GitHub-hosted runners: Public Beta of Ubuntu 24.04 is now available

We are happy to announce the beta release of the Ubuntu 24.04 image for GitHub Actions hosted runners. To start using this in your Actions workflows, update your workflow file to include runs-on: ubuntu-24.04

jobs:
  build:
    runs-on: ubuntu-24.04
     steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '20'
      - run: npm install -g bats
      - run: bats -v

Some users may notice differences in workflows as the Ubuntu 22.04 image has different tools and tool versions, see the full list of changed software.

If you spot any issues with your workflows when using Ubuntu-24.04, or if you have feedback on the software installed on the image, please let us know by creating an issue in the runner-images repository.

While the runner image is in beta, you may experience longer queue times during peak usage hours.

dependabot-core is now open source with an MIT license

We’re excited to announce that the dependabot-core project is being relicensed under the MIT License, making it easier for the community to contribute to Dependabot.

Keeping dependencies updated is a crucial part of securing your software supply chain, and Dependabot has been helping GitHub users do this since 2019. It’s used by millions of developers each month to keep their dependencies up-to-date and free of known security vulnerabilities. We don’t charge anyone to use Dependabot, because we think everyone should be able to use open source without fear of vulnerabilities.

dependabot-core is the component of Dependabot that defines the logic to create pull requests for dependency updates across the 20+ languages and package managers it supports today. The update logic in dependabot-core is tightly integrated with the rest of GitHub’s Dependabot features, such as grouped updates and auto-triage rules, and contributions from collaborators have helped with its support of Swift and improvements to NuGet. By adopting the MIT license, we will simplify the process for members of the community to contribute to Dependabot and innovate together.

Dependabot-core was previously available under the Prosperity Public License 2.0, and has received contributions from more than 300 developers over the past few years. Now, the MIT license will make it easier than ever for members of the community to join our cause to improve the security of all the world’s software. If you’d like to learn more about contributing to dependabot-core, please check out the repository, and drop us an issue or pull request!

See more

GitHub Copilot Metrics Updates

We’ve updated how we calculate Last Activity to give you better clarity and are pausing access to the Team endpoint in the Metrics API.

Updating the Last Activity calculation

Ahead of the GitHub Copilot Metrics API launch, we made an update to how we calculate Last Activity in order to provide more useful information for admins. Previously, this data point indicated the last time a user generated a Copilot authentication token, which happened automatically if the user’s editor was active. This did not mean the user was engaging with Copilot but rather, the extension was ensuring it could provide completions or chat access if needed.

To align this data point with actual usage, we updated our system to grab the most recent instance where the user deliberately engaged with the Copilot system. These actions include but are not limited to:
– Code completion suggestions show
– Chatting with Copilot Chat in IDEs
– Creating or updating a knowledge base
– Creating a pull request summary
– Interacting with Copilot on GitHub.com

As part of this update, we also needed to perform system cleanup on the vast amount of previous token generated events that were no longer relevant to providing this data point. Some data was erroneously removed but has since been restored.

The Last Activity date should be consistent across the CSV generated via Get Report in Copilot Access settings as well as through the Seats Management API.

Pausing access to Team slicing in the GitHub Copilot Metrics API.

Based on trends in feedback, the product team has learned that the Teams route of the Metrics API returns data that is not meeting the goals of our intended customer experience. In light, they have made the decision to temporarily pull the Teams route from production as of May 9th, 2024. During this time, the team will implement a collection of fixes intended to improve end users’ data experience and plan to re-enable the route by the end of June, at latest.

We understand this may be disappointing but the team is working to restore access as soon as possible. You can provide feedback and follow along for updates via this Discussion.

See more
View all changes