docs/data/release-notes/2-22/0.yml

intro: GitHub is excited to present GitHub Enterprise Server 2.22.0.
date: '2020-09-23'
sections:
  features:
    - heading: GitHub Actions Beta
      notes:
        - |
          [GitHub Actions](https://github.com/features/actions) is a powerful, flexible solution for CI/CD and workflow automation. GitHub Actions on Enterprise Server includes tools to help you manage the service, including key metrics in the Management Console, audit logs and access controls to help you control the roll out.

          You will need to provide your own [storage](https://docs.github.com/en/enterprise/2.22/admin/github-actions/enabling-github-actions-and-configuring-storage) and runners for GitHub Actions. AWS S3, Azure Blob Storage and MinIO are supported. Please review the [updated minimum requirements for your platform](https://docs.github.com/en/enterprise/2.22/admin/installation/setting-up-a-github-enterprise-server-instance) before you turn on GitHub Actions. To learn more, contact the GitHub Sales team or [sign up for the beta](https://resources.github.com/beta-signup/). {% comment %} https://github.com/github/releases/issues/775 {% endcomment %}

    - heading: GitHub Packages Beta
      notes:
        - |
          [GitHub Packages](https://github.com/features/packages) is a package hosting service, natively integrated with GitHub APIs, Actions, and webhooks. Create an [end-to-end DevOps workflow](https://docs.github.com/en/enterprise/2.22/admin/packages/configuring-packages-support-for-your-enterprise) that includes your code, continuous integration, and deployment solutions.

          Supported storage back ends include AWS S3 and MinIO with support for Azure blob coming in a future release. Please note that the current Docker support will be replaced by a beta of the new GitHub Container Registry in the next release. Please review the [updated minimum requirements for your platform](https://docs.github.com/en/enterprise/2.22/admin/installation/setting-up-a-github-enterprise-server-instance) before you turn on GitHub Packages. To learn more, contact the GitHub Sales team or [sign up for the beta](https://resources.github.com/beta-signup/). {% comment %} https://github.com/github/releases/issues/773 {% endcomment %}

    - heading: Advanced Security Code Scanning Beta
      notes:
        - |
          [GitHub Advanced Security code scanning](https://github.com/features/security) is a developer-first, GitHub-native static application security testing (SAST). Easily find security vulnerabilities before they reach production, all powered by the world’s most powerful code analysis engine: CodeQL.

          Administrators using GitHub Advanced Security can [sign up for](https://resources.github.com/beta-signup/) and [enable](https://docs.github.com/en/enterprise/2.22/admin/configuration/configuring-code-scanning-for-your-appliance) GitHub Advanced Security code scanning beta. Please review the [updated minimum requirements for your platform](https://docs.github.com/en/enterprise/2.22/admin/installation/setting-up-a-github-enterprise-server-instance) before you turn on GitHub Advanced Security code scanning. {% comment %} https://github.com/github/releases/issues/768 {% endcomment %}

    - heading: Pull Request Retargeting
      notes:
        - |
          When a [pull request's head branch](https://docs.github.com/en/enterprise/2.22/user/github/collaborating-with-issues-and-pull-requests/about-branches#working-with-branches) is merged and deleted, all other open pull requests in the same repository that target this branch are now retargeted to the merged pull request's base branch. Previously these pull requests were closed. {% comment %} https://github.com/github/releases/issues/801 {% endcomment %}

    - heading: Suspend and Unsuspend an App Installation
      notes:
        - |
          Administrators and users can [suspend any GitHub App’s access](https://docs.github.com/enterprise/2.22/user/rest/reference/apps#suspend-an-app-installation) for as long as needed, and [unsuspend the app](https://docs.github.com/enterprise/2.22/user/rest/reference/apps#unsuspend-an-app-installation) on command through Settings and the API. Suspended apps cannot access the GitHub API or webhook events. You can use this instead of uninstalling an application, which deauthorises every user. {% comment %} https://github.com/github/github/pull/138316 https://github.com/github/github/pull/150869 {% endcomment %}''

    - heading: Improved Large Scale Performance
      notes:
        - |
          We have revised the approach we take to scheduling network maintenance for repositories, ensuring large monorepos are able to avoid failure states. {% comment %} https://github.com/github/github/pull/146789, https://github.com/github/github/pull/147931, https://github.com/github/github/pull/146724, https://github.com/github/git-protocols/issues/94 {% endcomment %}''

