roadmap
roadmap copied to clipboard
github
GitHub public roadmap
### Value Prop We have learned through extensive user feedback that in order to successfully remediate code scanning alerts it's of crucial importance that the work can be tracked and...
### Value Prop Today, only PATs (Personal Access Tokens) _Classic_ can interact with the Enterprise account - managing SCIM and users, creating organizations, setting policy, and provisioning self-hosted runners, as...
### Value Prop To enable Dependabot to use packages in private registries, GitHub Advanced Security users have to set up credentials in a `dependabot.yml` for every repository, which takes a...
### Value Prop We aim to improve the visibility and impact of Dependabot by helping GitHub Advanced Security customers prioritize which Dependabot alerts to address first. To achieve this, we...
### Value Prop Today, Dependabot’s `schedule.interval` supports only predefined intervals: daily, weekly, and monthly. Users need a more flexible way to schedule custom Dependabot update frequencies. ### Expected Outcome Introducing...
### Value Prop A new organization-level configuration option for adding secrets to access private registries will improve coverage for buildless CodeQL scans for Java and C#. Developers will have more...
### Value Prop While using open source software (OSS) brings well-demonstrated benefits like leveraging community innovation and empowering developers to focus on differentiated value, it also introduces risks, from security...
### Value Prop GitHub is creating a complete enterprise context that will simplify administration at scale and improve the experience managing user and integration access to multiple organizations. In this...
### Value Prop All Enterprise-level features, current and future, support the fine-grained permissions model, for both user roles and GitHub App installations. The result is that enterprise administrators can delegate...
### Value Prop This feature allows Dependabot users to optionally configure a delay for opening a Dependabot PR for a newly updated dependency until a certain amount of time has...