Changelog

Subscribe to all Changelog posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

New Enterprise accounts have metered billing for Git LFS

Enterprise accounts on GitHub.com, created after June 2, 2024, along with organizations owned by these accounts, have access to the enhanced billing platform. This includes enhanced billing for Git Large File Storage (LFS). Enterprises who participated in the beta program also have access to this platform. Other Enterprise accounts on GitHub.com, and Free, Pro, and Team accounts, will gain access to the enhanced billing platform in the coming months.

The enhanced billing platform transitions Git LFS from a pre-paid, quota-based model (data packs) to a post-paid, usage-based model (metered billing). This new platform offers better spending control and detailed visibility, allowing for a clearer understanding of your usage with more granular controls.

Additionally, GitHub is increasing the free, included amount of Git LFS resources for Enterprise accounts on the enhanced billing platform. They will now receive 250 GiB of storage and 250 GiB of download bandwidth per month at no cost. Beyond these amounts, storage for Git LFS files will cost $0.07 per GiB per month (USD), and download bandwidth will cost $0.0875 per GiB per month (USD).

For more information, visit “About enhanced billing for Git Large File Storage” and “Using the enhanced billing platform for enterprises.”

Questions or suggestions? Join the conversation in the community discussion.

See more

Actions: Arm-based linux and windows runners are now in public beta

Today, GitHub announced the public beta of ArmⓇ-based Linux and Windows hosted runners for GitHub Actions.
This new addition to our suite of hosted runners provides power, performance & sustainability improvements for all your Actions jobs. Developers can now take advantage of Arm-based hardware hosted by GitHub to build and deploy their release assets anywhere Arm architecture is used. These runners are priced at 37% less than our x64 Linux and Windows runners.

The Arm64 runners are fully managed by GitHub with an image built by Arm containing all the tools needed for developers to get started. To view the list of installed software, give feedback, or to report issues with the image, head to the new partner runner images repository.

Arm runners are available to customers on our Team and Enterprise Cloud plans. We expect to begin offering Arm runners for open source and personal accounts by the end of the year.

Get Started

Customers can begin using these runners today by creating an Arm runner in their organization/enterprise, then updating the runs-on syntax in their Actions workflow file to call that runner name.
More information on how to set up Arm-hosted runners can be found in our public documentation.
To learn more about hosted runner per minute rates, see our rate table.

We’re eager to hear your feedback on these runners, share your thoughts on our GitHub Community Discussion.

See more

Invoice as a Payment Option for Sponsorships Made Easy

We’ve streamlined the process for organizations to request invoices as a payment option for GitHub Sponsors. The service agreement for invoiced payments has moved out of the invoice request flow and added to the GitHub Sponsors additional terms.

If your organization is already receiving invoices for Sponsorships, there’s no need to worry. Your invoicing and current agreement will remain unchanged.

For more information on invoice payments for GitHub Sponsors, please visit Paying for GitHub Sponsors by Invoice.”

See more

GitHub Desktop 3.4 – Reset to Commit and Accessibility Settings

GitHub Desktop 3.4 lets you reset back to a specific commit quickly with “Reset to Commit” and improves discoverability of key application controls.

Resetting to Commit

With Reset to Commit, it takes one click to set your local history back to your latest pushed commit, with all of the reverted changes landing back into your changes list. While similar to using the undo function, Reset to Commit allows for resetting more than one commit at a time. By adding a new way to modify your history, Reset to Commit fits right along side undoing, reverting, amending, squashing, reordering, and cherry-picking features.

GitHub and the Desktop team are committed to making GitHub Desktop a tool for all developers. With GitHub Desktop 3.4, links are underlined by default and checkmarks are used in the diff to indicate whether a line is selected to be committed. These changes are aimed to enhance discoverability, be keyboard-accessible, and be semantically marked up to enable interaction with assistive technologies.

For users who want to opt out of these changes, check out the new Accessibility settings pane to customize your experience.

Automatic updates will roll out progressively, or you can download the latest GitHub Desktop here.

