GitHub has released the latest version of GitHub Enterprise Server, which is a self-hosted version of GitHub.
“With this release, customers can choose how to best scale their security strategy, gain more control over deployments, and more,” GitHub wrote in blog post.
Key features of GitHub Enterprise Server 3.12 include the ability to restrict deployments to specific tag patterns, organization-wide repository policy sets that can be applied to specific workflows, merge queues, and Dependabato alert rules.
Sample tags allow users to be more specific about what is deployed to production via GitHub Actions, providing an additional layer of security and control. For example, a developer can specify that only things labeled “Releases/” are deployed to production.
Another security improvement is that users can now define and enforce rule sets across multiple repositories. This replaces the legacy feature Required Workloads, and all workflows that used them were automatically migrated to rule sets.
GitHub Enterprise Server 3.12 also makes it easier to automate branch management through a new join the tail feature. Marge queue automatically checks if PR is compatible with other changes and alerts developers if something is wrong. It does this by creating a temporary branch that contains the latest changes from the base branch, changes to other queued PRs, and changes to the current PR.
This release also adds user-configured warning rules to Dependabot, which is a tool that updates dependencies in projects.
“With Dependabot, you can proactively manage security alerts to ensure high-priority items appear. With user-configured alert rules, you can now tailor your security strategy to your specific risk tolerance and contextual needs, simplifying alert triage and remediation processes,” wrote GitHub.
Other features include stealth scanning of non-vendor forms (beta), support for all CodeQL languages, organization-level GitHub project templates, improved global navigation, and the ability to highlight text in markup files.