Search results for: actions

Improve your GitHub Action’s security posture by securing your source repository, protecting your maintainers, and making it easy to report security incidents.

Starting today, apps and tokens used to create a release via the REST API endpoint will require the workflow scope or workflows:write permission in certain cases. The workflow scope or…

GitHub is introducing GPU hosted runners for GitHub Actions to provide teams working with ML models to have a single platform to build, test and deploy from. GPU accelerated Builds…

Arm-based hosted runners are coming to GitHub Actions! Unlock the power of Arm in Actions By leveraging the power and efficiency of the Arm® architecture, GitHub is offering a new…

Actions environments now makes it more secure to review and control deployments using manual approvals. Previously, any user could trigger a workflow and also manually approve/reject a deployment job targeting…

We now allow defining selected tag patterns for securing your deployments that can run against Actions environments. Previously environments supported ‘Protection Rules’ for restricting deployments only for selected deployment branches.…

Due to security restrictions, users can no longer use GITHUB_ENV to set the NODE_OPTIONS environment variable in their workflows. Developers who have NODE_OPTIONS set as an environment variable will now…

Apple silicon (M1) hosted runners can now be used by any developer, team, or enterprise! You can try the new runners today by setting the runs-on: key to macos-latest-xlarge or…

Speed up your GitHub Actions jobs on macOS with all new, faster Apple silicon powered M1 macOS larger runner for arm64.

Recently, we’ve been working to make our CI experience better by leveraging the newly released GitHub feature, Actions larger runners, to run our CI.

Node 16 has reached its end of life, prompting us to initiate its deprecation process for GitHub Actions. Our plan is to transition all actions to run on Node 20…

Actions customers will now be able to clear stuck workflows by forcing a cancel request from the REST API. This is a new feature and the existing endpoint to cancel…

GitHub Actions Importer now supports migrations from Bitbucket, Bamboo Server, and Bamboo Data Center. Companies using those tools can plan, test, and automate the migration of pipelines to GitHub Actions…

We have implemented a fix so that GITHUB_REF and the github.ref context value return a fully-formed ref (e.g – refs/heads/main) when a workflow is triggered as a result of a…

Enterprise Managed User namespace repositories were previously able to use GitHub-hosted Actions runners outside of the owning enterprise’s entitlements. This was not an intentional configuration. Today we have disabled the…

GitHub Actions asks customers to review their network allow list for self-hosted runners according to the requirements in our documentation. Network access to GitHub’s *.actions.githubusercontent.com is essential for the self-hosted…

With the Repository Actions Runners List, you can now view all available runners in the Actions tab of a repository. This feature is now in public beta and will be…

GitHub environments can be configured with deployment branch policies to allow-list the branches that can deploy to them. We are now security hardening these branch policies further by blocking runs…

Researchers from Purdue and NCSU have found a large number of command injection vulnerabilities in the workflows of projects on GitHub. Follow these four tips to keep your GitHub Actions workflows secure.

We will be moving the private beta of required workflows on GitHub Actions to Repository Rules to give organization administrators a powerful way to protect their repositories with added feature…

Today, we are announcing public beta of the new experience for deployments across environments. 🎉 Developers and DevOps managers can now view and track the full history of deployments in…