Get repository security advisories for your organization via REST API

As an organization owner or member of the security manager role, you can now use the repository security advisories REST API to get all repository security advisories across your organization.

Learn more about repository security advisories.

Users can enable push protection for themselves

Secret scanning's push protection feature prevents supported secrets from being pushed into repositories, and has to date been enabled at the repository, organization, or enterprise level.

Now, everyone across GitHub can enable push protection for themselves within your individual settings. This ensures your pushes are protected whenever you push to a public repository on GitHub, without relying on that repository to have push protection enabled.

To opt in, go to the "Code security and analysis" section of your personal settings. Next to "Push protection for yourself", click Enable.

GitHub will enable push protection for all GitHub Free individuals by default in January, 2024.

See more

Sudo mode now applies to the administrator account for an Enterprise Managed User enterprise

The administrator account (ending in _admin) of Enterprise Managed User enterprises is now required to enter sudo mode before taking sensitive actions. As with standard user accounts, the administrator must provide their password or a second factor credential to enter sudo mode.

Sudo mode is a GitHub security feature that validates the user's session before they perform a sensitive action, like creating a personal access token, deleting an organization, or updating their credentials.

Until now this mode was disabled for all Enterprise Managed Users (EMUs), as they had no credentials on GitHub.com and therefore could not provide one for the sudo mode prompt. As a result, EMU accounts are able to take sensitive actions without being asked for a credential. However, the admin for the EMU enterprise does have credentials on GitHub.com and will now be asked for them before taking sensitive actions.

For more information about sudo mode, see "Sudo mode". To learn more about Enterprise Managed Users, see "About Enterprise Managed Users".

See more
View all changes