Skip to content

Changelog

Subscribe to all Changelog posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

Support tickets created for GitHub Enterprise are assigned a priority based on the circumstances and impact of the issue.

Enterprise members with support entitlements were able to suggest the initial priority of a support ticket when contacting GitHub Support. To ensure that support requests are handled in order, and according to their circumstances and impact, GitHub Support will set the initial priority of all support tickets.

See more

If you’re using starter workflows to prepare the build and release steps for your Java projects that use Gradle, these projects will now have more comprehensive dependency graph information in GitHub. The Gradle starter workflows have been updated to automatically submit transitive dependencies to GitHub, improving the quality of dependency graph data and Dependabot updates for these apps.

Learn more about the action these starter workflows use by checking out the Build with Gradle action on the GitHub Marketplace. Thank you Gradle for making these updates!

Join the discussion within GitHub Community.

See more

We have introduced two new powerful features to the latest Visual Studio Copilot Chat extension: slash commands (/) that allow you to direct Copilot to perform specific tasks, and context Variables (#) that allow you to specify a file for Copilot to focus its answer on. These features are available on the latest Chat extension that is compatible with Visual Studio 2022 version 17.8 and higher.

Slash Commands

Slash commands are special commands that you can use in chat to receive targeted assistance, including explanations, documentation, test creation, and various other forms of support related to your code. For example, you can use:

  • /doc to add a documentation comment
  • /explain to explain the code
  • /fix to propose a fix for the problems in the selected code
  • /generate to generate code to answer your question
  • /help to get help with Copilot Chat
  • /optimize to analyze and improve the running time of the selected code
  • /tests to create unit tests for the selected code

VS Code Slash Commands

Context Variables

The context variables feature enables you to add files from your solution into your questions using the # symbol. By referencing a file in this way, you allow Copilot to access the content of the file and provide more targeted answers about it. For example, you can ask “How does the #file:’Main.cs’ file work?” or “What is the purpose of the #file:’Calculator.cs’ file?” and get relevant answers from Copilot Chat. You can add multiple files to one question.

VS Code Context Variables

Besides these main features, you can also explore our other exciting new preview features

Join the discussion within GitHub Community.

See more

The macOS 14 runner image is now available for GitHub hosted runners. Workflows executed on this image will run exclusively on the 3 vCPU M1 runner announced earlier today. To use the runner, simply update the runs-on: key in your YAML workflow file to macos-14, macos-14-xlarge, or macos-14-large.

The macOS 12 runner image will remain latest until migration of the latest YAML workflow label to macOS 14 in Q2 FY24 (April – June 2024). While macOS 13 is now generally available under the macos-13 label, this image will not be migrated to latest. Following this announcement, macOS 11 runner image will begin deprecation immediately with retirement expected to complete by June 2024.

The full list of software available for all macOS runner images can be found here. If there is software you require that is not installed on the image, please create an issue in the runner-images repository.

See more

Today, GitHub is excited to announce the launch of a new M1 macOS runner! This runner is available for all plans, free in public repositories, and eligible to consume included free plan minutes in private repositories. The new runner executes Actions workflows with a 3 vCPU, 7 GB RAM, and 14 GB of storage VM, which provides the latest Mac hardware Actions has to offer. The new runner operates exclusively on macOS 14 and to use it, simply update the runs-on key in your YAML workflow file to macos-14.

See more

CodeQL 2.16.1 is now available to users of GitHub code scanning on github.com, and all new functionality will also be included in GHES 3.13. Users of GHES 3.12 or older can upgrade their CodeQL version.

Important changes in this release include:

Swift 5.9.2 is now supported.

We added a new query for Swift, swift/weak-password-hashing, to detect the use of inappropriate hashing algorithms for password hashing and a new query for Java, java/exec-tainted-environment, to detect the injection of environment variables names or values from remote input.

We improved the tracking of flows from handler methods of a PageModel class to the corresponding Razor Page (.cshtml) file, which may result in additional alerts from some queries.

JavaScript now supports doT templates and Go added support for AWS Lambda functions and fasthttp framework.

In the previous version, 2.16.0, we announced that we will update the way we measure the number of scanned files in the Code Scanning UI. This change is now live for JavaScript/TypeScript, Python, Ruby, Swift, and C#.

