GitHub Actions : The Windows 2016 runner image will be removed from GitHub-hosted runners on March 15, 2022

actions

October 19, 2021

As part of our ongoing efforts to keep GitHub-hosted runners updated and secure, the Windows 2016 virtual environment will be removed from GitHub Actions on March 15, 2022. We recommend you change jobs using runs-on: windows-2016 to use runs-on: windows-latest which will ensure you're always running on the latest version of Windows Server.

If you need to pin your job to a specific version of Windows Server, you can see the full list of supported versions and instructions here: supported-runners-and-hardware-resources

To raise awareness of the upcoming removal, we will temporarily fail jobs using Windows 2016 for two short 'brownout' periods. Builds that are scheduled to run during the brownout periods will fail. The brownouts are scheduled for the following dates and times:

December 1, 2021 4:00pm UTC – 10:00pm UTC
February 7, 2022 4:00pm UTC – 10:00pm UTC

Once deprecated, the Windows 2016 image is now excluded from the service level agreement and warranty therefore it is recommended that you move to a supported version of Windows before March 15, 2022.

You can learn more about our software and image guidelines for GitHub-hosted runners in the virtual environment repository. Please contact support if you experience any issues due to this change.

Secret scanning no longer supports Azure SQL connection strings in private repos

October 18, 2021

GitHub secret scanning helps protect users by searching repositories for known types of secrets. By flagging leaked secrets, our scans can prevent data leaks and prevent the fraudulent use of accidentally committed secrets.

When enabled on private repositories, GitHub secret scanning raises alerts directly to users. The quality of this experience depends on the quality of the patterns we scan for, which we are constantly refining. In line with that, we are removing our pattern for Azure SQL connection strings from our default pattern set on private repositories.

Advanced Security customers can replicate our previous pattern for Azure SQL connection strings using custom patterns with the following regex:
(?i)[a-z][a-z0-9-]+\.database(?:\.secure)?\.(?:(?:windows|usgovcloudapi)\.net|chinacloudapi\.cn|cloudapi\.de)

We intend to introduce a more general pattern for database connection strings, with a lower false positive rate, in the near future.

Check out our docs for more information on the 100+ patterns that we scan for.

See more See more

GitHub Enterprise Cloud version for GitHub Docs

October 15, 2021

In GitHub Docs, you can choose Enterprise Cloud from the "Version" drop-down to see content that aligns with the experience of using GitHub Enterprise Cloud.

Screenshot of the "Version" drop-down menu with "Enterprise Cloud" highlighted

Learn how to manage your enterprise account in the new GitHub Enterprise Cloud version of our "Enterprise administrators" documentation.

See more See more

View all changes

GitHub Actions : The Windows 2016 runner image will be removed from GitHub-hosted runners on March 15, 2022

Secret scanning no longer supports Azure SQL connection strings in private repos

GitHub Enterprise Cloud version for GitHub Docs

Subscribe to our newsletter