To ensure that the Actions runners are truly ephemeral and more secure, we are now limiting execution timeouts on self hosted jobs to 5 days. If a job reaches this limit, the job is terminated and fails to complete.
Advanced filtering capabilities for the security overview dashboard
Today, we’re releasing security tool-specific filters for the security overview dashboard and secret scanning metrics page.
Have you ever wondered, “How well is my organization handling SQL injections?” or “How quickly are we responding to [partner name] secret leaks?” Maybe you’re curious about the pace of updating your npm
dependencies. Well, wonder no more!
With our new security tool filters, you can tailor your search to the exact details you’re curious about, giving you a more focused and relevant report for your needs.
Discover the new filters that are designed to transform your security analysis:
- Dependabot filters: Zero in on a specific ecosystem, package, and dependency scope.
- CodeQL/third-party filters: Drill down to the rule that matters most to you.
- Secret scanning filters: Get granular with filters for secret type, provider, push protection bypassed status and validity.
These features are now available as a public beta on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.14.
Learn more about security overview and send us your feedback
Secret scanning is expanding coverage to GitHub wiki content. If secret scanning is enabled for your repository, you’ll automatically begin to receive alerts for newly introduced secrets found in your GitHub wiki.
Publicly leaked secrets in GitHub wikis will also be sent to secret scanning partners participating in the secret scanning partner program.
Share feedback or learn more
Sign up for a 60 minute feedback session on secret scanning and be compensated for your time.
Learn how to secure your repositories with secret scanning or become a secret scanning partner.