Wednesday, 18 July 2018

GitHub Enterprise adds anonymous Git access, improves configuration visibility

Version 2.14 of GitHub Enterprise, the behind-the-firewall version of GitHub’s code-sharing platform tuned for businesses, improvement configuration visibility and adds anonymous Git read access.

Users can configure visibility for new members of an organization, across private or public instances. Administrators also can prevent users from changing their visibility from the default configuration. Default settings can be enforced through a command-line utility.

GitHub Enterprise Version 2.14 also adds the ability for administrators to enable anonymous Git read access to public repositories when an instance is in a private mode. Anonymous read access can let users bypass authentication requirements for custom tools on an instance.

Other new capabilities in Version 2.14 include:

  • The default user dormancy threshold was extended from one month to 90 days. Users also can customize their dormancy threshold. Dormancy is the point at which an account is considered inactive and thus can be suspended to free up licenses. Some users have had issues reactivating a dormant account.
  • An automated project board template enables triage and prioritization on bugs.
  • Granular permissions can be set for an organization’s project boards. Permissions settings include Read, Write, and Admin.
  • GitHub Enterprise Support can be contacted via the management console. Data can be provided to Enterprise Support using command-line utilities.
  • Multiple approving reviews can be required for the merging of pull requests.
  • A comment’s edit history can be seen by anyone with read access.
  • Multiple issue templates can be used in a repository, using the issue template builder.
  • Using GitHub tools, searches can be made globally across an instance. Searches also can be scoped to a particular repository or organization.
  • A closed project board can be reopened, so workflow automation can be restarted.
  • Version 2.14 also includes some security fixes, including one in which a GitHub app could download a repository archive that it was not authorized to access during installation. Another fix mended a situation where command-line injection could be triggered via an upload of a specially crafted, pre-receive hook environment.

Bug fixes included addressing when parallel uploads of the same Git LFS (Large File Storage) object could fail but be reported as successful. Also, support for the Internet Explorer 11 browser will be deprecated on September 13.

GitHub did cite a known issue with Version 2.14, though, in which an attacker could create the first admin user on a freshly set-up GitHub Enterprise installation with no users.

Where to download GitHub Enterprise 2.14

You can download GtHub Enterprise Version 2.14 for on-premises or cloud deployment from GitHub. There is a 45-day free trial available for GitHub Enterprise.

https://www.infoworld.com

No comments:

Post a Comment