Changelog

Subscribe to all Changelog posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

Performance improvements for the organizational feed

Rolled up push events grouping

What’s changing?

As part of our effort to help optimize activity feed load times and reduce timeouts, we’re migrating the organizational feed to a newer infrastructure. This migration from our existing system to an improved infrastructure will enable us to have a more performant experience for all users interacting with the organizational feed.

While this change is primarily back end, with minimal impact to the user experience, organizational feed users may notice a slight change to the UI. In our current experience, push event activity notifications have one line per event, mixed in with other event types in the feed. With this improvement, users can see all push events grouped into one card, sorted in chronological order with the most recent events appearing first.

Push events grouping unfurled

When is the change occurring?

This change will occur on April 21st, 2025 for all users that interact with the organizational feed.

Where can I experience this?

You can see these changes on the organizational feed.

See more

Organization custom instructions now available

Image of organization custom instructions on github.com

Copilot Chat on github.com now supports organization custom instructions! This feature allows Copilot Enterprise customers to set default instructions for all users in their organization, ensuring a consistent experience across teams.

Getting started

  • Navigate to your organization settings on github.com.
  • Select the Copilot tab.
  • Click Custom Instructions in the left sidebar.
  • Add your custom instructions in the provided text box.

That’s it! Copilot will now apply custom instructions to all chats by members of your organization.

Looking for inspiration? 💡

Here are some suggestions to get you started.

  • Set consistent standards: For questions related to security, always redirect to #ask-security on Slack.
  • Establish information architecture: Always refer to the Primer Knowledge Base when answering questions about frontend theming and components.
  • Steer response style: Never include code blocks in responses.
See more

MAI-DS-R1 is now generally available in GitHub Models

MAI-DS-R1 GitHub Models

MAI-DS-R1 is now available on GitHub Models.

MAI-DS-R1 is an updated version of DeepSeek-R1, refined by Microsoft AI. It handles complex queries more effectively, works across multiple languages, and provides access to previously restricted information. The model maintains the reasoning strengths of the original while improving reliability.

Try, compare, and implement this model in your code for free in the playground or through the GitHub API. Compare it to other models using side-by-side comparisons in GitHub Models.

To learn more about GitHub Models, check out the docs. You can also join our community discussions.

See more

Share Copilot Chat conversations in public preview

Share Copilot Chat conversation is in public preview

Sharing a Copilot Chat used to mean screenshots and copy-paste. Now it’s as easy as sending a link. Shared conversations are now available in public preview in immersive chat on github.com.

Sharing Copilot Chats makes it easier to:

  • 🕵 Troubleshoot with teammates—like this chat digging into a React onClick issue.
  • 🧠 Showcase learning workflows with a friend. Here’s an example walking through Python interview prep, step by step.
  • 🤗 Drop useful insights into a pull request review or team chat—like this example that clears up an open team debate.
  • 🎬️ Demo cool Copilot tricks on social—like this one where Copilot asks smart follow-up questions before jumping in.

How sharing works

  • Start a conversation. Once you enter your first prompt, the Share button will appear.
  • Click Share and copy the generated link. Anyone with the link can view the conversation.
  • If the chat includes private repository content or other restricted GitHub data, viewers will need the appropriate permissions to see it.
  • As the conversation continues, recipients will see new messages appear in real time.
  • You can unshare a conversation at any time to revoke access.

Who can use it

Shared conversations are currently in public preview for individual users (not members of organizations or enterprises). We’re actively working on expanding access to all Copilot users soon.

Learn more about sharing Copilot Chat conversations and send us your feedback

See more

Scheduled Codespaces maintenance on April 21 and 22

Codespaces will be undergoing global maintenance from 16:30 UTC on Monday, April 21 to 16:30 UTC on Tuesday, April 22. Maintenance will begin in our Europe, Asia, and Australia regions. Once it is complete, maintenance will start in our US regions. Each batch of regions will take approximately three to four hours to complete.

During this time period, users may experience intermittent connectivity issues when creating new Codespaces or accessing existing ones.

To avoid disruptions, ensure that any uncommitted changes are committed and pushed before the maintenance starts. Codespaces with uncommitted changes will remain accessible as usual after the maintenance is complete.

See more

Copilot commit message generation now in public preview on GitHub Desktop

Introducing AI-powered commit message generation with Copilot—available in the latest GitHub Desktop Beta. With a click of a new button in the commit message box, get your changes to upstream with speed, confidence, and an AI-crafted summary.

Screenshot of Copilot Commit Message Generation on GitHub Desktop

Copilot commit message generation is available to Copilot Free and all paid Copilot subscribers. Organizations and enterprises can enable it through the “Copilot in GitHub Desktop” policy.