See more

GitHub Copilot Enterprise – Copilot knows about repositories, releases, commits + more May 2024 updates

We’re excited to introduce a wave of updates this May 🌟 in GitHub Copilot Enterprise!

Copilot Chat in GitHub.com has leveled up 🔋. It can now summarize and answer questions about your repositories, releases, commits and more.

  • Learn about repositories: Copilot can answer questions about a repository or compare repositories based on its owner, description, stars & forks count, and various timestamps. To learn more, see “Asking exploratory questions about a repository” in the GitHub docs.
  • Try it yourself: Navigate to a repository on GitHub.com, and ask Copilot to Tell me about this repo

  • Ask about releases: Copilot can now tell you about a release or retrieve the most recent release in a repository. Ask Copilot to summarize the latest release from your favorite open source projects and use Copilot to dig into issues or changes tied to the release notes. To learn more, see “Asking exploratory questions about a repository” in the GitHub docs.

  • Try it yourself: Navigate to an open source repository on GitHub.com, and ask Copilot to Tell me about the latest release

  • Understand changes happening in your codebase: Copilot can now list changes (commits) related to a pull request and dig into specific commits if you need to understand a change in detail. To learn more, see “Asking a question about a specific commit” in the GitHub docs.

  • Try it yourself: Navigate to a commit on GitHub.com, and ask Copilot to Summarize the changes in this commit

Don’t know where to begin? Copilot Chat on GitHub.com now makes suggestions when you open a new conversation based on where you are. Whether you’re summarizing issues, creating unit tests, or discovering what Copilot can do, Chat already knows your GitHub context and what you might be trying to achieve.

With these latest updates for Copilot Enterprise, it’s now easier for you to get up to speed on your repos, their releases and latest changes faster and more seamlessly. You can learn more in our docs.

See more

Secret scanning validity checks now included in the alert timeline

GitHub secret scanning lets you know if your secret is active or inactive with partner validity checks. These checks are run on an ongoing basis for supported providers for any repositories that have enabled the validity check feature.

Starting today, secret validity will now be reflected in an alert’s timeline, alongside the existing resolution and bypass events. Changes to a secret’s validity will continue to be included in an organization’s audit log.

Sign up for a 60 minute feedback session on secret scanning and be compensated for your time.

Learn how to secure your repositories with secret scanning or become a secret scanning partner.

See more

Sunset Notice – Tag Protections

Starting today, we will begin work towards the sunset of tag protections, with a full deprecation planned for August 30, 2024. See below for a full sunset timeline. You can migrate existing tag protections with the import to ruleset feature.

We launched repository rules last year to meet the needs of tag protection rules, while also scaling support to provide new functionalities like org-wide rules, granular restrictions for creating, reading, and updating events, and a more granular bypass model that does not require repository administrator permissions. As we such, we will sunset tag protections in favor of our ongoing investment in the repository rulesets platform.

You can import existing tag protection rules today with the existing migration feature. If no action is taken before the sunset date, GitHub will migrate all existing tag protections into a corresponding ruleset.

When are changes happening?

GitHub.com Timeline

  • May 30 : Repositories without tag protection rules will no longer be able to add new protection rules via the GitHub.com UI
  • July 24 through August 14 : A series of API brownouts will be run, see below for additional details on dates and times.
  • August 30, 2024: All tag protection rules will be migrated to a new tag ruleset. All REST and GraphQL API endpoints will be deprecated

GitHub.com API Timeline

  • May 30: API responses will include a deprecation notice
  • July 24: 1 hour API brownout
  • August 7: 8 hour API brownout
  • August 14: 24 hour API brownout
  • August 30: The tag protection rule API will begin responding with NULL data
  • The tag protection rules API will be deprecated in the next calendar version

GitHub Enterprise Server Timeline

  • Version 3.14: Tag protection rules will be marked for deprecation with an in-product banner and API responses will include a deprecation notice
  • Version 3.15: No changes will be made
  • Version 3.16: Tag protection rules will be migrated to a ruleset and the tag protection rule feature will no longer be available

Join the discussion within GitHub Community.

