Skip to content

actions

Subscribe to all “actions” posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

View cache usage in your Action workflows

Dependency caching is one of the most effective ways to make jobs faster on GitHub Actions. You can now monitor the storage usage of your existing caches and get greater control over cache availability for your action workflows.

Actions users who use actions/cache to speed up their workflow execution times can now use our cache usage APIs to:

  • query the cache usage within each repository and monitor if the total size of all caches is reaching the upper limit of 10 GB,
  • monitor aggregate cache usage at organization level or even at enterprise level, if your GitHub organization is owned by an enterprise account.

Learn more about Managing caching dependencies to speed up workflows.

See more

Sharing GitHub Actions within your enterprise is now GA

Support for Actions in internal repositories is now generally available for GitHub organizations owned by an enterprise account.

You can innersource automation by sharing Actions in internal repositories, without publishing them publicly.
And then manage the repository settings or use our API support to allow access to workflows in other repositories:

  • In the same organization or
  • In any other organization in the enterprise

Learn more about Sharing Actions and workflows with your enterprise.

See more

Discover code scanning partner integrations on the GitHub Actions tab

GitHub code scanning supports a wide variety of code analysis engines through GitHub Actions workflows — including our own CodeQL engine. Users can now discover and configure Actions workflow templates for partner integrations straight from their repository's "Actions" tab under a category called "Security". Workflows are recommended based on the repository's content: we will suggest analysis engines that are compatible with the source code in your repository.

Configure workflow

Code scanning and our own CodeQL analysis engine are freely available for public repositories. Analysis engines and services provided by partners might require a subscription. You can also configure code scanning for organization-owned private repositories where GitHub Advanced Security is enabled.

Learn more about code scanning workflows on GitHub Actions tab.

See more

GitHub Actions: Self-hosted runners can now disable automatic updates

You now have more control over when your self-hosted runners perform software updates. If you specify the --disableupdate flag to the runner then it will not try to perform an automatic software update if a newer version of the runner is available. This allows you to update the self-hosted runner on your own schedule, and is especially convenient if your self-hosted runner is in a container.

For compatibility with the GitHub Actions service, you will need to manually update your runner within 30 days of a new runner version being available. For instructions on how to install the latest runner version, please see the installation instructions for the latest release in the runner repo.

For questions, visit the GitHub Actions community

To see what's next for Actions, visit our public roadmap

See more

GitHub Actions: Reusable workflows can be referenced locally

You can now reference local reusable workflows more easily. With this release, reusable workflows that are in the same repository as the calling repository can be referenced with just the path and filename: {path}/{filename}.

For example:

jobs:
  call-workflow-in-local-repo:
    uses: ./.github/workflows/workflow-2.yml

When referenced this way, the called workflow will be from the same commit as the caller workflow.

For questions, visit the GitHub Actions community

To see what's next for Actions, visit our public roadmap

See more

Share GitHub Actions within your enterprise

If your GitHub organization is owned by an enterprise account, you can now innersource automation by sharing Actions only within your enterprise without publishing them publicly.
You can store the Action in an internal repository, and then configure the repository settings to allow access to workflows in other repositories:

  • In the same organization or
  • In any other organization in the enterprise

These Actions in internal repositories can only be used by workflows defined in other private and internal repositories but cannot be used in workflows defined within any public repositories.

Learn more about Sharing Actions and workflows with your enterprise.

See more

GitHub Actions: Prevent GitHub Actions from approving pull requests

We have introduced a new policy setting that controls whether GitHub Actions can approve pull requests. This protects against a user using Actions to satisfy the "Required approvals" branch protection requirement and merging a change that was not reviewed by another user.

To prevent breaking existing workflows Allow GitHub Actions reviews to count towards required approval is enabled by default. However, an organization admin can disable it under the organization's Actions settings.

image

See more

Updates to the Checks Data Retention Policy

GitHub is updating the retention policy as it pertains to Checks data. Checks created by GitHub Actions and third-party GitHub Apps will be affected by the new retention policy.

Starting on February 14th, 2022 GitHub will begin archiving detailed checks data older than 400 days. As part of the archiving process we will create a rollup commit status representing the state of all checks for that commit. As a consequence, the merge box in any pull request with archived required checks will be in a blocked state and checks will need to be rerun in order to merge it.

Learn more about checks

See more

GitHub Actions: Jobs running on `windows-latest` are now running on Windows Server 2022.

Windows Server 2022 became generally available on GitHub-hosted runners in November 2021. Over the next 8 weeks, jobs using the windows-latest runner label will migrate from Windows Server 2019 to Windows Server 2022. During migration, you can determine if your job has migrated by viewing the Virtual Environment information in the Set up job step of your logs.

Use GitHub Actions to build your apps with the latest Visual Studio 2022 by updating your workflows to include runs-on: windows-latest

jobs:
  build:
    runs-on: windows-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-dotnet@v1
      - name: Build
        run: dotnet build
      - name: Run tests
        run: dotnet test

The Windows Server 2022 runner image has different tools and tool versions than Windows Server 2019. See the full list of changed software.

