Skip to content

/ Blog

Try GitHub Copilot Contact sales

AI & ML
- AI & ML
  Learn about artificial intelligence and machine learning across the GitHub ecosystem and the wider industry.
  - Generative AI
    Learn about and how to build with generative AI.
  - GitHub Copilot
    Change how you work with GitHub Copilot.
  - LLMs
    Everything developers need to know about LLMs.
  - Machine learning
    Machine learning tips, tricks, and best practices.
- How AI code generation works
  Explore the capabilities and benefits of AI code generation and how it can improve your developer experience.
  Learn more
Developer skills
- Developer skills
  Resources for developers to grow in their skills and careers.
  - Application development
    Insights and best practices for building apps.
  - Career growth
    Tips & tricks to grow as a professional developer.
  - GitHub
    Improve how you use GitHub at work.
  - GitHub Education
    Learn how to move into your first professional role.
  - Programming languages & frameworks
    Stay current on what’s new (or new again).
- Get started with GitHub documentation
  Learn how to start building, shipping, and maintaining software with GitHub.
  Learn more
Engineering
- Engineering
  Get an inside look at how we’re building the home for all developers.
  - Architecture & optimization
    Discover how we deliver a performant and highly available experience across the GitHub platform.
  - Engineering principles
    Explore best practices for building software at scale with a majority remote team.
  - Infrastructure
    Get a glimpse at the technology underlying the world’s leading AI-powered developer platform.
  - Platform security
    Learn how we build security into everything we do across the developer lifecycle.
  - Scripting & automation
    How GitHub engineers use scripting and automation.
  - User experience
    Find out what goes into making GitHub the home for all developers.
- How we use GitHub to be more productive, collaborative, and secure
  Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.
  Learn more
Enterprise software
- Enterprise software
  Explore how to write, build, and deploy enterprise software at scale.
  - Automation
    Automating your way to faster and more secure ships.
  - CI/CD
    Guides on continuous integration and delivery.
  - Collaboration
    Tips, tools, and tricks to improve developer collaboration.
  - DevOps
    DevOps resources for enterprise engineering teams.
  - DevSecOps
    How to integrate security into the SDLC.
  - Governance & compliance
    Ensuring your builds stay clean.
  - Secure enterprise development
    Locking down the SDLC one step at time.
- How enterprise engineering teams can successfully adopt AI
  Learn how to bring AI to your engineering teams and maximize the value that you get from it.
  Learn more
News & insights
- News & insights
  Keep up with what’s new and notable from inside GitHub.
  - Company news
    An inside look at news and product updates from GitHub.
  - Product
    The latest on GitHub’s platform, products, and tools.
  - Octoverse
    Insights into the state of open source on GitHub.
  - Policy
    The latest policy and regulatory changes in software.
  - Research
    Data-driven insights around the developer ecosystem.
  - Surveys
    What developers and industry leaders say matters most.
  - The library
    Older news and updates from GitHub.
- Unlocking the power of unstructured data with RAG
  Learn how to use retrieval-augmented generation (RAG) to capture more insights.
  Learn more
Open source
- Open source
  Everything open source on GitHub.
  - Documentation
    Tips for creating and maintaining documentation.
  - Gaming
    Open source games on GitHub.
  - Git
    The latest Git updates.
  - Licenses
    Open source licenses, explained.
  - Maintainers
    Spotlighting open source maintainers.
  - Social impact
    How open source is driving positive change.
- An introduction to innersource
  Organizations worldwide are incorporating open source methodologies into the way they build and ship their own software.
  Learn more
Security
- Security
  Stay up to date on everything security.
  - Application security
    Application security, explained.
  - Supply chain security
    Demystifying supply chain security.
  - Vulnerability research
    Updates from the GitHub Security Lab.
  - Web application security
    Helpful tips on securing web applications.
- The enterprise guide to AI-powered DevSecOps
  Learn about core challenges in DevSecOps, and how you can start addressing them with AI and automation.
  Learn more