          Passive replicas are now [supported and configurable on GitHub Enterprise Server cluster deployments](https://docs.github.com/en/enterprise/2.22/admin/enterprise-management/configuring-high-availability-replication-for-a-cluster). These changes will enable faster failover, reducing RTO and RPO. {% comment %} https://github.com/github/releases/issues/905 {% endcomment %}

    - heading: View All of Your Users
      notes:
        - |
          For exceptionally large teams, administrators can [adjust the 1,500 default maximum for user lists](https://docs.github.com/en/enterprise/2.22/admin/configuration/command-line-utilities#ghe-config). {% comment %} https://github.com/github/github/pull/146508 {% endcomment %}''

  changes:
    - heading: Administration Changes
      notes:
        - Shared workers have been enabled to make live updates more resilient by sharing connections across tabs. {% comment %} https://github.com/github/releases/issues/914 {% endcomment %}
        - The "Contact Support" link on `50x` error pages now links to the support email or link configured in the Management Console. {% comment %} https://github.com/github/github/pull/142123 {% endcomment %}
        - It's now possible to [manage global announcements and expiration dates through the enterprise account settings](https://docs.github.com/en/enterprise/2.22/admin/installation/command-line-utilities#ghe-announce). {% comment %} https://github.com/github/releases/issues/945, https://github.com/github/github/pull/148475, https://github.com/github/github/pull/148494 {% endcomment %}
        - You can now [exempt certain users from the default API rate limits configured in the management console](https://docs.github.com/en/enterprise/2.22/admin/configuration/configuring-rate-limits), if necessary. {% comment %} https://github.com/github/github/pull/148673 {% endcomment %}
        - Repository administrators can now [set their repository to any available visibility option](https://docs.github.com/en/enterprise/2.22/user/github/administering-a-repository/setting-repository-visibility) from a single dialog in the repository's settings. Previously, you had to navigate separate sections, buttons, and dialog boxes for changing between public and private and between private and internal. {% comment %} https://github.com/github/releases/issues/882 {% endcomment %}
        - A new Enterprise settings link on the user dropdown menu makes it easier to navigate to Enterprise Account Settings. {% comment %} https://github.com/github/releases/issues/946, https://github.com/github/github/pull/150595, https://github.com/github/github/pull/150520, https://github.com/github/github/pull/151121, https://github.com/github/hydro-schemas/pull/1244 {% endcomment %}
        - The legacy "Admin Center" link on the /stafftools page has been removed. The "Enterprise" link is now the best way to navigate to the Enterprise Account from the /stafftools page. {% comment %} https://github.com/github/github/pull/147633 {% endcomment %}
        - The Options sub-menu item in the Enterprise Account settings has been moved from the Settings section to the Policies section. {% comment %} https://github.com/github/releases/issues/944, https://github.com/github/github/pull/148477 {% endcomment %}
        - '[Accessing resources by using a personal access token or SSH key now counts as user activity](https://docs.github.com/en/enterprise/2.22/admin/user-management/managing-dormant-users). This relieves administrators from the burden of filtering out certain users from the user dormancy reports and makes it safer to use the "Suspend all" button without accidentally suspending users who only accessed GitHub in a read-only way over the APIs with a Personal Access Token (PAT) or SSH key. {% comment %} https://github.com/github/github/pull/140433, https://github.com/github/help-docs/pull/14853, https://github.com/github/customer-feedback/issues/174, https://github.com/github/supportability/issues/14 {% endcomment %}'

    - heading: Security Changes
      notes:
        - Two-factor recovery codes can no longer be used during the two-factor sign in process. One-Time-Passwords are the only acceptable values. {% comment %} https://github.com/github/github/pull/145016, https://github.com/github/github/pull/140208 {% endcomment %}
        - When a user is signed into GitHub Enterprise Server through single sign-on, the [default repository visibility selection is Private](https://docs.github.com/en/enterprise/2.22/user/github/administering-a-repository/setting-repository-visibility). {% comment %} https://github.com/github/releases/issues/872 {% endcomment %}
        - Owners of GitHub Apps can now choose to have their [user-to-server access tokens expire after 8 hours](https://developer.github.com/changes/2020-04-30-expiring-user-to-server-access-tokens-for-github-apps/), to help enforce regular token rotation and reduce the impact of a compromised token. {% comment %} https://github.com/github/releases/issues/966 {% endcomment %}