If you spot any issues with your workflows when using Windows Server 2022, please let us know by creating an issue in the virtual-environments repository.

See more

GitHub Actions: Changing the search order for self-hosted runners

Previously, when running a job that requires a self-hosted runner, GitHub Actions would look for self-hosted runners in the repository, organization, and enterprise, in that order.

We are changing that behavior so that the first available matching runner at any level will run the job in all cases. This allows jobs to be sent to self-hosted runners much faster, especially for organizations and enterprises with lots of self-hosted runners.

Learn more in the documentation

See more

GitHub Actions: Improvements to GitHub Actions starter experience

Getting started with GitHub Actions just got easier! Now, when you want to create an Actions workflow in the Actions tab of your repository, the workflow recommendations will be based on repository analysis that detects elements, such as programming language, build tools, frameworks, and package managers.

For example, if a repository contains a Node.js application that has been containerized, then the repository analysis will prioritize showing you container and Node related workflows.

We have also extended recommendations to the deployment category.
and added search and filters to help you find the right workflow that matches your unique requirements.

Learn more about this GitHub Actions improvement.

See more

GitHub Actions: GitHub-hosted runners now run Node.js 16 by default

In the latest update to our GitHub-hosted runners virtual environments, Node.js 16 has become the default version of node and npm 8 has become the default version of npm.

To select the version of Node.js that you use for your projects, we encourage you to use the setup-node action.

For questions, visit the GitHub Actions community

To see what's next for Actions, visit our public roadmap

See more

GitHub Actions: Changes to permissions in workflows triggered by Dependabot

Starting 12-09-2021, GitHub Actions workflows triggered by Dependabot for the create, deployment, and deployment_status events will always receive a read-only token and no secrets.

Starting 12-09-2021, GitHub Actions workflows triggered by Dependabot for the pull_request_target event on pull requests where the base ref was created by Dependabot will always receive a read-only token and no secrets.

Both changes are designed to prevent potentially malicious code from executing in a privileged workflow.

Learn more about using Actions and Dependabot together

For questions, visit the GitHub Actions community

To see what's next for Actions, visit our public roadmap

See more

GitHub Actions: Workflows triggered by Dependabot receive dependabot secrets

GitHub Actions workflows triggered by Dependabot will now be sent the Dependabot secrets.

This change will enable you to pull from private package registries in your CI using the same secrets you have configured for Dependabot to use and will improve how Actions and Dependabot work together.

Learn more about using Actions and Dependabot together

For questions, visit the GitHub Actions community

To see what's next for Actions, visit our public roadmap

See more

GitHub Actions: Reusable workflows are generally available

Reusable workflows are now generally available. Reusable workflows help you reduce duplication by enabling you to reuse an entire workflow as if it were an action. A number of improvements have been made since the beta was released in October:

  • You can utilize outputs to pass data from reusable workflows to other jobs in the caller workflow
  • You can pass environment secrets to reusable workflows
  • The audit log includes information about which reusable workflows are used

Learn more about reusing workflows.
For questions, visit the GitHub Actions community.
To see what's next for Actions, visit our public roadmap.

See more

GitHub Actions: setup-python now supports dependency caching

You can now run workflows for Python projects faster on GitHub Actions by enabling dependency caching on the setup-python action. setup-python supports caching for both pip and pipenv projects.

The following example enables caching for a Python project with pip:

steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
    cache: 'pip'
- run: pip install -r requirements.txt
- run: pip test

For additional examples, visit the setup-python repository.

See more

GitHub Actions: Cache size is now increased to 10GB per repository

You can now enjoy a higher per-repository cache size. The cache storage for each repository has doubled to 10GB. This enables Actions users on github.com to run workflows faster by caching even bigger dependencies and other commonly reused files from previous jobs. There is no limit on the number of caches you can store, but the total size of all caches in a repository is now be limited to 10 GB.

Learn more about Caching dependencies to speed up workflows. For questions, visit the GitHub Actions community. To see what’s next for Actions, visit our public roadmap.

See more

GitHub Actions: Windows Server 2022 with Visual Studio 2022 is now generally available on GitHub-hosted runners

Windows Server 2022 with Visual Studio 2022 is now generally available on GitHub-hosted runners. To use it now, simply add runs-on: windows-2022 in your workflow file. Otherwise, our recommendation is to use windows-latest, which currently utilizes Windows 2019 but will begin running on Windows 2022 in the near future. This will ensure your workflows are always using a recent OS and removes the need to constantly update workflow files with image versions. 

jobs:
  build:
    runs-on: windows-2022
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-dotnet@v1
      - name: Build
        run: dotnet build
      - name: Run tests
        run: dotnet test

The Windows Server 2022 runner image has different tools and tool versions than Windows Server 2019.

Read more on available runner images and beta images terms of use in our documentation.

See more
View more changes