For a full list of changes, please refer to the complete changelog for version 2.16.1.

See more

If you use devcontainer.json files to define your development containers, you will now be able to use Dependabot version updates to keep your Features up-to-date. Once configured in dependabot.yml, Dependabot will open pull requests on a specified schedule to update the listed Features to latest. This ensures Features are pinned to the latest major version in the associated devcontainer.json file. If a dev container has a lockfile, that file will also be updated. Dependabot security updates for dev containers are not supported at this time.

See more

CodeQL 2.16.0 is now available to users of GitHub code scanning on github.com, and all new functionality will also be included in GHES 3.13. Users of GHES 3.12 or older can upgrade their CodeQL version.

Important changes in this release include:

In July 2023, we disabled automatic dependency installation for new CodeQL code scanning setups when analyzing Python code. With the release of CodeQL 2.16.0, we have disabled dependency installation for all existing configurations as well. This change should lead to a decrease in analysis time for projects that were installing dependencies during analysis, without any significant impact on results. A fallback environment variable flag is available to ease the transition, but will be removed in CodeQL 2.17.0. No action is required for Default setup users. Advanced setup users that had previously set the setup-python-dependencies option in their CodeQL code scanning workflows are encouraged to remove it, as it no longer has any effect.

We fixed a bug that could cause CodeQL to consume more memory than configured when using the --ram flag. If you have used this flag to manually override the memory allocation limit for CodeQL, you may be able to increase it slightly to more closely match the system’s available memory. No action is required for users of the CodeQL Action (on github.com or in GHES) who are not using this flag, as memory limits are calculated automatically.

We added 2 new C/C++ queries that detect pointer lifetime issues, and identify instances where the return value of scanf is not checked correctly. We added a new Java query that detects uses of weakly random values, which an attacker may be able to predict. Furthermore, we improved the precision and fixed potential false-positives for several other queries.

The measure of scanning Go files in the code scanning UI now includes partially extracted files, as this more accurately reflects the source of extracted information even when parts of a file could not be analyzed. We will gradually roll this change out for all supported languages in the near future.

We fixed a bug that led to errors in build commands for Swift analyses on macOS that included the codesign tool.

For a full list of changes, please refer to the complete changelog for version 2.16.0 and 2.15.5.

See more

Last month, we announced our plan to migrate from a strategy where student repositories are created from a template starter code repository to a strategy where student repositories are forked from the starter code repository.

Today, we are launching these changes as a Public Beta that you can opt-into on a per-classroom basis. You may opt-in your Classrooms by clicking the “Opt-in this classroom” button on the banner displayed at the top of the Dashboard of the Classroom you wish to opt-in.

We anticipate generally rolling out these changes to all Classrooms on June 17, 2024.

This public beta allows us to enable one of our most-requested features from teachers: the ability to change starter code after an assignment has been accepted by students. Students will be able to sync their assignment repository with the upstream starter code, allowing teachers to correct starter code mistakes or add additional content after the assignment has gone live to students.

Because there are important differences between creating a repository from a template and forking a repository, there are important changes in behavior for both new and existing assignments in GitHub Classroom. We recommend reviewing the following new behaviors and making adjustments to your assignments if necessary.

Important Changes for Classrooms in the Public Beta

  • All new accepted assignments will be forks, including existing assignments that were created with a template repository. Existing assignment repositories will not be changed, so they will not be able to sync changes from upstream.
  • Starter code assignments cannot be empty. If you are using a starter code repository without any commits, students will not be able to accept your assignment. GitHub Classroom will enforce this requirement for new assignments, but you will need to manually create an initial commit to existing empty starter code repositories in order for students to accept assignments.
  • Starter code commits will no longer be automatically squashed in student repos. A new fork includes the entire commit history of the parent repository, while a repository created from a template starts with a single commit. This can affect teachers who may have assignment solutions in the commit history of the starter code. We recommend using Git on the command line or GitHub Desktop to squash commits of starter code repositories prior to distributing assignments to students if you previously had solutions filled-in the starter code.
  • In order to enable private assignments, your organization must allow forking private repositories. Forking private repositories is not enabled for organizations by default. See managing the forking policy for your organization for information on how to enable this. During the Public Beta, our team is exploring options for automating this step.
  • Student repository visibility will be inherited from the starter code repository. Forks of public repositories cannot be made private on GitHub. As a result, if you wish to use a public template repository as starter code for an assignment where student repositories should remain private, we recommend creating a new repository from the public template and setting it to private prior to using it as starter code in a GitHub Classroom assignment. During the Public Beta, our team is exploring options to automate this step.
  • Private repositories must be in the same organization as the Classroom in order to be used as starter code. If you wish to use a private repository as starter code for an assignment that is housed under your user account or in another organization, we recommend configuring it to be a template repository and creating a new private repository from the template in the same organization as the Classroom prior to using it as starter code in a GitHub Classroom assignment. During the Public Beta, our team is exploring options to automate this extra step.
See more

