GitHub Actions Importer now supports migrations from Bitbucket, Bamboo Server, and Bamboo Data Center. Companies using those tools can plan, test, and automate the migration of pipelines to GitHub Actions…
We have implemented a fix so that GITHUB_REF and the github.ref context value return a fully-formed ref (e.g – refs/heads/main) when a workflow is triggered as a result of a…
Enterprise Managed User namespace repositories were previously able to use GitHub-hosted Actions runners outside of the owning enterprise’s entitlements. This was not an intentional configuration. Today we have disabled the…
GitHub Actions asks customers to review their network allow list for self-hosted runners according to the requirements in our documentation. Network access to GitHub’s *.actions.githubusercontent.com is essential for the self-hosted…
With the Repository Actions Runners List, you can now view all available runners in the Actions tab of a repository. This feature is now in public beta and will be…
GitHub environments can be configured with deployment branch policies to allow-list the branches that can deploy to them. We are now security hardening these branch policies further by blocking runs…
Researchers from Purdue and NCSU have found a large number of command injection vulnerabilities in the workflows of projects on GitHub. Follow these four tips to keep your GitHub Actions workflows secure.
We will be moving the private beta of required workflows on GitHub Actions to Repository Rules to give organization administrators a powerful way to protect their repositories with added feature…
Today, we are announcing public beta of the new experience for deployments across environments. 🎉 Developers and DevOps managers can now view and track the full history of deployments in…
On October 11, 2022, we annouced plans to deprecate the save-state and set-output workflow commands on May 31, 2023. We have since decided to postpone the removal given the amount…
Node12 has been out of support since April 2022. As a result we started the deprecation process of Node12 for GitHub Actions by migrating all actions to run on Node16…
GitHub Actions – OpenId Connect (OIDC) integration with AWS is now optimized to avoid pinning any intermediary certificate thumbprints. While configuring GitHub as an OIDC IdP (ID Provider), AWS now…
Auto-scaling self-hosted runners using the Actions runner controller and runner scale sets is now in generally avaliable. Learn more about scalling self hosted runners and share your feedback with us…
We have received customers reporting errors with Actions’ OIDC integration with AWS. This happens for customers who are pinned to a single intermediary thumbprint from the Certificate Authority (CA) of…
Introducing a new tool to monitor and control the permissions of the repository token for GitHub Actions.
Today, we are announcing that larger hosted runners for GitHub Actions are generally available for paid Team and Enterprise Cloud plans! This feature has been in public beta since September…
For securely enabling OpenID Connect (OIDC) in your reusable workflows, we are now making the permissions more restrictive. If you need to fetch an OIDC token generated within a reusable…
Node12 has been out of support since April 2022. As a result we have started the deprecation process of Node12 for GitHub Actions. We plan to migrate all actions to…
Enterprise administrators can now disable repository level self-hosted runners across organizations and enterprise user namespaces. Once this new setting has been enabled users will no longer be able to register…
You can now create single-use self-hosted runners without time-limited registration tokens using the REST API. When a runner registers using this API it will only be allowed to run a…
Low-code enables developers and non-developers to build custom applications and solutions with less effort. In this blog, we show you how to automate your low-code deployments using GitHub Actions.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