Categories

AI & ML
- AI & ML
  Learn about artificial intelligence and machine learning across the GitHub ecosystem and the wider industry.
  - Generative AI
    Learn about and how to build with generative AI.
  - GitHub Copilot
    Change how you work with GitHub Copilot.
  - LLMs
    Everything developers need to know about LLMs.
  - Machine learning
    Machine learning tips, tricks, and best practices.
- How AI code generation works
  Explore the capabilities and benefits of AI code generation and how it can improve your developer experience.
  Learn more
Developer skills
- Developer skills
  Resources for developers to grow in their skills and careers.
  - Application development
    Insights and best practices for building apps.
  - Career growth
    Tips & tricks to grow as a professional developer.
  - GitHub
    Improve how you use GitHub at work.
  - GitHub Education
    Learn how to move into your first professional role.
  - Programming languages & frameworks
    Stay current on what’s new (or new again).
- Get started with GitHub documentation
  Learn how to start building, shipping, and maintaining software with GitHub.
  Learn more
Engineering
- Engineering
  Get an inside look at how we’re building the home for all developers.
  - Architecture & optimization
    Discover how we deliver a performant and highly available experience across the GitHub platform.
  - Engineering principles
    Explore best practices for building software at scale with a majority remote team.
  - Infrastructure
    Get a glimpse at the technology underlying the world’s leading AI-powered developer platform.
  - Platform security
    Learn how we build security into everything we do across the developer lifecycle.
  - Scripting & automation
    How GitHub engineers use scripting and automation.
  - User experience
    Find out what goes into making GitHub the home for all developers.
- How we use GitHub to be more productive, collaborative, and secure
  Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.
  Learn more
Enterprise software
- Enterprise software
  Explore how to write, build, and deploy enterprise software at scale.
  - Automation
    Automating your way to faster and more secure ships.
  - CI/CD
    Guides on continuous integration and delivery.
  - Collaboration
    Tips, tools, and tricks to improve developer collaboration.
  - DevOps
    DevOps resources for enterprise engineering teams.
  - DevSecOps
    How to integrate security into the SDLC.
  - Governance & compliance
    Ensuring your builds stay clean.
  - Secure enterprise development
    Locking down the SDLC one step at time.
- How enterprise engineering teams can successfully adopt AI
  Learn how to bring AI to your engineering teams and maximize the value that you get from it.
  Learn more
News & insights
- News & insights
  Keep up with what’s new and notable from inside GitHub.
  - Company news
    An inside look at news and product updates from GitHub.
  - Product
    The latest on GitHub’s platform, products, and tools.
  - Octoverse
    Insights into the state of open source on GitHub.
  - Policy
    The latest policy and regulatory changes in software.
  - Research
    Data-driven insights around the developer ecosystem.
  - Surveys
    What developers and industry leaders say matters most.
  - The library
    Older news and updates from GitHub.
- Unlocking the power of unstructured data with RAG
  Learn how to use retrieval-augmented generation (RAG) to capture more insights.
  Learn more
Open source
- Open source
  Everything open source on GitHub.
  - Documentation
    Tips for creating and maintaining documentation.
  - Gaming
    Open source games on GitHub.
  - Git
    The latest Git updates.
  - Licenses
    Open source licenses, explained.
  - Maintainers
    Spotlighting open source maintainers.
  - Social impact
    How open source is driving positive change.
- An introduction to innersource
  Organizations worldwide are incorporating open source methodologies into the way they build and ship their own software.
  Learn more
Security
- Security
  Stay up to date on everything security.
  - Application security
    Application security, explained.
  - Supply chain security
    Demystifying supply chain security.
  - Vulnerability research
    Updates from the GitHub Security Lab.
  - Web application security
    Helpful tips on securing web applications.
- The enterprise guide to AI-powered DevSecOps
  Learn about core challenges in DevSecOps, and how you can start addressing them with AI and automation.
  Learn more

Contact sales Try GitHub Copilot

enterprise

Subscribe to all “enterprise” posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

→ ~ cd github-changelog

→ ~/github-changelog|main git log main

showing all changes successfully

Custom repository role creation APIs are now available in public beta

September 7, 2022

Custom repository roles enable Enterprise organization administrators to define and assign least-privilege roles for their repositories, beyond the standard Read, Triage, Write, Maintain, and Admin roles.

Now, REST API endpoints to create and update custom repository roles are available in a public beta for GitHub Enterprise Cloud customers. These new endpoints build on the existing custom repository role APIs that allow assignment of those roles to a team or user. The endpoints accept PATs from organization admins, as well as calls from properly authorized OAuth and GitHub apps.

These REST APIs will be supported in GitHub Enterprise Server 3.8, after they reach general availability in GitHub Enterprise Cloud.

Find out more about programmatically creating custom repository roles.

We'd love to get your feedback through your account team, or in our community Discussions board topic.

See more See more

Audit Log Streaming to Datadog available as Public Beta

August 31, 2022

GitHub Enterprise Cloud (GHEC) customers can now participate in a public beta enabling audit log streaming to a Datadog endpoint. Joining this beta allows enterprises to continue to satisfy long-term data retention goals and also analyze GitHub audit log data using the tools offered by Datadog.

GHEC administrators interested in participating in the public beta can enable audit log streaming by following the instructions for setting up streaming to Datadog. Customers can provide feedback on their experience at the audit log streaming to Datadog community discussion.