Today's changelog brings you project status updates and an updated issues side panel in Projects!

🟢 Project status updates

You can now provide high level details on the status, timing, and progress of your project, directly from the project! This makes it easy to know and share with others how your work is progressing, any risks, and a history of when and why something changed, all in the same place where you're tracking your work.

You can access status updates from the Project details panel, where you can also add a short description or README with additional project information. Select Add update to give your project a Status, Start date, or Target date, along with additional details or mentioning another user or team. You can also edit, delete, or copy a link to a specific update to make it easy to share with others.

Once you add a status update to a project, you'll find it visible in the project header and the project index pages, so you can quickly find and access the high level details for all of your projects in a single place and drill in for more information.

project index page showing the description and start / end dates next to the project name

For more details, check out the documentation.

🛝 Issues side panel in Projects

Projects has an updated issues side panel which matches the design of issues reached from a repository. In addition to providing a consistent experience, this update also means that issues accessed from a project have all timeline events and include any other projects the issue is a part of, making it easier to manage issues from either a project or a repository.

The image shows a project with an open issue page in a side panel

Bug fixes and improvements

  • Fixed a bug where labels were being unexpectedly changed on issues when adding them to a project
  • Improved the workflow name editing experience by providing a dialog
  • Improved keyboard focus and navigation on the Insights and Workflows pages

✍️ Tell us what you think!

Join the conversation in the community discussion to share your feedback.

See how to use GitHub for project planning with GitHub Issues, check out what's on the roadmap, and learn more in the documentation.

See more

🌐 Upcoming deprecation of Copilot Chat API endpoints

Note: If you are using the latest version of the Copilot extension for Visual Studio or VS Code or you are using the Copilot plugin for JetBrains IDEs, you will not be impacted by this change.

As we announced in September, we updated the API service endpoints used by Copilot Chat. On February 1, 2024, we will deprecate the Copilot Chat API endpoints currently being routed through https://copilot-proxy.githubusercontent.com. Instead, these requests will go through https://api.githubcopilot.com. Versions 0.8.0 and later of the Copilot Chat extension for VS Code and versions 0.1.1817.27579 and later of the Copilot Chat extension for Visual Studio already route chat traffic through https://api.githubcopilot.com. All versions of the Copilot plugin for JetBrains IDEs already route chat traffic through https://api.githubcopilot.com.

To ensure Copilot Chat continues working from February 1, 2024, please update to the most recent version of the Copilot extension and ensure your firewall and network settings allow communication to https://api.githubcopilot.com.

⏫ Update on the Copilot Enterprise Waitlist

On January 19, 2024, we will close the Copilot Enterprise waitlist in anticipation of the general availability release of Copilot Enterprise.

Join the discussion within GitHub Community.

See more

Following our previous communication dated November 8, 2023, regarding the temporary rollback of the Copilot content exclusions feature, we are pleased to announce the re-deployment of this feature with significant enhancements. The rollout will be progressive during the next 10 days as we monitor the behaviour.

With Content Exclusion, GitHub Copilot Business customers will be able to prevent specified files or repositories from being used to inform code completion suggestions made by GitHub Copilot. GitHub Copilot will not be available in excluded files. Organization administrators or repository owners can choose which files or repositories are excluded. Learn more.

Overview of the Issue

Our team observed a critical issue where clients were incorrectly blocked from using Copilot due to the initial implementation of content exclusions. This was primarily caused by errors in fetching content exclusion policies from the client, leading to a temporary suspension of the feature.