Try it out today—download the GitHub Desktop v3.4.19-beta3 and see how Copilot can supercharge your commit process. Tell us what you think in the GitHub Desktop open source repo.

See more

Cohere Command A and Embed 4 now generally available in GitHub Models

Cohere Command A and Embed 4 release on GitHub Models

The latest AI models from Cohere, Command A and Embed 4, are now available on GitHub Models.

Command A is a multilingual model designed for business-critical applications like retrieval-augmented generation (RAG) and agentic tasks. It excels at supporting knowledge assistants, improving demand forecasting, and optimizing eCommerce search.

Embed 4 is a multilingual model that transforms text, images, and mixed formats into unified vector representations. It is well-suited for processing high-resolution images and extracting key details from files like PDFs, slides, and tables.

Try, compare, and implement Command A in your code for free in the playground. Both Command A and Embed 4 are also available through the GitHub API for seamless integration into your applications.

To learn more about GitHub Models, check out the docs. You can also join our community discussions.

See more

OpenAI o3 and o4-mini are now available in public preview for GitHub Copilot and GitHub Models

o3 and o4-mini release in GitHub Copilot and GitHub Models

OpenAI’s latest reasoning models, o3 and o4-mini, are now available in GitHub Copilot and GitHub Models bringing next-generation problem-solving, structured reasoning, and coding intelligence directly into your development workflow.

These models represent a major leap forward in capability and efficiency:

  • o3 is the most capable reasoning model in the o-series, ideal for deep coding workflows and complex technical problem solving.

  • o4-mini is the most efficient model in the series, combining low latency with high-quality output, full tools support, and multimodal inputs.

Both models are optimized for real-world development and support advanced features like function calling, structured outputs, and long-context handling (up to 200K tokens). Whether you’re building agentic tools, analyzing contracts, writing algorithms, or debugging across multiple layers, these models are designed to help you move faster with more accuracy and insight.

Availability in GitHub Copilot

o4-mini is now rolling out across all GitHub Copilot plans and o3 is available to Enterprise and Pro+ plans. You can access them through the model picker in Visual Studio Code and in GitHub Copilot Chat on github.com. To accelerate your workflow, whether you’re debugging, refactoring, modernizing, testing, or just getting started, select “o3” or “o4-mini” to begin using a new model. Stay tuned for updates on additional availability.

Enabling access

Copilot Enterprise administrators will need to enable access to these models through a new policy in Copilot settings. As an administrator, you can verify availability by checking your individual Copilot settings and confirming that policy is set to enabled for the specific model. Once enabled, you’ll see the model in the Copilot Chat model selector in VS Code and on github.com.

To learn more about the models available in Copilot, see our documentation on models and get started with Copilot today.

Availability in GitHub Models

Both o3 and o4-mini will also be available through GitHub Models, enabling developers to experiment, build, and deploy AI-powered features faster than ever. In the GitHub Models playground, you can experiment with sample prompts, refine your ideas, and iterate as you build. You can also try them alongside other models, including those from Cohere, DeepSeek, Meta, and Microsoft.

To learn more about GitHub Models, check out the GitHub Models documentation.

Share your feedback

Have feedback or questions? Join the community discussion to share feedback and tips.

See more

Using vision input in Copilot Chat with Claude and Gemini is now in public preview

Copilot looking at Claude and Gemini models

You now have more choices when chatting with Copilot about images in VS Code, Visual Studio, and on the immersive mode on github.com. Starting today, you can use the vision capability with the Claude Sonnet 3.5, Claude Sonnet 3.7, Gemini 2.0 Flash, Gemini 2.5 Pro, and GPT-4o models.

Some ideas to get you started:

  • Add screenshots of errors with Copilot to have it interpret the image and suggest solutions for the issue.
  • Share mockups of new designs, and Vision will help you bring them to life.
  • Ask questions about architecture diagrams.

Currently, the supported image types are JPEG/JPG, PNG, GIF, and WEBP.

When using Vision on VS Code and Visual Studio, make sure you have the Copilot Editor Preview Features policy enabled to get access. On github.com, get started simply by selecting a Claude or Gemini model from the model picker.

This feature was previously only available for GPT-4o in VS Code and Visual Studio and on github.com.

To learn more, read the documentation about using Vision in Copilot Chat.

Please share your feedback in our community discussions.

See more

CodeQL support for Java and C# private registries is now generally available

When CodeQL scans repositories with Java and/or C# code that depend on packages in private registries—but don’t include those registry addresses in their Maven, Gradle, or NuGet configuration files—the analysis now uses private registry addresses configured at the organization level. This makes it even easier to roll out CodeQL’s Java and C# analysis at scale.

