Subscribe to all Changelog posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

GitHub Codespaces recently released multiple updates to improve visibility into monthly spend:

  • Organization administrators whose organization's codespace usage is paid for by the enterprise can now see month-to-date spending in their organization, even though their organization is not directly paying for this usage.
  • All organization administrators with access to billing reports can now see projected codespaces spend in the month. This calculation is an estimate based on the past seven days of codespace usage.

org admin billing screen with projected usage

With these improvements, organization administrators can get a better sense of how large of a bill they can expect to pay at the end of the month, and remain aware of how much they are billing back to their enterprise.

Additional Resources

See more

Today's changelog introduces a new global page to find all of your projects!

🌐 Global Projects page

You will now find all of your relevant and commonly used projects in a single place at This page is found from the global navigation menu under Projects and can be used to find projects you've recently viewed or created, regardless of the organization or where they live. No more searching across organizations and tabs for the project you are looking for!

Bug fixes and improvements

  • Improved the table column ... menu and configuration options
  • Included Field sum configurations when copying a project or using a project template
  • Fixed a bug where uploaded files were not rendering in the project README or draft items
  • Fixed a bug where items could not be added to an empty roadmap view with a Group by field
  • Fixed a bug where invalid chart configurations prevented copying a project or using a project template
  • Fixed a bug where setting a project as a template gave an error message

See how to use GitHub for project planning with GitHub Issues, check out what's on the roadmap, and learn more in the docs.

Questions or suggestions? Join the conversation in the community discussion.

See more

This month, we made some big improvements to GitHub Copilot! Copilot Chat is now powered by GPT-4 and we updated the model used to detect off-topic chat queries. In VSCode, we are announcing the public beta of code referencing. We also introduced “agents” and the ability to generate commit messages with Copilot. In addition, we improved the context for explaining code and updated the Copilot menu UI. In JetBrains IDEs, we introduced partial acceptance of code suggestions.

Copilot Chat is powered by GPT4

We upgraded the Copilot Chat experience, bringing more accurate and useful code suggestions with OpenAI‘s GPT4 model.

Offtopic model improvements for Copilot Chat

As part of our safety featuresweve improved our off-topic model to detect chat queries which do not relate to programming. This should result in significantly fewer filtered responses.

Code referencing in VSCode is now in Public Beta

In August, we announced the Private Beta of code referencing in VSCodeThis feature searches across billions of files on public GitHub repositories for code that matches a Copilot suggestionSince then, we’ve heard your feedback, and we’re shipping with a new and redesigned experience. One of the top points of feedback was that the original flow resulted in too many notifications. To fix this, if theres a matchusers will find its information displayed in the Copilot console log, including where the match occurred, any applicable licensesand a deep link to learn more. If you are interested in code references, you can refer to the window, otherwise, it won’t be in your way.

The deep link will now take you to a navigable page on to browse examples of the code match and their repository licensesand see how many repositories — including ones without licenses — that code appears in, as well as links to those repositories.

Learn more about Copilot code referencing and let us know your thoughts in the GitHub Community!

Introducing “agents” in Copilot Chat in VSCode

We have introduced a new capability called “agents” to enhance your interaction with Copilot Chat. Agents are like specialized experts who can assist you with specific tasks. You can mention them in the chat using the @ symbol. Currently, there are two agents available:

  • @workspace: This agent has knowledge about the code in your workspace and can help you navigate it by finding relevant files or classes. The @workspace agent uses a meta prompt to determine what information to collect from the workspace to help answer your question.
  • @vscode: This agent is knowledgeable about commands and features in the VSCode editor itself, and can assist you in using them.

Each agent also supports slash commandsThe slash commands you may have used before should now be used with an agent. For example, /explain is now @workspace /explain.

Read more in the VSCode release notes.

Improved explanation context in Copilot Chat in VSCode

You can ask Copilot Chat to explain a code selection in your active editor either through the @workspace /explain command or through the “Explain with Copilot” action in the context menu. Copilot Chat has now integrated implementations of referenced symbolssuch as functions and classes, which leads to explanations that are more precise and useful. This works best across files when you have an extension contributing language services installed for one of the following languages: TypeScript/JavaScript, Python, Java, C#, C++, Go, or Ruby.

Commit message generation using Copilot in VSCode

Copilot can now generate commit messages based on the pending changes using the new “sparkle” action in the Source Control input box.

Updated Copilot menu in VSCode

Our Copilot menu in VSCode is now more visible and aligned with our design for JetBrains IDEs. It is now easier to understand the current status of Copilot, access the various settings or documentation.

The new menu is displayed when clicking on the Copilot icon in the lower right corner in the statusbar of VSCode.

JetBrains partial acceptance for code suggestions

The Copilot extension for JetBrains IDEs has leveled up! You now have the flexibility to incorporate code suggestions piece by piece, whether that’s word-by-word or line-by-line. Feel free to customize these shortcuts as you preferHappy coding!

