Notice of upcoming deprecations and breaking changes in GitHub Actions runners

GitHub Actions will be making the following deprecations and breaking changes in our runners and services over the next 6 months.

Exclude hidden files by default in Upload Artifact GitHub Actions
From September 2nd, 2024, we will no longer include hidden files and folders as part of the default upload of the v3 and v4 upload-artifact actions. This reduces the risk that credentials are accidentally uploaded into artifacts. Customers who need to continue to upload these files can use a new option, ‘include-hidden-files’, to continue to do so.

Ubuntu 20 & Ubuntu 22 arm64 Images
On September 3rd, 2024, we are deprecating the Ubuntu 22/20 base images for our arm64 hosted runners as these are not widely used and customers are better served using the new Arm owned images. At that time all workflows using the Ubuntu 22 or 20 base image on arm64 will begin to fail. To change the image your runner is using, you can delete the runner and recreate a runner with the same name, to prevent failures. We recommend using the partner images provided by Arm:

  • Ubuntu 24.04 by Arm Limited
  • Ubuntu 22.04 by Arm Limited

.NET6 deprecation in the runner
In October, 2024, at the same time as we move to Node20 on the Actions runner, we will be deprecating .NET6 in the Actions runner and moving to .NET8. This is because .NET6 will reach end of life in November 2024. Any customers who are still using operating systems which are reliant on unsupported binaries will need to upgrade prior to this change. The removal of support for .NET6 means the following operating systems will no longer be supported from this time:
– Debian 10
– macOS 11.0
– macOS 10.15

Along with those already marked as unsupported in our changelog for the removal of Node16.

macOS12 runner image
We are beginning the deprecation process for the macOS 12 runner image, which allows us to balance our fleet capacity ahead of our upcoming macOS 15 launch. This image will be fully retired by the December 3rd, 2024. We recommend updating workflows to use `macos-14`, `macos-13`, or `macos-latest`.

Unsupported macOS labels
On December 3rd, 2024, we are deprecating some of our older and less used labels which are used for smaller numbers of workflows. The following runner labels will stop working from that time:

  • macos-11.0
  • macos-12-xl
  • macos-13-xl
  • macos-13-xl-arm64
  • macos-latest-xl
  • Macos-latest-xl-arm64

Prevention and autofix insights for CodeQL pull request alerts

You can now track prevention metrics for CodeQL pull request alerts with the new CodeQL pull request alerts report—available at both the organization and enterprise level. These insights empower you to proactively identify and mitigate security risks before they reach your default branch.

Enterprise-level CodeQL pull request alerts report

With this report, you can historically track metrics for CodeQL pull request alerts as code moves from feature branches to the default branch. Gain insights into:

  • Unresolved and merged alerts: Understand what security vulnerabilities made it to the default branch.
  • Fixes (autofix and manual): Track which alerts were addressed before merging.
  • Dismissed alerts: See which alerts were deemed false positive or risk accepted.

Additionally, analyze metrics by CodeQL rule, autofix status, and repository.

Historical data is available starting from May 1, 2024.

To access these reports, click your profile photo in the top-right corner of GitHub.com and select the organization or enterprise you want to view. For organizations, go to the Security tab and find CodeQL pull request alerts in the sidebar. For enterprises, click Code Security in the sidebar, then select CodeQL pull request alerts.

These reports are now generally available on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.15.

Learn more about security overview and join the discussion within the GitHub Community.

See more

Content Exclusion beta now supports non-Git files

You can now exclude non-Git files from being accessed by Copilot, in addition to Git files. This update gives you greater control over the content Copilot can access, ensuring that it will not access files that an organization owner has marked for exclusion, whether the files are part of a Git repository or not.

How to exclude non-Git files

The wildcard scope has expanded to include both files within and outside Git repositories, supporting the exclusion of non-Git files.

Previously

Wildcard rules applied exclusively to files within the Git repository. For example:

"*":
  - /test1 # => Blocks from the root of all git repositories: `/test1`

Now

Wildcard rules apply to files within the Git repository and the filesystem root. For example:

"*":
  - /test1 # => Blocks from the root of all git repositories AND the filesystem root: `/test1`, `/test1`

Note: These changes to our Content Exclusion beta apply to the latest versions of both the VS Code and JetBrains Copilot extensions, covering the code completions and chat features in each.

See more
View all changes