- 30 May 2019 13:26
Build like an open source community with GitHub Enterprise
The open source community is dynamic and interconnected, innovating across hundreds of thousands of developers—and enterprise software teams are learning fast. They’re relying on open source more than ever before and becoming what we call open source enterprises. They take part in developer communities to innovate at scale, follow open source collaboration best practices, and build trust through a secure and compliant platform.
To make it easier for businesses to securely embrace open source and keep up with the best technology has to offer, we’re launching several improvements to GitHub Enterprise. These new features will support businesses as they work toward their goals, encourage open collaboration, and build trust at scale.
More effective team management
Manage users and teams effectively across GitHub projects, repositories, and organisations, no matter where you use GitHub. Simply and safely give your users and teams the access they need to do their jobs, increase quality, and build their best ideas.
- Enterprise account: Enterprise accounts are a new account type that connects organisations, creating more opportunities to collaborate and build innersource workflows. The new admin center allows you to meet your security and compliance needs with global administration and policy enforcement. - New roles and permissions (beta): With the introduction of two new user roles, Triage and Maintain, enterprise teams can grow and scale securely, addressing their access control needs. Now administrators can recruit help, like triaging issues or managing users, from trusted contributors without also granting the ability to write to the repository or to change repository settings. - Team synchronisation (beta): Add groups from your identity provider to a team within GitHub and automatically keep membership synchronised. Automatic updates reduce administrative time—and make your process more audit-ready and secure. Learn more about team synchronisation. - Internal repositories (beta): Foster an innersource culture with a new setting for repository visibility. Enterprises can create internal repositories that are visible only to their developers, opening up more ways to reuse code and build communities within your company. - Organisation insights (beta): Get a better understanding of how your organisation collaborates in GitHub and get ahead of your talent needs with deeper insights into programming languages used in your products. - Audit log API (beta): Now GitHub Enterprise Cloud administrators can access audit log events using our GraphQL API. Dig into your audit log to get detailed security and compliance insights—and analyse data on user access, team creation, and more to move your organisation closer to their goals.
Building trust at scale
Security is a priority for businesses determined to protect their code, data, and users. These new features provide the security and compliance tools enterprise teams need to bring open source to their organisations.
- Dependency insights: A new dashboard allows Enterprises to better audit and report on their open source dependencies, including details on security vulnerabilities and open source licenses. - Security vulnerability alerts and token scanning: Previously announced as betas, these features are now generally available. Get a notification when a project your software depends on has a known vulnerability so you can take action. Token scanning extends support to Mailgun, Alibaba Cloud, and Twilio to make sure your tokens and keys stay private. - WhiteSource vulnerability data partnership: Our new partnership with WhiteSource broadens our coverage of potential security vulnerabilities in open source projects and provides increased detail on how to assess and remediate vulnerabilities. - Automated security fixes: Powered by Dependabot, GitHub keeps your projects secure and up-to-date by monitoring your dependencies for known security vulnerabilities and automatically opening pull requests to update them.
Git data encryption at rest: Git data, Wikis and Gists are encrypted at rest on GitHub Enterprise Cloud for increased data security.
New ways to work better, together
Remove friction from your daily collaboration with these new Enterprise features.
- Draft pull requests: Create a draft pull request to ask for input, get feedback on an approach, or refine work before it’s ready for review. Statuses: Set a status on your GitHub profile to let people know when you’re available—or when you’re sick, out of office, or just taking some time off. - Learning Lab courses: Speed up your team’s adoption of open source best practices by ramping up with new Learning Lab courses. You’ll learn how to implement innersource, become an open source enterprise, and more.
Uncapped IP indemnification
Customers will be protected for their use of GitHub. Specifically, from claims alleging that GitHub products or services, including any open source components we reuse in our products or services, infringe third-party IP rights.