Code scanning default setup on the security coverage page (public beta)

Code scanning default setup can now be easily enabled for a single repository from the slide-out panel on your organization's "Security Coverage" page, without needing to navigate to the repository's "Settings" tab.

The feature automatically detects the languages in your repository and enables analysis for pull requests and pushes, without requiring you to commit a workflow file. Default setup currently supports JavaScript, Python, and Ruby, with more languages to come. The feature is available for repositories using GitHub Actions and can be accessed by organization owners, repository administrators and security managers. Expect one-click enablement functionality for all organization repositories to be rolled out next.

This has shipped as a public beta to GitHub.com and will be available in GitHub Enterprise Server 3.9.

code scanning on the slide-out enablement panel on the security coverage page

Learn more about automatically setting up code scanning for a repository and send us your feedback

Learn more about GitHub Advanced Security

Rich diffs of Jupyter Notebook files in pull requests are now available in preview. With the feature preview enabled, you can compare cell-level inputs and outputs (including images), as well as notebook and cell metadata, thanks to nbdime. Check it out:

image

The rich diff functionality will need to be enabled via the Feature Preview menu found when clicking on your avatar. Click here to learn more about feature previews and how to enable it. Please note that this is an early-access feature and there are some limitations; most notably, you cannot currently comment on lines in rich diff mode and will need to toggle the source diff to do so.

We'd love to hear from you! Once you try it out, let us know what you think in this feedback discussion. Stay tuned for future updates!

Note: If you were previously enrolled in the private beta for this feature and no longer see rich diffs, you may have to re-enable the feature preview via the menu.

See more

GitHub Actions Importer is now generally available to all GitHub users. You can now easily plan, forecast, and automate migrations from Azure DevOps, CircleCI, GitLab, Jenkins, and Travis CI to GitHub Actions. GitHub Actions Importer is a free extension of the official GitHub CLI and provides you with the confidence to migrate your CI/CD pipelines to continue delivering software efficiently.

gh-actions-importer

For details on how to get started, please check out our documentation. For questions and feedback, visit the GitHub Actions Importer community.

See more