Skip to content

deprecation

Subscribe to all “deprecation” posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

On December 14, 2023, GitHub Actions released v4 of the actions to upload and download artifacts. This version improves upload/download speeds by up to 98%, addresses long-standing customer feedback requests, and represents the future of artifacts in GitHub Actions.

With the introduction of v4, we will be deprecating v1 and v2 of actions/upload-artifact, actions/download-artifact, and related npm packages on June 30, 2024. We strongly encourage customers to update their workflows to begin using v4 of the artifact actions.

In order to prevent issues for customers using GitHub Connect, the tags for v1 through v2 will not be removed from the actions/upload-artifact and actions/download-artifact project repositories. However, attempting to use a version of the actions after the announced deprecation date will result in a workflow failure. This deprecation will not impact any existing versions of GitHub Enterprise Server being used by customers.

This announcement will also be added to actions/upload-artifact and actions/download-artifact. Please visit the documentation to learn more about storing workflow data as artifacts in Actions.

See more

The public beta Activity Overview of Organization Insights for GitHub Enterprise Cloud will be deprecated on January 5, 2024. Since its initial beta launch in 2019, the amount of data calculation and storage required for these views has proven untenable in its current format and the underlying service will be taken offline later in January. Metrics-specific integrations such as Cauldron are available to read, store, and visualize your organization’s data via the GitHub API, as well as more general-purpose data visualization platforms such as PowerBI or Grafana. The Dependency Insights feature will not be impacted.

See more

We're simplifying how Dependabot operates! Previously, if Dependabot encountered errors in its last run, it would automatically re-run the job when there were changes in the package manifest (like adding or changing dependencies). This often led to Dependabot running more than needed and creating unscheduled pull requests. To streamline the process and stick to the schedules you set, this automated re-run feature is being deprecated.

Dependabot will still run jobs according to your schedule, and you'll have the option to manually trigger jobs whenever necessary.

See more

As of August 17, 2023, Dependabot updates no longer support Python 3.6 or 3.7, which have reached their end-of-life. If your code uses these versions, Dependabot will no longer be able to open pull requests in your repository and will log errors. Update to at least Python 3.8 to ensure your code is secure and Dependabot can still run.

This change impacts Dependabot pull requests only – you will continue to receive Dependabot alerts for dependencies with known vulnerabilities. To resolve the alert, you can upgrade the affected package yourself manually.

View the official release cycle for Python for more information on supported versions.

Learn more about supported package managers for Dependabot

See more

For security reasons, source IP addresses have been removed from error messages that are returned from the GitHub API when callers try to access protected resources from non-permitted IP addresses.

To learn more about IP allow lists, visit Restricting network traffic to your enterprise with an IP allow list in the GitHub documentation.

If you'd like to learn more about your source IP addresses, please contact GitHub Support.

See more

As of August 17, 2023, Dependabot will no longer support Python 3.6 or 3.7, which have reached their end-of-life. If your code uses these versions, Dependabot will no longer be able to open pull requests in your repository and will log errors. Update to at least Python 3.8 to ensure your code is secure and Dependabot can still run.

View the official release cycle for Python for more information on supported versions.

See more

GitHub Importer allows you to import repositories from other code hosting platforms to GitHub.com using a UI or REST API.

Today, GitHub Importer supports Git, Mercurial, Subversion and Team Foundation Version Control (TFVC) repositories.

From April 12, 2024, we will no longer support importing Mercurial, Subversion and Team Foundation Version Control (TFVC) repositories. We’re ending support for this functionality due to extremely low levels of usage.

Even without GitHub Importer, moving from these alternative version control systems to Git is simple thanks to fantastic open source tools – for more details, read our Docs article, “Using the command line to import source code”.

EDIT: The original end of support date in this post was October 17, 2023. We delayed this change in order to give customers more time to adapt.

 

See more

Today we are announcing the deprecation of Team Discussions, which will have individual sunset timelines for GitHub.com, API, and GHES users. Please see below for full details.

Last year, we introduced Organization Discussions, a way for teams to scope their discussions to the organization-level rather than the repository-level. Today, Organization Discussions has grown to include a number of features – including Categories, Category forms, Threaded comments, Q&A features (marking a comment as an answer), Polls, and Labels.

