Skip to content

GitHub Actions: Self-hosted runner events are now included in the Audit Log

The Audit Log now includes events associated with GitHub Actions self-hosted runners. This data provides enterprise customers with an expanded data set for security and compliance audits.

New events will be incorporated into the audit log when:

  • A self-hosted runner application has started and can begin processing new jobs
  • A self-hosted runner application has stopped and will no longer process jobs

These new events are only available to customers on the Enterprise plan and can be viewed using the REST API.

Learn more about Audit Log events

For questions please visit the GitHub Actions community forum

As announced in April, Dependabot Preview is shutting down today, as it has been replaced by GitHub-native Dependabot.

To keep getting pull requests that update your packages, upgrade to GitHub-native Dependabot by merging the “Upgrade to GitHub-native Dependabot” pull request in your repository. This pull request, as well as any pull requests from the Dependabot Preview bot will remain open, but the bot itself will no longer work on your GitHub accounts and organizations.

If you have any questions or need help migrating, please contact GitHub Support.

Learn more about Dependabot in our documentation, or visit our public roadmap to see what’s next for Dependabot.

See more

API requests made by a GitHub App on behalf of a user that has authorized the app are known as user-to-server requests.

The resources that can be accessed by these requests are constrained to the set of private resources that both the App and the authorizing user can access.

GitHub is now extending this access model, allowing user-to-server requests to also read public resources over the REST API. This includes, for example, the ability to list a public repository's issues and pull requests, and to access a public repository's comments and content.

Read more about authorizing GitHub Apps.

See more