Actions Undertaken

In response to this, our engineering team undertook a comprehensive review and rectification process. The issues identified in the client's code were addressed, and additional verifications were implemented on both server and client sides to prevent recurrence.

New Enhancements in the Re-deployed Feature

  • Performance Update: We have optimized the performance of the content exclusions feature, ensuring minimal impact on the user experience.
  • Extended Coverage: The feature now supports all our official Integrated Development Environments: Visual Studio, JetBrains IDEs, Visual Studio Code, and Vim/Neovim.

Current Status

  • Users with pre-existing content exclusion configurations will experience no change.
  • New and returning users can now utilize the enhanced feature across all supported IDEs.

Next Steps

We are closely monitoring the performance and user feedback post-deployment. The support for Copilot Chat is also in progress and will be part of the General Availability.

Join the Discussion

We value your feedback and encourage you to participate in the discussion within the GitHub Community.

See more

The Repository Actions Runners List is now generally available. With the Repository Actions Runnners List you can view all available runners right within the Actions tab, without needing access to repository or organization settings.

The runner types listed include Standard GitHub-hosted, Larger GitHub-hosted, Self-hosted, and Scale-sets.

Benefits of using the Repository Actions Runners List:

  • Visibility into all GitHub Actions runners: Users with repo:write access can now view which runner options are available for use within a repository, without needing to contact a Repo admin or an Organization owner to find runner label names.
  • Faster access to runner labels: Conveniently view and copy labels for all runners, making it straightforward to identify the type of runner you need and use it in a workflow.

To access the Repository Actions Runners List:

  1. Navigate to the main page of the repository.
  2. Click the "Actions" tab under your repository name.
  3. Under the "Management" section in the left sidebar, click on "Runners".
  4. Explore available runners within a repository and copy runner labels to use them in YAML workflow files.

Note: Enterprise and Organization owners can also create new runners from this page from the "New runner" button.
Repository Actions Runners List

This feature is available to users with:

  • Free and Pro Personal Accounts
  • Organizations on a Free Plan
  • Organizations on a Team Plan
  • Enterprises on a GitHub Enterprise Cloud plan (including Enterprise Managed Users)

Note: This feature is not available to users in Organizations on the GitHub Enterprise Server or Legacy plans.

If you have any feedback to help improve this experience, be sure to post it on our GitHub Community Discussion.

See more

GitHub Codespaces recently promoted the current beta host image configuration to stable as part of our regular maintenance for our hosts. This change includes multiple minor version updates, as well as major version updates to the Docker engine and Docker Compose packages installed on the host. This will not impact most development container configurations.

For more details about the specific changes, see our documentation regarding host image configurations here.

If you have any issues, please contact support.

Additional Resources

See more

GitHub Mobile Code Search

Introducing Global Code Search on GitHub Mobile

Global code search is now available directly from the home screen on GitHub Mobile. This addition enables users to conveniently find code snippets, navigate repositories, and access content directly from the home screen.
With global code search, users can easily locate anything they need while on the go.

Download or update GitHub Mobile today from the Apple App Store or Google Play Store to get started.


Learn more about GitHub Mobile and share your feedback to help us improve.

See more

On December 13, 2023, we released CodeQL Action v3, which runs on the Node.js 20 runtime. CodeQL Action v2 will be deprecated at the same time as GHES 3.11, which is currently scheduled for December 2024.

How does this affect me?

Default setup

Users of code scanning default setup do not need to take any action in order to automatically move to CodeQL Action v3.

Advanced setup

Users of code scanning advanced setup need to change their workflow files in order to start using CodeQL Action v3.

Users of GitHub.com and GitHub Enterprise Server 3.12 (and newer)

All users of GitHub code scanning (which by default uses the CodeQL analysis engine) on GitHub Actions on the following platforms should update their workflow files:

  • GitHub.com (including open source repositories, users of GitHub Teams and GitHub Enterprise Cloud)
  • GitHub Enterprise Server (GHES) 3.12 (and newer)

Users of the above-mentioned platforms should update their CodeQL workflow file(s) to refer to the new v3 version of the CodeQL Action. Note that the upcoming release of GitHub Enterprise Server 3.12 will ship with v3 of the CodeQL Action included.