We welcome your feedback on Copilot! Please join the discussion in the GitHub Community.

See more

A GitHub codespace is a development environment provided by a container that runs on a virtual machine (VM). The development environment that the developer works within is defined by the dev container configuration. The VM configuration defines the operating system which builds and runs the dev container. GitHub maintains this VM configuration, and regularly upgrades it to improve security, functionality, and performance.

While our regular security patching does not impact capabilities, occasionally we need to upgrade components that may have an impact on the way the container environment functions in certain cases. Therefore, we are introducing a way to opt into the beta image configuration, allowing you to test the changes in your specific environments and provide feedback before we ship the changes to the stable image.

host image preference screenshot

The upgraded host image is initially made available as a beta release, which enables you to ensure your existing dev container configurations are compatible with the next iteration of the VM configuration. Once enabled, all newly created or resumed codespaces will use the specified host configuration. This enables you to test your configurations without impacting other developers who use the same dev container. You may switch between the beta and stable host configurations at any time. Whenever you switch, all of your subsequently created or resumed codespaces will receive the configuration you specified. Changing this setting does not impact currently running codespaces.

Additional Resources

See more

Beginning January 8th, 2024, we will be making changes to the repository insights UI and API on GitHub for repositories with over 10,000 commits. The targeted UI and API have very low usage and rely on a legacy service we’re moving away from.

User Interface Updates

We are removing the following data:

  1. Under Insights > Contributors, we are removing addition/deletion counts for repositories with over 10,000 commits, as well as the dropdown that shows the graphs associated with additions and deletions. All the commit counts and commit count graphs will remain unchanged.
Current page Repos with over 10,000 commits after the change is made
The current Insights > Contributors tab The new tab which shows no dropdown for additions and deletions, and no addition and deletion counts
  1. Under Insights > Code Frequency, we will only show data for repos with under 10k commits.
Current page Repos with over 10,000 commits after the change is made
The current Insights > Code Frequency tab which shows a graph of additions and deletions over time The new tab which shows that there are too many commits to generate this graph

REST API Modifications

Alongside the UI changes, the following API changes will be implemented:

  1. The REST API responses for repositories with 10,000+ commits will report 0 values for the addition and deletion counts to improve performance. This impacts the /repos/{owner}/{repo}/stats/contributors endpoint to get all contributor commit activity
  2. The /repos/{owner}/{repo}/stats/code_frequency API endpoint will return a 422 status code for repos with 10,000 or more commits.
    • This is different from the previous two because this endpoint only returns additions/deletions, which we will no longer return for repos with over 10k commits. The previous two endpoints also return the total number of commits, which we will continue to generate.

For users who continue to need detailed addition and deletion statistics for large-scale repositories, we suggest using the following Git command, as described in the Git documentation:

git log --pretty="format:%m%ad----%ae%n%-(trailers:only,unfold)" --date=raw --shortstat --no-renames --no-merges

See more

GitHub Advanced Security users can now use the REST API to enable or disable secret scanning validity checks for a repository, organization, or enterprise. Validity checks retrieve a status for supported tokens from their relevant partner (active, inactive, or unknown). This status is displayed in the secret scanning alert view and the REST API.

See more

We have partnered with our sister team at Microsoft to bring some improvements to the NuGet ecosystem for Dependabot updates:

  • Updater logic re-written in C#, making it easier for users of NuGet to contribute to dependabot-core
  • Improvement in detection of where package dependencies are declared in .NET projects
  • Improved support for implicit dependencies
  • Improved support for peer dependencies

Learn more about Dependabot.

See more


Weve released the following improvements to your homepage feed.

  1. You now have the option to include or exclude events from starred repositories, in addition to the default events from repositories you sponsor or watch.

       2. You will now see cards for when someone has forked one of your repositories.

See more

We're committed to continually improving your experience with GitHub Support, and part of that commitment involves enhancing the personalization of our services.

Starting December 8, you will need to be signed-in to your GitHub account to access our Support portal. This change will be rolled out gradually to ensure a smooth transition for all our customers. If you already have a GitHub account, please sign in as usual when accessing the Support Portal. If you don't have an account or are unable to sign in, we'll guide you through a simple email verification process.

We're excited about this change and confident that it will make your experience with GitHub Support more secure and personalized.

See more

CodeQL 2.15.3 is rolling out to users of GitHub code scanning on this week, and all new functionality will also be included in GHES 3.12. Users of GHES 3.11 or older can upgrade their CodeQL version.

Important changes in this release include:

For a full list of changes, please refer to the complete changelog for version 2.15.3.

See more

Shortly after releasing Copilot content exclusions on November 8, 2023, our team observed that the feature was causing clients to be incorrectly blocked from using Copilot. This necessitated an immediate rollback of this feature.

What Happened?
Once the feature was enabled for all Copilot Business customers, we observed a spike in errors and some end-users being completely blocked from using Copilot. The problem was related to the way content exclusions policies are fetched from the client.

