Code scanning adds support for C# 11 / .NET 7

GitHub Code Scanning now supports scanning projects built with C#11 / .NET 7 and leveraging the latest language features.

These features include:

  • Generic attributes
  • Generic math support
  • Numeric IntPtr and UIntPtr
  • Newlines in string interpolations
  • List patterns
  • Improved method group conversion to delegate
  • Raw string liters
  • Auto-default struct
  • Pattern match Span or ReadOnlySpan on a constant string
  • Extended nameof scope
  • UTF-8 string literals
  • Required members
  • ref fields and ref scoped variables
  • File scoped types

C# 11 / .NET 7 support is available by default in GitHub.com code scanning, the CodeQL CLI, and the CodeQL extension for VS Code.

GitHub Enterprise Cloud customers can now join a public beta for streaming API request events as part of their enterprise audit log.

As part of this beta, REST API calls against enterprise's private and internal repositories can be streamed to one of GitHub's supported streaming endpoints.
image (4)

Note: hashed_token and token_id have been redacted for security reasons.

Many GitHub users leverage GitHub's APIs to extend and customize their GitHub experience. However, use of APIs can create unique security and operational challenges for Enterprises. With the introduction of targeted audit log streaming API requests, enterprise owners are now able to:

  • Better understand and analyze API usage targeting their private and internal repositories;
  • Identify and diagnose potentially misconfigured applications or integrations;
  • Identify the authentication tokens being used by specific applications or integrations;
  • Troubleshoot API contributing to API rate limiting;
  • Leverage API activity when performing forensic investigations; and
  • Develop API specific anomaly detection algorithms to identify potentially malicious API activity.

Enterprise owners interested in the public beta can follow the instructions in our docs for enabling audit log streaming of API requests. Once enabled, you should begin seeing API request events in your audit log stream. Feedback can be provided at our beta feedback community discussion post.

See more

You can now filter by repository topic or team on the organization-level Dependabot, code scanning, and secret scanning pages in security overview.

Dependabot page filtered by repository topic and showcasing team drop-down

These improvements have shipped to GitHub.com and will be available in GitHub Enterprise Server 3.9.

Learn more security overview and send us your feedback

Learn more about GitHub Advanced Security

See more