See more

United States Sales Tax and Exemptions on your GitHub Account

Starting August 19th, 2024, we will begin collecting state-mandated sales tax, where and when applicable, from paying customers in the United States to align GitHub with industry standard regulatory practices. All United States customers are required to update payment information (specifically your address) to ensure the correct sales tax amount is assessed. If you are a paying customer, there will be a tax line on your receipt that provides a breakdown of the applicable taxes for the GitHub products and services you have purchased.

As of today, you will have the ability to make updates on the Payment Information page. Please update your address and provide the following information if applicable:

  • We have updated the address collection fields to require:
    • Street Address
    • City
    • Zip Code +4 (5-digit ZIP required, +4 as optional)
  • If you qualify for an exemption or as a tax-exempt entity, you MUST submit an applicable and fully completed sales tax exemption certificate for review and approval on the Payment Information page.

You will have until August 19, 2024 to make these changes. Failure to do so may result in a disruption of service.

To learn more about how to make updates to your payment information, please click here to view a step by step guide. For more information on how to submit a sales tax exemption certificate, please click here.

See more

Secret scanning now automatically performs validity checks for closed alerts

Secret scanning will now continually run validity checks on closed alerts, similarly to the behavior for open alerts today. You can still request on-demand checks for supported secret types from the alert at any time.

Validity checks indicate if the exposed credentials are active and could possibly still be exploited. GitHub Advanced Security customers on Enterprise Cloud can enable validity checks at the repository, organization, or enterprise level from your Code security settings.

Sign up for a 60 minute feedback session on secret scanning and be compensated for your time.

Learn how to secure your repositories with secret scanning or become a secret scanning partner.

See more

Sunset Notice – Projects (classic)

Today, we are announcing the sunset of GitHub Projects (classic), which will follow individual sunset timelines for GitHub.com, GitHub Enterprise Server, and the REST API. Please see the details below for more information.

In July 2022, we announced the general availability of the new and improved Projects, powered by GitHub Issues. Since then, these new Projects have expanded to include a variety of features such as roadmaps, mobile support, project templates for organizations, project status updates, and unlimited items.

As we continue to invest in and enhance the future of Projects, we will be sunsetting Projects (classic). To migrate your existing classic projects to the new projects, please click Start migration on the banner at the top of your classic project:

The sunset will follow these timelines:

GitHub.com Timeline

  • May 23, 2024: A banner to migrate will be visible on classic projects, with the migration tooling included. Creation of new classic projects will be disabled.
  • August 23, 2024: Projects (classic) will be officially sunset. All unmigrated classic projects will automatically be migrated to new projects.

GitHub Enterprise Server Timeline

  • August 27, 2024: Projects (classic) will be marked for deprecation in version 3.14. A banner to migrate will be visible on classic projects, with the migration tooling included.
  • November 19, 2024: Projects (classic) will be removed in version 3.15.

REST API Timeline

See more

Code security and secret scanning insights for your enterprise (public beta)

Gain valuable insights and effectively monitor your enterprise’s security landscape and progress with two new enterprise-level pages: the security overview dashboard and secret scanning metrics.

New overview dashboard on the security tab at the organization level

Key features

  • Customizable filters: Select specific time periods and focus areas such as security tool, team, or custom repository property.
  • Comprehensive data: Trending and snapshot data provide a robust security landscape overview.
  • Detailed metrics: Includes metrics such as the average age of security alerts, mean time to remediate, and push protection statistics.

To access these new enterprise-level views, navigate to your enterprise account. In the enterprise account sidebar, click Code Security. The new pages are accessible to organization owners and organization security managers, with data scoped to the repositories and alerts you have access to.

These two pages are now available as a public beta on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.14.

Learn more about security overview, managing code security for your enterprise, and send us your feedback

Questions or suggestions? Join the conversation in the community discussion.

See more

Compliance Reports for Free and Team Organizations

All organization owners now have access to a Compliance tab within their organization’s settings page. This page has been available for all organizations on the GitHub Enterprise plan, but is now extended to organizations on the Free and Team plans as well.