Current Actions and Next Steps:
Our engineering team is engaged in deploying the necessary fixes. We have identified the faulty code in the client and are also deploying more verifications both server and client side to ensure this does not happen again. However, we want to approach the reintroduction of this feature with caution. Customers who had previously setup a content exclusions configuration are not affected by the rollback.

We expect to re-deploy the feature within the next few weeks.

Join the discussion within GitHub Community.

See more

Auto-triage rules are a powerful tool to help you reduce false positives and alert fatigue substantially, while better managing your alerts at scale. We've heard your feedback, which is helping us improve throughout this beta period.

Starting today, you can now create Dependabot auto-triage rules using CVE IDs or GHSA IDs to target subsets of alerts.

How do I learn more?

How do I provide feedback?

Let us know what you think by providing feedback — we’re listening!

See more

Organization owners can now create and assign custom organization roles, which grant members and teams specific sets of privileges within the organization. Like custom repository roles, organization roles are made up of one or more fine-grained permissions, such as “read audit logs” or “manage repository rulesets”, and apply to the organization itself rather than the repository. This feature is available in all Enterprise Cloud organizations and will come to GitHub Enterprise Server by version 3.13.

A screenshot of the role creation page, with a new role called "Auditor" that grants access to just the audit log permission.

Today, organization custom roles supports 10 permissions:

Roles can be assigned by an organization owner only, to prevent accidental escalation of privileges, and can be assigned to users and teams. Multiple organization roles can be assigned directly to a user or team. Users and teams inherit roles from the teams they are a part of.

A screenshot showing a user that's assigned to two different roles.

More organization permissions will be built over time, similar to how repository permissions were added as well. If you have a specific permission you’d like to see added please get in touch with your account team or let us know in the discussion below. Everything you can see in the organization settings menu is an option, and we’ll be working with teams across GitHub to get those permissions created.

To learn more about custom organization roles, see “About custom organization roles“, and for the REST APIs to manage and assign these roles programmatically see “Organization roles“. For feedback and suggestions for organization permissions, please join the discussion within GitHub Community.

See more

The GitHub Enterprise Server 3.11 release candidate is here

GitHub Enterprise Server 3.11 gives customers more visibility of their instance. Here are some highlights:

  • Code scanning's default setup now does even more to protect your code, by performing scans on a weekly scheudule (in addition to scanning pushes and pull requests) and allowing you to include Swift in your analysis.
  • View repository history using the new Activity view, to see repository activity like pushes, merges, force pushes, tag changes, and branch changes, and associate them with commits and users.
  • The value of secret scanning is now much more clear thanks to push protection metrics that are available in an organization's security overview pages.
  • A GitHub CLI extension for the Manage GitHub Enterprise Server API allows customers to interact with their GitHub Enterprise Server instance via the gh command-line interface.

Release Candidates are a way for you to try the latest features early, and they help us gather feedback to
ensure the release works in your environment. They should be tested on non-production environments.
Read more about the release candidate process.

Read more about GitHub Enterprise Server 3.11 in the release notes,
or download the release candidate now.
If you have any feedback or questions, please contact our Support team.

See more

We're simplifying how Dependabot operates! Previously, if Dependabot encountered errors in its last run, it would automatically re-run the job when there were changes in the package manifest (like adding or changing dependencies). This often led to Dependabot running more than needed and creating unscheduled pull requests. To streamline the process and stick to the schedules you set, this automated re-run feature is being deprecated.

Dependabot will still run jobs according to your schedule, and you'll have the option to manually trigger jobs whenever necessary.

See more

In the upcoming days, Codespaces will be adding the Australia region to prebuild configurations under region availability. This will enable users to have prebuilds specifically in Australia.

How do I get access to Prebuilds in the Australia region?

If you would like to have Australia selected as a region, go to your prebuilds and select the Australia region.

What if I already have all regions selected for my Prebuilds?

If you have all regions currently selected you will have all regions except for Australia selected once this change is implemented. This will be change to ensure users do not get billed in a region they do not want.

If you would like to have all regions, including Australia, selected, please go to your prebuilds and select all regions again.

What if I am already using the Southeast Asia as a region?

Prebuild configurations with Southeast Asia already selected as a region with users in Australia may experience decreased codespace creation time as Australia will now be a separate region from Southeast Asia. To continue to get improved codespace creation time, add Australia as a region under region availability.

Please contact support if you have any issues.

See more

copilot in the cli banner image

Learn your way around the command line with GitHub Copilot by your side!

We’re excited to announce the launch of a brand new GitHub CLI extension that’s now available as public beta — GitHub Copilot in the CLI.

GitHub Copilot in the CLI brings GitHub Copilot right to your terminal, where you can ask it to do things like explain how a command works or suggest a command for a task you want to perform. Learn more about the extension in our docs and provide us your feedback on our repo.

See more