False-alert flags will appear in audit logs due to a bug in branch protections

Organizations and enterprises using branch protections may see false-alert flags in their security log for protected_branch.policy_override and protected_branch.rejected_ref_update events between January 6 and January 11, 2023.
These events were improperly emitted due to a change in the underlying logic that checks if branch protection criteria have been met.

No action is required from impacted users with regards to these events. GitHub has a policy to not delete security log events, even ones generated in error. For this reason, we are adding flags to signal that these events are false-alerts.

an audit log entry with the flash message displayed above it

JUN.17Improvement
Limit open pull requests for users without write access
- Collaboration Tools
JUN.11Release
GitHub Enterprise Server 3.21 is now generally available
- Collaboration Tools
MAY.13Release
GitHub Enterprise Server 3.21 release candidate is available
- Collaboration Tools
MAY.8Improvement
Disable commit comments on the user level
- Collaboration Tools
APR.23Improvement
Global pull requests dashboard moves to opt-out public preview
- Collaboration Tools
APR.23Improvement
Disable commit comments across your organization
- Collaboration Tools
APR.22Improvement
GitHub Copilot for Jira: Our latest enhancements
- Collaboration Tools
APR.9Improvement
New Sort by control added to Notifications
- Collaboration Tools
APR.9Improvement
Repository member role labels now in pull request list view
- Collaboration Tools

False-alert flags will appear in audit logs due to a bug in branch protections

Related Posts

Subscribe to our developer newsletter