Last year we enabled CodeQL build-mode: none scans to access private dependencies stored in private registries (e.g. Artifactory) for Java and C# projects. This required the addresses of the private registry to be defined in the project configuration. With this change, projects that relied on configurations defined in the build systems or locations external to the project will be able to use private registries.

This makes your scans more comprehensive, ensuring you receive all important alerts regardless of where your dependencies are stored.

This officially marks the end of the preview phase for CodeQL Java/C# private registry support; this feature is now generally available on GitHub.com. It will also roll out with GitHub Enterprise server version 3.18.

See more

GitHub Copilot Chat for Eclipse is now generally available

GitHub Copilot Chat for Eclipse is now generally available

GitHub Copilot Chat is now generally available for Eclipse! If you’re an Eclipse user, you can take advantage of AI-powered assistance with both code completions and in-editor chat assistance today.

Key features of GitHub Copilot Chat for Eclipse

  • Chat view: Ask Copilot for help with coding tasks directly in the chat view.  To learn more about this, see our documentation.

  • Model Selector for Chat: GitHub Copilot allows you to change the model during a chat. To learn more about this, see our documentation.

  • Slash commands: Use quick commands, like /explain for code explanations.

  • Reference code: Scope chats to specific files for more relevant assistance.

  • ABAP Enablement: GitHub Copilot for Eclipse has introduced enablement for ABAP, allowing users to leverage Copilot’s capabilities while working with ABAP code. GitHub Copilot for Eclipse uses the currently available models described in the documentation, without any specific fine-tuning for ABAP.

Try it out

To access GitHub Copilot Chat for Eclipse, you’ll need a Copilot license.

Once you have a license, follow the steps outlined in the Getting Started guide.

Feedback

Your feedback drives improvements. Let us know what you think using the in-product feedback option, or share your thoughts with the GitHub Community.

Join us on this journey as we continue to enhance GitHub Copilot for Eclipse and deliver a smoother developer workflow!

See more

Upcoming breaking changes and releases for GitHub Actions

We’re introducing new controls for automation workflows, enhancing security and flexibility for teams. Additionally, we’ve released updates to Actions runner controller designed to improve performance, customization, and compatibility with evolving deployment strategies. As part of our commitment to maintaining up-to-date infrastructure, we’re retiring older images and encouraging users to transition to newer, more efficient options.

Copilot events not automatically triggering GitHub Actions workflows is in public preview

Copilot authored events will no longer automatically trigger GitHub Actions workflows – administrators will now need to approve these workflows to run.

The approval mechanism is the same as approving runs from forks. This means that a run requiring approval will be given the action_required conclusion before any jobs are started. Users with write access in the UI or actions:write fine-grained access through the API can approve any action_required run. Any triggered workflow runs associated with the same PR in the action_required state will show up in the PR merge box for approval.

If a run is not approved after 30 days, it will be deleted.

Join the discussion within GitHub Community.

Windows Server 2019 is closing down

We’re beginning the process of closing down the Windows server 2019 hosted runner image, following our N-1 OS support policy. This image will be fully retired by June 30, 2025. We recommend updating workflows use windows-2022 or windows-2025.

To raise awareness of the upcoming removal, we’ll temporarily fail jobs using the windows-2019 label starting in June 2025. The brownouts will occur on the following dates and times:

  • June 3 13:00 – 21:00 UTC
  • June 10 13:00-21:00 UTC
  • June 17 13:00-21:00 UTC
  • June 24 13:00-21:00 UTC

Actions runner controller release 0.11.0

The latest ARC release (0.11.0) includes two major product enhancements and numerous quality-of-life improvements.

Customers can now set custom annotations and resources, enabling them to use deployment methods like ArgoCD and Helm.

In addition, ARC customers experienced performance issues due to high cardinality metrics, particularly around labels such as runner name, ID, job workflow ref, and others. This significantly impacted resource consumption in Prometheus instances. With this release, customers can now configure metrics, enabling them to choose elements relevant to their reporting strategy.

All included changes in this release can be found in the release notes.

Updates to the network allow list for Azure private networking

GitHub previously reported the network communication requirements for Azure private networks as they relate to the upcoming release of immutable actions. Please use the IPs listed in the NSG template within our documentation, as previous changelog communications contained overlapping CIDR ranges.

See more

CodeQL 2.21.0 supports TypeScript 5.8 and expands language coverage

CodeQL version 2.21.0 has been released and includes TypeScript 5.8 support, a new Java query to detect exposed Spring Boot actuators, and support for new JavaScript libraries.

