|
1 | 1 | date: '2022-08-30' |
2 | 2 | sections: |
3 | 3 | bugs: |
4 | | - - Site administrators were not able to manage security products settings for repositories they had unlocked. |
5 | | - - Prevents duplication of admin SSH keys showing up in Management Console and admin/.ssh/authorized_keys |
6 | | - - Adding a check for running replication before updating configuration files on replica stand-up before running `ghe-cluster-config-apply`. This prevents cases where unconfigured nodes could replicate their configuration to the rest of the cluster, potentially removing configurations from the existing cluster nodes. |
7 | | - - The validation phase of the config apply run would incorrectly mark some Nomad jobs as invalid. |
8 | | - - The symlinks for self-signed TLS certificates were no created which caused various failures in the GitHub UI. |
| 4 | + - After unlocking a repository for temporary access, a site administrator was unable to manage settings for security products in the repository. |
| 5 | + - Duplicate administrative SSH keys could appear in both the Management Console and the `/home/admin/.ssh/authorized_keys` file. |
| 6 | + - The site admin page for individual users at <code>http(s)://<em>HOSTNAME</em>/stafftools/users/<em>USERNAME</em>/admin</code> contained functionality not intended for GitHub Enterprise Server. |
| 7 | + - In some cases, running `ghe-cluster-config-apply` could replicate an empty configuration to existing nodes in a cluster. |
| 8 | + - In some cases, configuration runs started with `ghe-config-apply` did not complete, or returned a `Container count mismatch` error. |
| 9 | + - After updating a self-signed TLS certificate on a GitHub Enterprise Server instance, UI elements on some pages in the web interface did not appear. |
9 | 10 | - The top site admin bar contained a broken link to the SHA for the currently running version of the application. |
10 | | - - Some background tasks could deadlock preventing them from making progress caused by `enterprise-crypto` which has now been modified to be thread safe. |
| 11 | + - In some cases, background tasks could stall due to a library that was used concurrently despite not being thread-safe. |
11 | 12 | - The list of organizations on the fork screen would overflow its box when a user was in many organizations. |
12 | 13 | - Alerts from secret scanning for GitHub Advanced Security customers were missing in the web UI and REST API if a site administrator did not upgrade directly to GitHub Enterprise Server 3.4. The alerts are now visible. |
13 | 14 | changes: |
14 | | - - Performance improvements to the GitHub Enterprise Support Bundle generation process. This modifies the `sanitize_logs` function in `ghe-support-bundle` to run `psed` in parallel vs. serially. This is based on an analysis of bundle generation on `ghe.io` where it was observed we spent 36% of our time in `psed` sanitizing logs. |
15 | | - - Change the `/organizations/`, `/orgs/` API routes to accept organization slugs or IDs. Previously, they only accepted slugs which was inconsistent with the `/enterprises/` routes and caused `Link` headers on GitHub Advanced Security API endpoints, that use IDs not slugs, to be inaccessible to users. |
16 | | - - User generated audit-logs events, such as `repo.create`, are now correctly returned from the REST API availabe at `api.github.com/enterprises/{enterprise}/audit-log`. In addition to that, more types of user generated events, such as `project.create`, are now available on both the enterprise audit-log UI (available at `github.com/enterprises/{enterprise}/settings/audit-log`) and REST API (same endpoint as above). |
17 | | - - The page at `/stafftools/users/:login/admin` contained functionality not intended for GitHub Enterprise Server. |
18 | | - - Cache replicas could intermittently reject some git operations on recently updated repositories. |
| 15 | + - Generation of support bundles is faster as a result of parallelized log sanitization. For more information about support bundles, see "[Providing data to GitHub Support](/support/contacting-github-support/providing-data-to-github-support)." |
| 16 | + - APIs that contain the `organization` or `org` route now accept either the organization's slug or ID. Previously, the APIs only accepted slugs, which caused `Link` headers for GitHub Advanced Security endpoints to be inaccessible. For more information, see "[Organizations](https://docs.github.com/rest/orgs/orgs)" in the REST API documentation. |
| 17 | + - The enterprise audit log now includes more user-generated events, such as `project.create`. The REST API also returns additional user-generated events, such as `repo.create`. For more information, see "[Accessing the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise)" and "[Using the audit log API for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise#querying-the-audit-log-rest-api)." |
| 18 | + - In some cases, cache replicas could reject some Git operations on recently updated repositories. For more information about repository caching, see "[About repository caching](/admin/enterprise-management/caching-repositories/about-repository-caching)." |
19 | 19 | known_issues: |
20 | 20 | - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. |
21 | 21 | - Custom firewall rules are removed during the upgrade process. |
|
0 commit comments