date: '2022-02-17'
sections:
  security_fixes:
    - It was possible for a user to register a user or organization named "saml".
    - Packages have been updated to the latest security versions. 
  bugs:
    - GitHub Packages storage settings could not be validated and saved in the Management Console when Azure Blob Storage was used. 
    - The mssql.backup.cadence configuration option failed ghe-config-check with an invalid characterset warning.
    - Fixes SystemStackError (stack too deep) when getting more than 2<sup>^16</sup> keys from memcached. 
  changes:
    - Secret scanning will skip scanning ZIP and other archive files for secrets. 
  known_issues:
    - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user.
    - Custom firewall rules are removed during the upgrade process.
    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
    - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters.
    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
    - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
    - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.