TypeScript 5.8 support

CodeQL can now analyze code written in TypeScript version 5.8, helping you find and automatically remediate security issues in the latest TypeScript projects, all without additional configuration.

Improved Java analysis

The community-contributed query java/spring-boot-exposed-actuators by @ggolawski has been promoted out of experimental status and is now included in the default code scanning query pack. This query helps you identify publicly accessible Spring Boot actuators, preventing unintended information disclosure.

Expanded JavaScript framework coverage

We’ve extended our JavaScript analysis to include popular modern frameworks and libraries:

  • Apollo Server: Added support for analyzing data coming from GraphQL when using @apollo/server.
  • React Relay: Added analysis support for React applications using the react-relay library.
  • SAP ecosystem: Added CodeQL support for analysis of SAP packages, including @sap/hana-client, @sap/hdbext, and hdb.
  • TanStack: Added support for analyzing applications using the @tanstack/angular-query-experimental package.

For a full list of changes, please refer to the complete changelog for version 2.21.0. Every new version of CodeQL is automatically deployed to users of GitHub code scanning on github.com. The new functionality in CodeQL 2.21.0 will also be included in GitHub Enterprise Server (GHES) version 3.18. If you use an older version of GHES, you can manually upgrade your CodeQL version.

See more

Sunset notice for automatic watching of repositories and teams

Highlight of the automatic watching section within Notification Settings

On May 18, 2025, we’re deprecating the automatic watching of repositories and teams. We’re making this change in order to:

  • Reduce notification noise: You’ll receive fewer unexpected notifications, especially when joining large organizations with many repositories.
  • Improve efficiency: You’ll be able to focus on the notifications that matter most, without unnecessary subscriptions.
  • Minimize confusion: You won’t have automatic watching behavior that some users found unclear or overwhelming.

Existing repository subscriptions created through auto-watching will not be impacted. Users will remain subscribed to repositories or teams they were previously watching.

To review or adjust your current repository subscriptions, visit the Watching section. For more detailed notification preferences, head to Notification Settings.

See more

OpenAI GPT-4.1-mini and GPT-4.1-nano are now generally available in GitHub Models

GPT-4.1-mini and GPT-4.1-nano release on GitHub Models

Alongside the launch of GPT-4.1 in GitHub Models, we’re introducing GPT-4.1-mini and GPT-4.1-nano—lightweight variants of OpenAI’s latest model. Designed for high performance with lower cost and latency, these models are ideal for real-time applications and workloads that involve parallel or chained model calls.

Both inherit the core strengths of the GPT-4.1 series, including enhanced coding capabilities, improved instruction following, long-context understanding, and multimodal support (text and image). With features like parallel function calling and structured output generation, GitHub Models users can now choose the right-sized model for their specific needs—whether building chatbots, coding copilots, or AI-powered agents.

  • GPT-4.1-mini: Combines strong general-purpose reasoning with low cost and latency, supporting both text and vision use cases.

  • GPT-4.1-nano: Offers even lower cost and latency, ideal for lightweight tasks and high-frequency usage at scale.

Try, compare, and implement these models in your code for free in the playground (GPT-4.1-mini and GPT-4.1-nano) or through the GitHub API.

To learn more, visit the GitHub Models documentation, and join the community discussions to share feedback and connect with other developers.

See more

GitHub Actions token integration now generally available in GitHub Models

You can now use the built-in GITHUB_TOKEN from GitHub Actions to authenticate requests to GitHub Models. This simplifies your workflows by integrating AI capabilities directly into your actions, eliminating the need to generate and manage Personal Access Tokens (PATs).

With this update, creating and sharing AI-driven GitHub Actions has never been easier. Add AI to your workflows effortlessly, whether it’s generating issue comments or reviewing pull requests.

Try it out today and streamline your automation with integrated AI.

GitHub Models empowers every developer to effortlessly incorporate AI into their GitHub workflows.

For more details, check out our documentation or join our community discussions.

See more

Secret scanning expands default pattern and push protection support

GitHub regularly updates the default pattern set for secret scanning with new patterns and upgrades of existing patterns, ensuring your repositories have comprehensive detection for different secret types.

The following new patterns were added over the last few months. Secret scanning automatically detects any secrets matching these patterns in your repositories. See the full list of supported secrets in the documentation.