    - heading: Developer Changes
      notes:
        - '[The GitHub UI has undergone a design refresh](https://github.blog/changelog/2020-06-23-design-updates-to-repositories-and-github-ui/), and the repositories homepage has been redesigned, including a responsive layout and improved mobile web experience. {% comment %} https://github.com/github/releases/issues/886 {% endcomment %}'
        - In the "Clone with SSH" repository dropdown menu, users will now be notified if they do not have any keys setup. {% comment %} https://github.com/github/github/pull/149098 {% endcomment %}
        - Commits are now ordered chronologically in the pull request timeline and commits tab. This new ordering is also reflected in the ["List commits on a pull request"](https://docs.github.com/en/enterprise/2.22/user/rest/reference/pulls#list-commits-on-a-pull-request) REST API and GraphQL ["PullRequest object"](https://docs.github.com/en/enterprise/2.22/user/graphql/reference/objects#pullrequest) timeline connection. {% comment %} https://github.com/github/releases/issues/867 {% endcomment %}
        - Users can now [set a skin tone default for emoji autocomplete results](https://github.blog/changelog/2020-07-17-customizable-skin-tones-in-emoji-autocomplete/) in comment text areas. {% comment %} https://github.com/github/releases/issues/916 {% endcomment %}
        - '[Tree-sitter](https://github.com/tree-sitter/tree-sitter) improves syntax highlighting and is now the default library used for language parsing. {% comment %} https://github.com/github/releases/issues/918, https://github.com/github/windrose/issues/44 {% endcomment %}'

    - heading: Users and organizations can add Twitter usernames to their GitHub profiles
      notes:
        - '[Developers and organizations can now add their Twitter username to their profile](https://github.blog/changelog/2020-07-22-users-and-organizations-can-now-add-twitter-usernames-to-their-github-profiles/) {% comment %}  https://github.com/github/github/pull/145127 {% endcomment %}'

    - heading: API Changes
      notes:
        - |
          #### Graduated Previews

          The following previews are now an official part of the API:
          * The GitHub Apps API and endpoints that returned the `performed_via_github_app` property no longer require the [`machine-man`](https://developer.github.com/changes/2020-08-20-graduate-machine-man-and-sailor-v-previews/) preview header. {% comment %} https://github.com/github/releases/issues/965 {% endcomment %}
          * To add and view a lock reason to an issue, you no longer need to use the [`sailor-v`](https://developer.github.com/changes/2020-08-20-graduate-machine-man-and-sailor-v-previews/) preview header. {% comment %} https://github.com/github/github/pull/143676 {% endcomment %}

        - |
          #### GraphQL Schema Changes

          * [The GraphQL schema changes](https://docs.github.com/enterprise/2.22/user/graphql/overview/changelog) include backwards-compatible changes, schema previews, and upcoming breaking changes.

    - heading: VMware Network Driver Changes
      notes:
        - |
          The GitHub Enterprise Server default network adapter type for VMware customers has been changed from E1000 to VMXNET3, starting with release 2.22.0. When upgrading from an earlier release to 2.22.0 or newer, if an E1000 network adapter is detected during the pre-upgrade check, the following message will be displayed at the command line:

          ```
          WARNING: Your virtual appliance is currently using an emulated Intel E1000 network adapter.
          For optimal performance, please update the virtual machine configuration on your VMware host to use the VMXNET3 driver.
          Proceed with installation? [y/N]
          ```

          The administrator can choose to update the network adapter type to VMXNET3 either before or after the GitHub Enterprise Server upgrade. The virtual appliance will need to be shutdown for this change. Customers should follow the VMware recommended steps for [changing the virtual machine network adapter configuration](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-3719A0BE-4B4A-44FF-8A21-290950918FBD.html) to VMXNET3. Please note that `VMXNET3` will not be an option if the OS version for the virtual appliance is set to `Other Linux (64-bit)`. In that case, the OS version would first need to be changed from `Other Linux (64-bit)` to `Other 2.6.x Linux (64-bit)` or if available, `Debian GNU/Linux 9` . We recommend testing these changes on a [staging instance](https://docs.github.com/en/enterprise-server@2.22/admin/installation/setting-up-a-staging-instance) before it is performed on a production GitHub Enterprise Server. {% comment %} https://github.com/github/ghes-infrastructure/issues/781 {% endcomment %}