See more See more

Check whether an IP is permitted within IP allow list

August 24, 2022

GitHub Enterprise Cloud administrators who have IP allow lists set up for their enterprises, organizations, or GitHub Apps can now check whether an IP address is permitted within the IP allow list.

To learn more, read our 'Checking if an IP address is permitted' documentation for enterprises and organizations.

See more See more

License sync updates: new Consumed License data, a new License API and license matching improvements (Public Beta)

August 18, 2022

We’ve made a series of improvements to the GitHub Connect license sync feature in addition to the "Sync now" button we recently added in GHES:

Enterprise administrators can now access a refreshed Consumed License CSV that includes additional data, such as the saml_name_id and the GitHub Enterprise Cloud email address (for verified domains only) for each user;
Enterprise administrators also have access to two new License REST API endpoints:
a. consumed-licenses: returns the same Consumed License data found in the CSV download
b. license-sync-status: returns information related to the license sync job status
We improved the license sync matching algorithm for enterprises that use SAML SSO. We now attempt to match Server user accounts against SAML attributes in addition to matching against users' GitHub Enterprise Cloud email addresses. This improvement eliminates the need for enterprise administrators to require users to add their work-related email addresses to their GitHub Enterprise Cloud account.

Learn more about license sync and give us your feedback

See more See more

GitHub Enterprise Server 3.6 is now generally available

August 16, 2022

enterprise

GitHub Enterprise Server 3.6 is now generally available. With a host of improvements for developers, security and administration teams, this update makes developing secure software easier for everyone.
It brings more than 60 new features, including:

GitHub Discussions: a dedicated home for developing ideas
Repository cache (#462): serve global CI farms with dedicated servers, without slowing down developers
Audit log streaming (#344): push all your GitHub audit events to your preferred log collection endpoint
Pull Request file tree view (#457): navigate pull requests more quickly with the file tree
Server Statistics (#527): unlock the power of shared insights with Server Statistics

To learn more about GitHub Enterprise Server 3.6, read the release notes, and download it now.

See more See more

GitHub Enterprise Cloud customers can configure audit log streaming to AWS S3 with OpenID Connect (OIDC) – Public Beta

August 15, 2022

GitHub Enterprise Cloud customers can elect to participate in a public beta to configure audit log streaming to AWS S3 with OpenID Connect (OIDC). Audit log streaming configured with OIDC eliminates storage of long-lived cloud secrets on GitHub by using short-lived tokens exchanged via REST/JSON message flows for authentication.

For additional information, please follow the instructions for setting up audit log streaming to AWS S3 with OpenID Connect.

See more See more

Warning users about account relinking during SAML SSO

August 8, 2022

When users access an organization with SAML SSO, GitHub stores a link between the SAML identity and the user's GitHub account. This link is used by SCIM and team synchronization to grant access within your organization or enterprise. If you break this link by signing into that organization with a different SAML identity, you are likely to lose access to resources inside that organization.

Starting gradually today and being fully rolled out tomorrow, users will see a warning message if they attempt to sign in with a different SAML account and change their linked identity. They'll have the option to go back to their IdP to sign in with a different account, which is usually the correct option. If they really intend to break the link to their previous SAML account and link to a new one, they can choose to continue.

Learn more by reading "About Authentication with SAML SSO".

See more See more

Security overview is now available to all GitHub Enterprise users

August 8, 2022

We’ve expanded access to GitHub’s security overview pages in two ways:

All GitHub Enterprise accounts now have access to the security overview, not just those with GitHub Advanced Security
All users within an enterprise can now access the security overview, not just admins and security managers

Security overview provides a centralized view of risk for application security teams, engineering leaders, and developers who work across many repositories. It displays code scanning, Dependabot, and secret scanning alerts across every repository you have access to in an organization or enterprise. The security overview also shows you where you have unknown risks because security features haven’t been enabled.

Learn more about security overview and send us your feedback

See more See more

GitHub Enterprise Cloud customers can access IP addresses for audit log entries for enterprise owned assets

August 5, 2022

The ability for GitHub Enterprise Cloud owners to display members’ IP addresses for all audit logs events for private repositories and other enterprise assets, such as issues and projects, is generally available.

These IP addresses can be used to improve threat analyses and further secure your software. Note, IP addresses will continue to not be displayed for activity related to public repositories.

For additional information, read about displaying IP addresses in the audit log for your enterprise.

See more See more

The GitHub Enterprise Server 3.6 Release Candidate is available

July 28, 2022

The GitHub Enterprise Server 3.6 Release Candidate is available and contains exciting updates and additions across the board.

