-level and enterprise-level security overview. GitHub Enterprise Server can now be kept in a healthy condition so that production traffic can continue to flow even after changes to the operational. Administrators can limit access to the appliance to a certain number of IP addresses. Users can track 41 GitHub Enterprise Server metrics to see how they use the platform. Reusable workflows that are part of GitHub Actions, formerly known as templates, are now generally available. GitHub Actions allows users to save intermediate outputs and dependencies to workflows. This makes jobs faster.