  bugs:
    - The stafftools page for viewing pending collaborator showed a `500 Internal Server Error` when there was a pending email invite. {% comment %} https://github.com/github/github/pull/150836 {% endcomment %}
    - The Repository Health Check in stafftools could give incorrect results on busy repositories. {% comment %} https://github.com/github/github/pull/151160 {% endcomment %}
    - A logged in user trying to accept an email invitation could get a `404 Not Found` error. {% comment %} https://github.com/github/github/pull/150848 {% endcomment %}
    - If a user navigated to a repository whose name started with "repositories.", they were redirected to the owner's "Repositories" tab instead of landing on the repository overview page. {% comment %} https://github.com/github/github/pull/149704 {% endcomment %}
    - Labels in the dashboard timeline did not have enough contrast. {% comment %} https://github.com/github/github/pull/146749 {% endcomment %}

  deprecations:
    - heading: Upcoming Deprecation of GitHub Enterprise Server 2.19
      notes:
        - '**GitHub Enterprise Server 2.19 will be deprecated as of November 12, 2020** That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of GitHub Enterprise Server](https://help.github.com/enterprise/admin/guides/installation/upgrading-github-enterprise/) as soon as possible.'
    - heading: Deprecation of Legacy GitHub App Webhook Events
      notes:
        - Starting with GitHub Enterprise Server 2.21.0 two legacy GitHub Apps-related webhook events have been deprecated and will be removed in GitHub Enterprise Server 2.25.0. The deprecated events `integration_installation` and `integration_installation_repositories` have equivalent events which will be supported. More information is available in the [deprecation announcement blog post](https://developer.github.com/changes/2020-04-15-replacing-the-installation-and-installation-repositories-events/). {% comment %} https://github.com/github/enterprise-web/pull/6419#issuecomment-668303461 {% endcomment %}
    - heading: Deprecation of Legacy GitHub Apps Endpoint
      notes:
        - Starting with GitHub Enterprise Server 2.21.0 the legacy GitHub Apps endpoint for creating installation access tokens was deprecated and will be removed in GitHub Enterprise Server 2.25.0.  More information is available in the [deprecation announcement blog post](https://developer.github.com/changes/2020-04-15-replacing-create-installation-access-token-endpoint/). {% comment %} https://github.com/github/enterprise-web/pull/6419#issuecomment-668303461 {% endcomment %}
    - heading: Deprecation of OAuth Application API
      notes:
        - GitHub no longer supports the OAuth application endpoints that contain `access_token` as a path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. While deprecated, the endpoints are still accessible in this version. We intend to remove these endpoints on GitHub Enterprise Server 3.4. For more information, see the [deprecation announcement blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).

  backups:
    - GitHub Enterprise Server 2.22 requires at least [GitHub Enterprise Backup Utilities](https://github.com/github/backup-utils) 2.22.0 for [Backups and Disaster Recovery](https://help.github.com/enterprise/2.22/admin/guides/installation/backups-and-disaster-recovery/).

  known_issues:
    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}
    - Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}
    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}
    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}
    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}
    - The Name ID Format dropdown in the Management Console resets to "unspecified" after setting instance to "persistent". {% comment %} https://github.com/github/enterprise2/issues/13446 {% endcomment %}
    - The repository Settings page of a repository for a user or organization GitHub Pages sites will fail with a "500 Internal Server Error". {% comment %} https://github.com/github/github/issues/156183 {% endcomment %}
    - Users may experience slower Git clone and fetch performance on an instance with high availability replicas due to reads being forwarded to a different node. {% comment %} https://github.com/github/spokesd/issues/746 {% endcomment %}
    - '[Creating a GitHub App from a manifest](https://docs.github.com/en/enterprise/2.22/user/developers/apps/creating-a-github-app-from-a-manifest) fails. To work around this issue, users can follow the manual instructions for [creating a GitHub App](https://docs.github.com/en/enterprise/2.22/user/developers/apps/creating-a-github-app). {% comment %} https://github.com/github/enterprise2/issues/22849 {% endcomment %}'
    - GitHub usernames may change unintentionally when using SAML authentication, if the GitHub username does not match the value of the attribute mapped to the `username` field in the Management Console. (updated 2020-10-08) {% comment %} https://github.com/github/external-identities/issues/335 {% endcomment %}
    - On a freshly set up 2.22.0 instance or after upgrading to 2.22.0, the activity feed on an organization's dashboard will no longer update. (updated 2020-10-27) {% comment %}https://github.com/github/enterprise2/issues/23050{% endcomment %}
    - Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}