As we continue to invest and enhance Organization Discussions, we will be sunsetting Team Discussions. To migrate your existing Team Discussions to Organization Discussions, maintainers can click on the banner at the top of their Team Discussions page:

Screenshot 2023-02-07 at 3 32 28 PM

Following deprecation, access to any unmigrated Team Discussions will be available as raw text, but there won't be any ability to add, modify, or delete Team Discussions.

The deprecation will follow these timelines:

GitHub.com Timeline:

  • Feb 8, 2023: A banner to migrate will be visible to maintainers at the top of their Team Discussions page, with the migration tooling included.
  • May 8, 2023: Team Discussions will be deprecated.
  • After May 8, 2023: Access to unmigrated Team Discussions will be available as raw text, but the UI won’t be available to add, modify, or delete Team Discussions.

GHES Timeline:

  • August 8, 2023: Team Discussions will be marked for deprecation in version 3.10. A banner to migrate will be visible to maintainers at the top of their Team Discussions page, with the migration tooling included.
  • February 27, 2024: Team Discussions will be removed in version 3.12.
  • After February 27, 2024: Access to unmigrated Team Discussions will be available as raw text, but the UI won’t be available to add, modify, or delete Team Discussions.

API Timeline:

  • The Team Discussions API will be deprecated in the next calendar version (no sooner than April 30th, 2023)

For questions or feedback, please visit our community.

See more

As part of the ongoing initiative to deprecate legacy global IDs, you will begin to see deprecation warnings for GraphQL node queries using the legacy ID format.

The deprecation warnings will look like this:

{
  "data": {
    "node": {
      "login": "ahoglund",
    }
  },
  "extensions": {
    "warnings": [
      {
        "type": "DEPRECATION",
        "message": "The id MDQ6VXNlcjM0MDczMDM= is deprecated. Update your cache to use the next_global_id from the data payload.",
        "data": {
          "next_global_id": "U_kgDOADP9xw"
        },
        "link": "https://docs.github.com"
      }
    ]
  }
}

This will not impact the data portion of the payload. We recommend using these deprecation warnings along with the X-Github-Next-Global-ID to begin migrating any of your caches that contain legacy IDs. More information on how to migrate can be found in our last update as well as in the GitHub documentation.

If you have any concerns about the rollout of this change impacting your usage of the GitHub GraphQL API, please contact us and include any relevant information, so that we can better assist you.

See more

GitHub Packages is being re-platformed, unlocking great capabilities such as fine-grained permissions, org-level publishing and increased performance.

Package registries on the new GitHub Packages architecture, including container registry and npm packages, no longer expose data through the GraphQL API. We recommend using the REST API instead.

In the coming months we will be migrating our other GitHub Package registries to this new architecture deprecating the GraphQL API for those registries as well.

If you have any questions, please contact GitHub Support.

See more

The CodeQL runner has been deprecated in favor of the CodeQL CLI. As previously announced, starting March 14th, the CodeQL bundle now no longer includes the CodeQL runner. This deprecation only affects users who use CodeQL code scanning in 3rd party CI/CD systems; users of GitHub Actions are not affected.

GitHub Enterprise Server (GHES)

The CodeQL runner was shipped as part of GitHub Enterprise Server (GHES) versions up to and including 3.3.x. GitHub Enterprise Server 3.4 and later no longer include the CodeQL runner. We strongly recommend that customers migrate to the CodeQL CLI, which is a feature-complete replacement for the CodeQL runner and has many additional features.

How does this affect me?

If you’re using CodeQL code scanning on GitHub Actions, you are not affected by this change.

If you’ve configured code scanning to run the CodeQL runner inside another CI/CD system, we recommend migrating to the CodeQL CLI as soon as possible.
Starting April 1st, changes to both the CodeQL analysis engine and the code scanning API are not guaranteed to be compatible with older CodeQL runner releases.

What actions should I take?

You should configure your CI/CD system to use the CodeQL CLI before upgrading to GHES 3.4.0. When setting up the CodeQL CLI, we recommend that you test the CodeQL CLI set up to verify that the CLI is correctly configured to analyze your repository.

Learn more about migrating from the CodeQL runner to the CodeQL CLI here.

See more

We recently announced a plan to sunset deprecated Teams API endpoints over the coming weeks. On March 1, we conducted the first scheduled brownout for 12 hours.

