GitHub Enterprise Server 3.20 release candidate is available
Source: GitHub Changelog
GitHub Enterprise Server (GHES) 3.20 enhances deployment efficiency, monitoring capabilities, code security, and policy management. Here are a few highlights in the 3.20 release:
Improved Pull Request Merge Experience
The improved merge experience on the pull request page is now generally available. It helps you better understand the state of your pull request and get it merged faster. Status checks are grouped by status—with failing checks listed first—and ordered using natural sorting. When commit metadata rules fail, merge‑time errors explain what to fix. For improved accessibility, the merge experience also has consistent keyboard navigation, focus, and landmarks. See the improved pull request merge experience for a detailed update including screenshots.
Immutable Releases
GitHub releases now support immutability, locking release assets from being added, modified, or deleted after publication and protecting the release tag from being moved or deleted. This helps protect distributed artifacts from supply‑chain attacks. For more information, see the immutable releases changelog. Release attestations are not yet supported on GHES and are only available on GitHub.com.
Secret Scanning Enhancements
Secret scanning includes several improvements to help teams prevent and address credential leaks at scale:
- Validity checks indicate if secrets are still active. Enterprise admins can make the feature available to repository admins from the Management Console.
- Push protection delegated bypass controls can now be managed at the enterprise level.
- Alert assignment is supported for collaboration.
- Push protection expands default coverage to block additional secrets, reducing the risk of credential leaks during pushes.
- New detectors have been added and existing detectors improved.
Enterprise Teams Management (Public Preview)
Enterprise owners can create and manage enterprise teams to simplify governance across their enterprise. Using the API or enterprise settings UI, owners can:
- Assign enterprise teams to organizations.
- Create and assign custom enterprise roles.
- Assign roles to both teams and users.
Organization and repository owners can assign roles to enterprise teams within their scope, and enterprise teams can be added to ruleset bypass lists. See the documentation on teams in an enterprise for more details. This feature is in public preview and subject to change.
Enterprise Security Manager Role (Public Preview)
For GitHub Advanced Security—including code scanning and secret scanning—the Enterprise Security Manager role is available for simplified security policy and alert management across an enterprise. The role is supported only for enterprises with up to 15,000 organizations.
Backup Service (Generally Available)
The backup service, previously in public preview, is now generally available in GHES 3.20. The managed, built‑in service provides an alternative to GHES backup utilities and does not require a separate host for backup software. See the Backup service documentation for more information. Note that backup-utils will be retired starting in version 3.22.
Release Candidate Information
Release candidates let you try the latest features early and help us gather feedback to ensure the release works in your environment. Learn more about the release candidate process. To learn more about GHES 3.20, check out the release notes or download the 3.20 release candidate now.
If you have any feedback or questions about the release candidate, please contact our support team.