GitHub Actions:OpenID Connect support enhanced to enable secure cloud deployments at scale

OpenID Connect (OIDC) support in GitHub Actions enables secure cloud deployments using short-lived tokens that are automatically rotated for each deployment.

You can now use the enhanced OIDC support to configure the subject claim format within the OIDC tokens, by defining a customization template at either org or repo levels. Once the configuration is completed, the new OIDC tokens generated during each deployment will follow the custom format.

This enables organization & repository admins to standardize OIDC configuration across their cloud deployment workflows that suits their compliance & security needs.

Learn more about Security hardening your GitHub Workflows using OpenID Connect.

You can now retrieve all your Dependabot alerts at the GitHub organization level via the REST API. This new API endpoint supplements the recently introduced Dependabot alerts REST API and Dependabot alerts webhook.

This API is available on GitHub.com starting today and will also be available to GitHub Enterprise Server (GHES) users starting with version 3.8.

For more information, see Dependabot alerts in the REST API reference or learn more about Dependabot alerts in our documentation.

See more

🧹 Keep your project tidy with auto-archive

As long-lived projects accumulate items over time, many users set aside time to archive old items to keep their projects focused on what matters most. Today we are introducing the public beta of a new workflow to archive items automatically so that you can get back to the things that matter!

Configure which items you’d like to archive by heading to the Workflow page, selecting Auto-archive items, and updating the filter. We support is, reason, and last-updated, and you can verify archived items by copying the filter query into a table view.

Set it up today to spend less time on pruning projects and let us know what you think in Discussions!

⚙️ Configure board column visibility

In addition to auto-hiding board columns with filters to customize your view, you can now hide a column directly from the column menu to populate the filter bar and configure which board columns are visible.

This can also be configured through the + menu, so you can now easily toggle which columns are shown or hidden on the view in addition to adding a new column.

✨ Bug fixes & improvements

Other changes include:

  • Adding hovercard functionality for links in the side panel
  • Fixed a bug that didn’t allow for assignees to be copy/pasted into a field for draft issues

See how to use GitHub for project planning with GitHub Issues, check out what’s on the roadmap, and learn more in the docs.

See more