| date: '2024-12-17' | |
| sections: | |
| security_fixes: | |
| - | | |
| Packages have been updated to the latest security versions. | |
| bugs: | |
| - | | |
| On an instance in a cluster configuration, `ghe-repl-promote` failed if the primary node was unavailable. | |
| - | | |
| In a high availability configuration, with GitHub Actions, replication would fail on nodes where MSSQL was not configured to run. | |
| - | | |
| The `--no-async` flag was not implemented for the `ghe-cluster-support-bundle` command, leading to a potentially increased load. | |
| - | | |
| Pre-receive hook environments with shared memory enabled could not access shared memory at runtime. | |
| - | | |
| For instances hosted on Azure, if a pre-upgrade check failed due to insufficient user disk size, the Management Console displayed an internal server error. | |
| - | | |
| The Enterprise Overview page incorrectly displayed a Beta label, even though it is generally available. | |
| - | | |
| After a user made changes to the isolated subdomain setting, some user assets did not display properly. | |
| - | | |
| On an instance with secret scanning enabled, when selecting repositories for a dry run of an enterprise-level custom pattern, searches for full repository names (`ORGANIZATION/REPOSITORY`) did not return results. | |
| - | | |
| When adding bypass permissions to a ruleset, the dropdown menu failed to load if one of the suggested actors was an invalid integration. | |
| - | | |
| When creating a pre-receive hook environment, attempts to include an image URL over 255 characters failed with a database error. The maximum length is still 255 characters, but the URL length is now validated before the process starts. | |
| - | | |
| On an instance with GitHub Actions disabled, status check icons on a repositorys commit list failed to render. | |
| - | | |
| Site administrators were unable to use the "Disable repository access" functionality on the site admin dashboard. | |
| - | | |
| Attempting to access the code security settings page for a non-existent enterprise returned a 500 error instead of a 404 error. | |
| - | | |
| Performing a browser back navigation to a pull request now displays up-to-date status checks. | |
| - | | |
| Jekyll-build tooling for GitHub pages could fail when using the `jekyll-relative-links` plugin, see [Failure details](https://github.com/jekyll/jekyll/issues/9544). | |
| - | | |
| The removal rate of issues from Git repositories was slower than necessary. | |
| changes: | |
| - | | |
| Log output for git maintenance now includes the time taken to complete the maintenance process. | |
| - | | |
| When exporting repositories to blob storage using the migrations REST API endpoint to start an organization migration, the maximum compressed archive size is limited to 90 GB. This is an increase from 30 GB. | |
| - | | |
| Removes the minimum date for the new commit filter bar. | |
| - | | |
| When exporting repositories using the migrations REST API, prior to blob storage upload the tarball is staged in the root volume. For more disk capacity, the tarball will now be staged in the data volume. | |
| known_issues: | |
| - | | |
| During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start. | |
| - | | |
| If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account). | |
| - | | |
| On an instance with the HTTP `X-Forwarded-For` header configured for use behind a load balancer, all client IP addresses in the instance's audit log erroneously appear as 127.0.0.1. | |
| - | | |
| {% data reusables.release-notes.large-adoc-files-issue %} | |
| - | | |
| Admin stats REST API endpoints may timeout on appliances with many users or repositories. Retrying the request until data is returned is advised. | |
| - | | |
| When following the instructions for [Replacing the primary database node](/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-the-primary-database-node-mysql-or-mysql-and-mssql), `ghe-cluster-config-apply` might fail with errors. If this occurs, re-running `ghe-cluster-config-apply` is expected to succeed. | |
| - | | |
| Running a config apply as part of the steps for [Replacing a node in an emergency](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-a-node-in-an-emergency) may fail with errors if the node being replaced is still reachable. If this occurs, shutdown the node and repeat the steps. | |
| - | | |
| {% data reusables.release-notes.2024-06-possible-frontend-5-minute-outage-during-hotpatch-upgrade %} | |
| - | | |
| When restoring data originally backed up from a 3.13 appliance onto a 3.13 appliance, the elasticsearch indices need to be reindexed before some of the data will show up. This happens via a nightly scheduled job. It can also be forced by running `/usr/local/share/enterprise/ghe-es-search-repair`. | |
| - | | |
| An organization-level code scanning configuration page is displayed on instances that do not use GitHub Advanced Security or code scanning. | |
| - | | |
| In the header bar displayed to site administrators, some icons are not available. | |
| - | | |
| When enabling automatic update checks for the first time in the Management Console, the status is not dynamically reflected until the "Updates" page is reloaded. | |
| - | | |
| When restoring from a backup snapshot, a large number of `mapper_parsing_exception` errors may be displayed. | |
| - | | |
| {% data reusables.release-notes.2025-03-03-elasticsearch-data-loss %} | |
| [Updated: 2025-03-12] | |
| errata: | |
| - | | |
| These release notes previously indicated as a known issue that on GitHub Enterprise Server 3.14.6, repositories originally imported using `ghe-migrator` will not correctly track Advanced Security contributions. | |
| The fix for this problem was already included in GitHub Enterprise Server [3.12](/admin/release-notes#3.12.0-bugs). [Updated: 2025-04-11] | |