Skip to content

Privately report vulnerabilities to repository maintainers

Open source maintainers can now opt-in to private vulnerability reporting, a dedicated communications channel where the community can disclose security issues directly to you on GitHub.

You can see reports sent to you under the new "Needs triage" status on your advisories list:
Screen Shot of Advisories tab

If the report is accepted, it becomes a draft security advisory. The reporter remains involved unless explicitly removed, so you can collaborate on phrasing the resulting draft advisory or fixing the issue in a private fork.

GitHub Codespaces with included free usage is now rolling out to all GitHub Free and Pro accounts. Over the coming days you'll see a new option under the green "Code" button (where you are used to getting the info you need to clone a repository) that enables you to spin up and manage cloud based development environments that free you from the pain and hassle of setting up and maintaining local configurations. Until now, only Teams and Enterprise managed GitHub Organization members had access to Codespaces.

With this update, GitHub will provide each Free plan account 120 core hours, or 60 hours of run time for a 2 core codespace, plus 15 GB of storage to use each month. Pro accounts get 180 core hours and 20 GB storage per month. You can see how much included usage is remaining for your account during the current billing period on your billing page. If you use up all of your included usage, it is easy to set up a spending limit and keep working. For more details see "About billing for GitHub Codespaces."

We hope that everyone will take Codespaces for a spin, and come join us in the community discussion space to tell us your story!

See more

This changelog only applies if you participated in the beta program for Codespaces for Individuals.

Today marks the start of the rollout of Codespaces for Free and Pro accounts, and thus the end of the beta for Individuals. Unfortunately, this also ends unlimited free use of Codespaces.

The good news is that this marks the beginning of much broader collaboration with more people who can now take advantage of included free compute and storage. All Free and Pro GitHub accounts receive a generous amount of free included usage each month.

Note that the default spending limit for GitHub Codespaces is $0. So even if you already have a payment method configured with GitHub, you will not automatically be billed unless you change your spending limit.

The rollout will take place over several days, so these changes will affect you in the coming days. For more details see “About billing for GitHub Codespaces.”

For those who participated, a heartfelt THANK YOU for all the feedback that has been instrumental to our getting to this milestone.
We hope that you’ll continue to enjoy Codespaces, and come join us in the community discussion space to tell us your story!

See more