GitHub has rolled out its Enterprise Server 3.10 release, introducing a host of enhanced security capabilities. This update includes support for custom deployment rules, enabling teams to ensure that only compliant and secure deployments reach production. GitHub Projects, now available in Enterprise Server, provides administrators with greater visibility over issues and pull requests.
Notably, teams using GitHub Actions can establish their own custom deployment protection rules to uphold quality, security, and manual approval requirements for deployments. Administrators are also granted additional control over runner management and security in GitHub Actions, with the ability to disable repository-level self-hosted runners across the organization, ensuring jobs are hosted on centrally managed machines.
Furthermore, GitHub Enterprise Server 3.10 simplifies code scanning setup for developers by introducing a new default setup that eliminates the need for YAML files. This setup also facilitates enabling code scanning across multiple repositories simultaneously.
The release enhances the tracking of coverage and risks across repositories through enterprise-level “code security” pages and the Dependabot feature. The addition of Swift support further broadens GitHub’s code scanning coverage to include iOS and Android development languages.
Additionally, fine-grained Personal Access Tokens (PATs) have been introduced to minimize risks associated with token leaks, allowing developers to choose from a range of over 50 granular permissions, each with access options.
The update introduces a more secure approach to access management, as fine-grained PATs now come with an expiration date and limited access to repositories or organizations explicitly granted access. This aligns with the principle of least privilege access. The latest GitHub Enterprise Server release also features refined branch protections, adjustments to required protections enforcement, and measures to prevent last pushers from approving pull requests. Moreover, improved backup operations enhance data security.
Overall, this release aims to strengthen the security posture of GitHub’s Enterprise Server, addressing various aspects of access control, code scanning, deployment rules, and repository management.
