Enterprise administrators and billing managers can now set hard budget limits for GitHub Advanced Security (GHAS) SKUs, preventing teams from exceeding their allocated license budgets.

Previously, license-based products like GHAS only supported soft budgets. Admins could set a spending target and receive email notifications at 75%, 90%, and 100% thresholds, but the product did not enforce the limit. This could lead to accidental overspending, especially during user onboarding flows such as IdP group provisioning where licenses are automatically assigned.

With hard budget limits, once a GHAS budget threshold is reached, additional license usage is blocked, and GHAS won’t be enabled on new repositories until the budget is increased or licenses are freed. This gives enterprises precise control over their security spending at the organization level.

What’s new

  • Enforceable license limits for GHAS: Set a hard budget in license count and GitHub will prevent new license assignments once the limit is met.
  • License-to-cost transparency: When configuring a budget, a real-time estimate shows the dollar equivalent (e.g., X licenses ≈ ~$Y/month), so admins always know their remaining capacity, even for mid-month additions.
  • Smart defaults for existing usage: If your enterprise already has active GHAS licenses, the new budget floor will be set to at least your current billable license count to avoid disruption.
  • Continued alerting: Email notifications at 75%, 90%, and 100% thresholds remain active alongside hard limits, keeping admins informed as usage approaches the cap.
  • Organization-level control: Enterprises can allocate license budgets scoped to a cost center and limit spending for the organizations assigned to the cost center. Organizations on the Team plan can also allocate license budgets for the organization to limit spending.

Getting started

Hard budget limits for GHAS can be configured in your enterprise billing settings under Budgets & alerts. Both new and existing customers can create hard budgets. Existing soft budgets can be migrated to the new license-based format through in-product flows.

To learn more, see Preventing overspending in the GitHub documentation.

Join the discussion within GitHub Community.