Provider Token Partner User Push protection
Bitrise bitrise_personal_access_token
Bitrise bitrise_workspace_api_token
Buildkite buildkite_user_access_token
LinkedIn linkedin_client_secret
Mailersend mailersend_smtp_password
Naver Cloud navercloud_gov_access_key
Naver Cloud navercloud_gov_access_key_secret
Naver Cloud navercloud_gov_sts
Naver Cloud navercloud_gov_sts_secret
Naver Cloud navercloud_pub_access_key
Naver Cloud navercloud_pub_access_key_secret
Naver Cloud navercloud_pub_sts
Naver Cloud navercloud_pub_sts_secret
Neon neon_api_key
Neon neon_connection_uri
Pangea pangea_token
Planning Center planning_center_oauth_access_token
Planning Center planning_center_oauth_app_secret
Planning Center planning_center_personal_access_token
Ramp ramp_client_id
Ramp ramp_client_secret
Ramp ramp_oauth_token
RunPod runpod_api_key
Sourcegraph sourcegraph_access_token
Sourcegraph sourcegraph_dotcom_user_gateway
Sourcegraph sourcegraph_instance_identifier_access_token
Sourcegraph sourcegraph_license_key_token
Sourcegraph sourcegraph_product_subscription_token

The following existing patterns were upgraded to be included in push protection. When push protection is enabled, secret scanning automatically blocks any pushes that contain a secret matching these patterns.

Provider Token
Atlassian atlassian_jwt
Azure azure_web_pub_sub_connection_string
Azure microsoft_corporate_network_user_credential
Azure azure_app_configuration_connection_string
Beamer API Key beamer_api_key
Checkout.com checkout_test_secret_key
Duffel duffel_test_access_token
Dynatrace dynatrace_internal_token
eBay ebay_sandbox_client_id ebay_sandbox_client_secret
Frame.io frameio_jwt
Google google_oauth_refresh_token
Google google_oauth_access_token
Lob lob_test_api_key
Mailgun mailgun_api_key
Notion notion_oauth_client_secret
Pulumi pulumi_access_token
RubyGems rubygems_api_key
Sentry sentry_integration_token
Sentry sentry_org_auth_token
Sentry sentry_user_app_auth_token
Sentry sentry_user_auth_token
Shopee shopee_open_platform_partner_key
Shopify shopify_app_client_credentials
Shopify shopify_custom_app_access_token
Shopify shopify_partner_api_token
Shopify shopify_private_app_password
Square square_access_token
Square square_production_application_secret
Square square_sandbox_application_secret
SSLMate sslmate_api_key
SSLMate sslmate_cluster_secret
Stripe stripe_test_secret_key
Tableau tableau_personal_access_token
WorkOS workos_staging_api_key
Yandex yandex_dictionary_api_key
Yandex yandex_cloud_api_key

Learn more about securing your repositories with secret scanning.

See more

Copilot extension for GitHub Models now requires updated permissions

The Copilot extension for GitHub Models now requires the models:read permission in order to access GitHub Models APIs. Users will need to reauthorize the extension by accepting the new permission via the email notification sent from GitHub.

This change follows our March 18 changelog, which announced that GitHub Apps and fine-grained PATs accessing GitHub Models would require the models:read permission.

If the updated permission is not granted, functionality like @models in chat may stop working.

To learn more about GitHub Models, check out the docs. You can also join our Community discussions.

See more

Windows arm64 hosted runners now available in public preview

Now in public preview, Windows arm64 hosted runners are available for free in public repositories. This runner comes with a Windows 11 Desktop image, fully equipped with all the tooling you need to quickly get started running your workflows. Following the release of linux arm64 hosted runners in January, this now extends to Windows support for the open source-community. These four vCPU runners provide a power-efficient compute layer for your Windows workloads. Arm-native developers can now build, test, and deploy entirely within the arm64 architecture without the need for virtualization on your actions runs.

How to use the runners

To leverage the arm64 hosted runners, add the following labels in your public repository workflow runs:

  • windows-11-arm

Please note that this label will not work in private repositories—the workflow will fail if you add it. All runs in public repositories will adhere to our standard runners usage limits, with maximum concurrencies based on your plan type. While the arm64 runners are in public preview, you may experience longer queue times during peak usage hours.

Images for arm64 larger runners

In partnership with Arm, there is now a Windows 11 desktop arm64 image with preinstalled tools available for all GitHub runner sizes, including both the new free offering and our existing arm64 larger runners. To use the new image on larger runners, you can create a new runner and select the Microsoft Windows 11 Desktop by Arm Limited image in the Images console.

To view the list of installed software, give feedback on the image, or report issues, visit the partner-runner-images repository.

Get started today!

To get started building windows on arm64 for free, simply add the new label to the runs-on syntax in your public actions workflow file. For more information on arm64 runners and how to use them, see our documentation and join the conversation in the Community discussion.

See more
View more changes