Skip to content

Codespaces now offers an organizational policy to restrict container images

With an organizational level policy to restrict container images, organization administrators can now control which base container images are used while creating organization-owned codespaces. This enables administrators to ensure that only verified container images are being used to create organization-owned codespaces.
allowed image policy screenshot

Organization admins can specify which images and/or image sources are allowed to be used while creating organization-owned codespaces. If the image specified in the dev container configuration does not match one of the allowed images, then subsequent codespace creation will fail asking you to update the image in your configuration. The base image policy does not apply to the default image, or the image that's used to recover a codespace if an error is introduced into a dev container configuration which prevents the container from being rebuilt.

For this release, the image policy will be applied at codespace creation and will not be applied when you rebuild a container. Support for the rebuild scenario is coming soon. We'd love your feedback on this policy and any additional policies that will help your scenarios on Codespaces discussions.

For more information, see Restricting base images for organization-owned codespaces

Preview Changes in Your Web Editor

Have you ever launched an application in your codespace only for the running application to get lost in a sea of browser tabs? Today we're announcing the ability to preview your running application directly in your web editor.

Update your Preview URL

Supporting this feature required a change to the URL of previewed applications from to This is potentially a breaking change. If you rely on a preview url in any project you will need to update your code to reflect the new URL format.

Alternatively, the environment variable GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN gives you access to the domain that your application will forward to. This will enable you to code in this variable anywhere you have hard-coded the preview URL.

See more

Starting today, customers can now enjoy larger runners without any pre-configuration work. GitHub now automatically creates a default runner group configured with four larger runners of our most popular sizes so users can start using larger runners right away.

The default runner group is called "Default Larger Runners" and can be managed by Organization or Enterprise admins. To begin using these runners, simply add the label corresponding to the runner of your choice to your workflow file.

Description Label Image
4-cores Ubuntu Runner ubuntu-latest-4-cores Ubuntu – Latest
8-cores Ubuntu Runner ubuntu-latest-8-cores Ubuntu – Latest
16-cores Ubuntu Runner ubuntu-latest-16-cores Ubuntu – Latest
8-cores Windows Runner windows-latest-8-cores Windows Server – Latest

Note that this change only applies to customers who are onboarded to the beta on October 20, 2022 and later.

Interested in learning more about larger hosted runners? Read the announcement here or sign up for the beta here

See more