As we gathered metrics and consumer feedback on the brownout, we formed a new understanding of its impact on our consumers and parallel work. Consequently, we are deciding to pause the remainder of the sunset. Instead, we will sunset deprecated Teams API endpoints over a new timeline in the coming months as we invest more deeply into API versioning and our Octokit SDKs.

If you are using a deprecated endpoint under a /teams/:team_id path, we continue to encourage you to switch to the /organizations/:org_id/team/:team_id path. Please refer to the REST API documentation to learn more about supported Teams API endpoints.

See more

Update on March 4, 2022: We have temporarily paused the sunset. Please read the official announcement for more information.


In early 2020, we moved the Teams API from a top-level path under /teams/:team_id to a scoped path under the organization that owns the team like /organizations/:org_id/team/:team_id and added support to make the API available under a named path like /orgs/:org/teams/:team_slug.

Over the next few weeks, we will be sunsetting the API endpoints under /teams/:team_id.

Timeline

Brownouts

  • March 1, 2022 for 12 hours starting at 14:00 UTC
  • March 8, 2022 for 24 hours starting at 14:00 UTC

If you make a request to an affected endpoint during the brownouts, GitHub will respond with a client error.

Removal

  • March 15, 2022 at 14:00 UTC

Affected endpoints

  • GET /teams/:team_id
  • PATCH /teams/:team_id
  • DELETE /teams/:team_id
  • GET /teams/:team_id/teams
  • GET /teams/:team_id/repos
  • GET /teams/:team_id/repos/:owner/:repo
  • PUT /teams/:team_id/repos/:owner/:repo
  • DELETE /teams/:team_id/repos/:owner/:repo
  • GET /teams/:team_id/projects
  • GET /teams/:team_id/projects/:project_id
  • PUT /teams/:team_id/projects/:project_id
  • DELETE /teams/:team_id/projects/:project_id
  • GET /teams/:team_id/members
  • GET /teams/:team_id/members/:username
  • PUT /teams/:team_id/members/:username
  • DELETE /teams/:team_id/members/:username
  • GET /teams/:team_id/memberships/:username
  • PUT /teams/:team_id/memberships/:username
  • DELETE /teams/:team_id/memberships/:username
  • GET /teams/:team_id/invitations

Steps to take

The easiest way to update your code is to switch to the /organizations/:org_id/team/:team_id path. If you're unsure of what org_id to use, you can GET the current team under /teams/:team_id and find the id field inside the organization hash in the response.

Please refer to the REST API documentation to learn more about supported Teams API endpoints.

See more

The Codes of Conduct API preview, which was accessible with the scarlet-witch-preview header, is being deprecated.

On December 6th, 2021, the fields behind this API preview will no longer be accessible. We recommend using the Get community profile metrics endpoint to retrieve information about a repository's code of conduct.

Email notifications will be sent to active users of the API preview throughout the deprecation period.

If you have any questions, please contact GitHub Support.

See more

Recover Accounts Elsewhere allows a user to store a recovery token with a third-party recovery partner to use as a recovery method when their account is protected by two-factor authentication. Effective immediately, we will no longer be allowing new recovery tokens to be stored using Recover Accounts Elsewhere.

On December 1st, 2021, account recovery tokens stored using Recover Accounts Elsewhere will no longer be accepted as a recovery option when contacting support to recover access to your account. You will still be able to use our other recovery mechanisms to recover your account.

If you have registered an account recovery token using this feature, we recommend you take this opportunity to download your two-factor recovery codes. You can also revoke your recovery tokens using these steps:

  1. Navigate to the Account Security page.
  2. Scroll down to "Recovery tokens" and client "Edit".
  3. Click "Revoke token" for each token.

We'll be sending occasional email notifications throughout the deprecation period to all users with recovery tokens registered.

Questions? Take a look at our updated documentation on account recovery, or contact GitHub Support.

See more

GitHub will stop supporting API Authentication via Query Parameters with Actions on October 6th 2021 at 14:00 UTC. If you are passing credentials via query or path parameters, GitHub will respond with client errors. Please refer to this blog post for details on authenticating API requests to GitHub using the Authorization header.

Removal

  • October 6 2021 at 14:00 UTC
See more