To access the latest compliance and certification reports for your organization, navigate to https://github.com/organizations/<yourorganization>/settings/compliance. The reports you can expect to see for an organization on a Free or Team plan will be SOC 3, ISO/IEC 27001:2013 certification, and CSA CAIQ.

To learn more, read about accessing compliance reports for your organization.

 

See more

Copilot Extensions now in Limited Public Beta

GitHub Copilot Extensions Limited Beta announcement

GitHub Copilot Extensions is now in Limited Public Beta. With extensions, you can now extend the capabilities of GitHub Copilot Chat and enhance the experience to perform a wide range of actions across third-party tools, services, and data. Create feature flags, check log errors, access API documentation, and even deploy your application to the cloud all through natural language.

We’re starting with GitHub Copilot Extensions from DataStax, Docker, Lambda Test, LaunchDarkly, McKinsey & Company, Octopus Deploy, Pangea, Pinecone, Product Science, ReadMe, Sentry, and Teams Toolkit on the GitHub Marketplace. In the coming weeks, all users will be able to access extensions from Stripe, MongoDB, and Microsoft (including Teams Toolkit and Office) on Visual Studio Marketplace for VS Code as well.

Sixteen GitHub Copilot Extensions from GitHub Copilot partners laid out as grid of tiles

Currently, access to Copilot Extensions is limited to a small set of users and we are planning to gradually roll out larger-scale access as we learn more & gather feedback. To learn more about Copilot Extensions and how to use them, check out the documentation and the GitHub Marketplace.

If you’re looking to build a GitHub Copilot Extension, there are several ways. Join the Copilot Partner Program to explore opportunities to bring your developer tools and services into the GitHub Copilot ecosystem and have extensions light up across all supported clients (VS Code, Visual Studio, and Github.com). If you’re looking to build a VS Code extension specifically, documentation is available here.

Questions or suggestions? Join the conversation in the community discussion.

See more

Actions: Upcoming changes to GitHub-hosted macOS runners

GitHub Actions has recently made changes to the available macOS runner images and the GitHub meta API. Below is a summary of the changes and possible impact to your use of GitHub-hosted macOS runners:

macOS latest migration

GitHub announced in April 2024 the general availability of macOS 14. As of today, we have completed the migration and all macos-latest workflows now use macOS 14.

macOS 11 deprecation and removal

In January 2024, GitHub announced the deprecation of macOS 11 and the removal of the runner image by June 2024. The macOS 11 runner image will be removed on 6/28/2024. We recommend updating workflows to use macos-14, macos-13, macos-12, or macos-latest. Reminder emails will be sent to those who have used the macOS 11 runner image in the past 30 days. Jobs using macOS 11 will temporarily fail during scheduled time periods to raise awareness of the upcoming removal. The schedule can be found below:

  • June 17 2024, 8:00 AM – 2:00 PM EST
  • June 19 2024, 12:00 PM – 6:00 PM EST
  • June 24 2024, 3:00 AM – 9:00 PM EST
  • June 26 2024, 8:00 AM – 2:00 PM EST

macOS runner IP ranges

Developers and teams have requested that Actions separate macOS runner IP ranges from the rest of Actions so they can allow list them. As of today, developers can isolate macOS runners from the rest of Actions in the GitHub API by using the actions_macos object. The IP addresses may change periodically due to new hardware being brought online or maintenance being performed. To ensure that developers have the most up-to-date information, the IP addresses are refreshed every Monday at 12:30 PM EST.

You can always get up-to-date information on our tools by reading about the software in the runner images repository. For more information on how to use the GitHub API, please see our docs. If you run into any problems or need help, please contact GitHub Support.

See more

Updated dates for Actions runner using Node20 instead of Node16 by default

Following on from our announcement of the end of Node16 support we have a new timeline for Node16 end of life in Actions.

On June 30th 2024, we will change the default from Node16 to Node20.
To opt out of this and continue using Node16 while it is still available in the runner, you can choose to set ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true

We will then continue to monitor Node16 usage and will communicate a timeline for the removal of Node16 at the start of October, based on the volume of continued use. This means that customers who use the environment variable to continue to use Node16 now have until October to complete their migrations.

