Displaying authentication token data in your Enterprise audit log is generally available

GitHub Enterprise and organization owners will have improved visibility into authentication activity with the addition of authentication token data to audit logs events. Stolen and compromised credentials are the number one cause of data breaches across the industry, and now enterprise and organization owners can query their audit logs for activity associated with a specific authentication token. They will be better equipped to detect and trace activity associated with corrupt authentication tokens. This feature is generally available for GitHub Enterprise Cloud customers, and will be released to GitHub Enterprise server as part of GHES 3.8.

To learn more, read our documentation on identifying audit log events performed by an access token.

Open source maintainers can now opt-in to private vulnerability reporting, a dedicated communications channel where the community can disclose security issues directly to you on GitHub.

You can see reports sent to you under the new "Needs triage" status on your advisories list:
Screen Shot of Advisories tab

If the report is accepted, it becomes a draft security advisory. The reporter remains involved unless explicitly removed, so you can collaborate on phrasing the resulting draft advisory or fixing the issue in a private fork.

See more

GitHub Codespaces with included free usage is now rolling out to all GitHub Free and Pro accounts. Over the coming days you'll see a new option under the green "Code" button (where you are used to getting the info you need to clone a repository) that enables you to spin up and manage cloud based development environments that free you from the pain and hassle of setting up and maintaining local configurations. Until now, only Teams and Enterprise managed GitHub Organization members had access to Codespaces.

With this update, GitHub will provide each Free plan account 120 core hours, or 60 hours of run time for a 2 core codespace, plus 15 GB of storage to use each month. Pro accounts get 180 core hours and 20 GB storage per month. You can see how much included usage is remaining for your account during the current billing period on your billing page. If you use up all of your included usage, it is easy to set up a spending limit and keep working. For more details see "About billing for GitHub Codespaces."

We hope that everyone will take Codespaces for a spin, and come join us in the community discussion space to tell us your story!

See more