Release Candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments. Here are some highlights for this release.

System administrators will welcome the introduction of audit log streaming and those using GitHub Connect now have access to Server Statistics.
Developers will be delighted with the arrival of GitHub Discussions. Get a 60 second video introduction to GitHub Discussions here.
General security improvements see the removal of insecure SSH keys and protocols from Git, and the addition of TLS enforcement for inbound SMTP connections.
Advanced Security security overview now includes all alert types and dependency review now has an API and an associated Action, making it easy to break the build if a vulnerable dependency is being introduced. Secret scanning adds push protection for the web UI and the much requested dry run for custom patterns.

Read about these features and more in the full GitHub Enterprise Server 3.6 release notes. We look forward to hearing your feedback! Contact our Support team with any questions.

Download it today.

See more See more

GitHub Enterprise Cloud customers can configure audit log streaming to AWS S3 with OpenID Connect (OIDC)

June 28, 2022

GitHub Enterprise Cloud customers can elect to participate in a private beta to configure audit log streaming to AWS S3 with OpenID Connect (OIDC). Audit log streaming configured with OIDC eliminates storage of long-lived cloud secrets on GitHub by using short-lived tokens exchanged via REST/JSON message flows for authentication.

If interested in participating in the private beta, please reach out to your GitHub account manager or contact our sales team to make the feature available for your enterprise. For additional information on configuring OIDC, read about setting up audit log streaming to AWS S3 with OpenID Connect.

See more See more

Improved innersource collaboration and enterprise fork policies

June 27, 2022

Previously, three aspects of repository forks caused friction to innersource collaboration and administration:

Repositories could not be forked within a single organization.
Repositories with internal visibility could not be forked to an organization.
Enterprise owners lacked control over where repositories could be forked.

These obstacles have been addressed with the following new features. We’re always looking for new ways to improve repository collaboration and we welcome your ideas.

Fork a repository to the same organization as its parent

Previously, a repository could be forked only to a different organization or user account.

Now, a repository can be forked to the same organization as its parent repository, addressing situations where people are working in one organization and don’t want to fork a repository to a different organization or user account.

Fork internal repositories to enterprise organizations

Previously, when a repository with internal visibility was forked, the fork was automatically created in the person’s personal account space and its visibility was changed to private.

Now, people can fork an internal repository to an organization in the same enterprise, and the fork will retain its internal visibility. When forking an internal repository, you can choose which of the enterprise’s organizations should receive the fork – similar to forking a public repository, except that:

The destination organizations will be limited to those within the enterprise of the parent repository.
You will not be permitted to change the internal visibility of the fork while forking it.

Enterprise owners can limit where forks can be created

Previously, enterprise owners couldn’t restrict where repositories in the enterprise could be forked. This was important for them to keep confidential repositories from accidentally being forked to an exposed location.

Now, enterprise owners can control where enterprise members can fork repositories. Forking can be limited to preset combinations of enterprise organizations, the same organization as the parent repository, user accounts, and everywhere.

Image of enterprise settings for controlling where repositories can be forked

More information

Learn more about working with forks, or enforcing a policy for forking repositories, in the GitHub documentation.

We appreciate feedback on this and other topics in GitHub’s public feedback discussions.

See more See more

Enterprise Owners Can Assume Organization Ownership – GA

June 20, 2022

Enterprise owners can join organizations in their enterprise via the enterprise account Organizations page: https://github.com/enterprises/<enterprise> as either a member or an admin. This feature has graduated from beta to general availability.

To learn more, please read our article about managing your role within an organization your enterprise owns.

See more See more

Enterprise Owners Can Remove Enterprise Members – GA

June 20, 2022

Enterprise owners can now remove enterprise members from their GitHub Enterprise via the People view within their enterprise account: https://github.com/enterprises/<enterprise>/people. This feature has graduated from beta to general availability.

To learn more, read about removing a member from your GitHub Enterprise.

See more See more

Custom repository roles are now GA

June 6, 2022

Custom repository roles are now GA for GitHub.com and Enterprise Server 3.5.

Organization admins can create custom repository roles available to all repositories in their organization. Roles can be configured from a set of 35 fine grained permissions covering discussions, issues, pull requests, repos, and security alerts. Once a role is created, repository admins can assign a custom role to any individual or team in their repository.

Custom repository roles can be managed in the Repository roles tab of your Organization settings:

Custom repository roles are also supported in the GitHub REST APIs. The Custom Roles API can be used to list all custom repository roles in an organization, and the existing APIs for granting repository access to individuals and teams support custom repository roles.

To get started with custom repository roles, read the docs.

See more See more

View more changes