Join the discussion within GitHub Community.

See more

The GitHub Enterprise Server 3.13 Release Candidate is available

The GitHub Enterprise Server 3.13 release candidate is here

GitHub Enterprise Server 3.13 gives customers more fine-grained control over deployment requirements, and enhanced security controls. Here are a few highlights:

  • We are introducing a new feature for repositories called custom properties, a major enhancement to how repositories are managed and classified across GitHub organizations. Properties offer a flexible way to add meaningful metadata to your repositories that simplifies repository classification, enhances discoverability, and seamlessly integrates with rulesets. Check out the demo! For more information, see custom properties for repositories.

  • Elasticsearch will be upgraded from version 5 to version 8, when the appliance is upgraded to 3.13. Elasticsearch powers all search experiences in GHES including code search and audit logs. Upgrading ES5 to ES8 allows the platform to take advantage of better performance and improved security posture in ES8. For more information regarding what to expect during ES8 upgrade, see Preparing for Elasticsearch upgrade in GHES 3.13. Downnload the 3.13 RC candidate now, upgrade your staging environment and share your feedback with us!

  • Enterprise and organization audit log events now include the applicable SAML and SCIM identity data associated with the user. For more information, see Reviewing the audit log for your organization.

  • Developers who use devcontainer.json files to define their development containers will now be able to use Dependabot version updates to keep their dependencies in the container up-to-date. Once configured in dependabot.yml, Dependabot will open PRs on a specified schedule to update the listed dependencies to latest.

  • Pull Requests rebases are now faster! Under the hood, rebase commits now use the merge-ort. Rebases that timed out for large repositories before are now a lot more likely to be successful.

  • Using Project Status Updates, you can now provide high level details on the status, timing, and progress of your project, directly from the project! This makes it easy to know and share with others how your work is progressing, any risks, and a history of when and why something changed, all in the same place where you’re tracking your work.

Release Candidates are a way for you to try the latest features early, and they help us gather feedback to
ensure the release works in your environment. They should be tested on non-production environments.
Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.13 in the release notes,
or download the release candidate now.
If you have any feedback or questions, please contact our Support team.

See more

New dates for Actions larger runner multi-label deprecation

Updating our announcement we made on the 16th of April, we have a new timeline for the removal of multi-labels for larger runners.

Brownouts will now be run on the 29th of May between 18:00 and 20:00 UTC, during this time multi label larger runner jobs will fail to start. Customers will then no longer be able to use multiple labels or target non-name labels on larger runners after the 17th of June.

To prepare for this change and avoid any disruption, please ensure the runs-on: references only the runner name in your workflows prior to the dates above.

Join the discussion within GitHub Community.

See more

Deprecated in 2021, the GitHub Enterprise Support Portal will be turned off on 31st May, 2024.

The enterprise support portal at https://enterprise.githubsupport.com/ has been deprecated since November 1, 2021. However, it has continued to remain accessible to view past tickets. That is now changing. In order to streamline your support experience, we are going to turn the portal off and it will no longer be accessible after May 31st, 2024.

Action required: If you have used this portal to reference old tickets not available on support.github.com, we recommend that you copy any important information from those tickets to another location before the end of this month.

You must visit support.github.com with a support entitled account to open new support tickets about your GitHub enterprise cloud account.

See more

GitHub-hosted runners: Public Beta of Ubuntu 24.04 is now available

We are happy to announce the beta release of the Ubuntu 24.04 image for GitHub Actions hosted runners. To start using this in your Actions workflows, update your workflow file to include runs-on: ubuntu-24.04

jobs:
  build:
    runs-on: ubuntu-24.04
     steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '20'
      - run: npm install -g bats
      - run: bats -v

Some users may notice differences in workflows as the Ubuntu 22.04 image has different tools and tool versions, see the full list of changed software.

If you spot any issues with your workflows when using Ubuntu-24.04, or if you have feedback on the software installed on the image, please let us know by creating an issue in the runner-images repository.

While the runner image is in beta, you may experience longer queue times during peak usage hours.

See more
View more changes