Users of GitHub Enterprise Server 3.11

While GHES 3.11 does support Node 20 Actions, it does not ship with CodeQL Action v3. Users who want to migrate to v3 on GHES 3.11 should request that their system administrator enables GitHub Connect to download v3 onto GHES before updating their workflow files.

Users of GitHub Enterprise Server 3.10 (and older)

GHES 3.10 (and earlier) does not support running Actions using the Node 20 runtime and is therefore unable to run CodeQL Action v3. Please upgrade to a newer version of GitHub Enterprise Server prior to changing your CodeQL Action workflow files.

Exactly what do I need to change?

To upgrade to CodeQL Action v3, open your CodeQL workflow file(s) in the .github directory of your repository and look for references to:

  • github/codeql-action/init@v2
  • github/codeql-action/autobuild@v2
  • github/codeql-action/analyze@v2
  • github/codeql-action/upload-sarif@v2

These entries need to be replaced with their v3 equivalents:

  • github/codeql-action/init@v3
  • github/codeql-action/autobuild@v3
  • github/codeql-action/analyze@v3
  • github/codeql-action/upload-sarif@v3

Can I use Dependabot to help me with this upgrade?

Yes, you can! For more details on how to configure Dependabot to automatically upgrade your Actions dependencies, please see this page.

What happens in December 2024?

In December 2024, CodeQL Action v2 will be officially deprecated (at the same time as the GHES 3.11 deprecation). At that point, no new updates will be made to CodeQL Action v2, which means that new CodeQL analysis capabilities will only be available to users of CodeQL Action v3. We will keep a close eye on the migration progress across GitHub. If many workflow files still refer to CodeQL Action v2, we might consider scheduling one or more brownout moments later in the year to increase awareness.

See more

GitHub Copilot Chat now generally available for organizations and individuals

Recently, we announced that GitHub Copilot Chat in IDEs is now generally available for both Visual Studio Code and Visual Studio, and is included in all GitHub Copilot plans alongside the original GitHub Copilot productivity boosting code completion capabilities. It is also available at no cost to verified teachers, students, and maintainers of popular open source projects. As of now, GitHub Copilot Chat is still in the private beta for JetBrains IDEs.

If you’ve been using Copilot Chat in public beta or have already provided access to your development team, no additional actions are required. There’s also no need to install any additional extensions; Copilot chat extension is bundled together with the Copilot extension.

Enterprise and organization administrators can grant their development teams access to Copilot Chat by enabling the Copilot Chat setting for their users.

Please check out our guide for getting started with Copilot chat.

Looking forward to hearing about how you’re putting it to use!

Join the discussion within GitHub Community.

See more

The new year brings new features and improvements for the Copilot Enterprise! 🎆 These changes are focused on streamlined onboarding and ease of use.

As a reminder, Copilot Enterprise is currently in limited public beta. Enterprises can request access by signing up to the waitlist.

Semantic search can be enabled on any repository

Developers in an enterprise with access to Copilot Enterprise can now enable semantic search on a repository through the click of a button. Once a repository is indexed, Copilot has a much improved understanding of the code base in that repository and can answer questions via Copilot Chat in GitHub.com.

Create docsets to access your company’s critical knowledge

Organizations with documentation hosted in GitHub repos and written in Markdown (.md, .mdx) can now create “docsets” and enable developers in those organizations to access that critical knowledge via Copilot Chat in GitHub.com.

To get started, admins can create a docset, including the repositories that contain Markdown documentation.

Members of the corresponding organization can start to ask questions about the documentation by selecting the docset from Copilot’s “New conversation” UI in GitHub.com.

An organization can have multiple docsets – so, for example, an admin could create a docset for each team with the repositories that are relevant to them.

Introducing Copilot chat for pull request diffs

Developers are now be able to ask Copilot Chat questions about diffs on GitHub.com. To see this in action, simply navigate to a diff and use one of the following two entry points:

  1. Select some of the lines in the diff, and click on the icon on the right. You can click “Explain” to ask Copilot to explain those lines.
  2. You can also ask Copilot to chat about an entire file in the diff by clicking on the three dots at the top-right of the file in the diff. Click on “Ask Copilot about this diff” to start chatting about it.

Improved onboarding and discoverability

  • Enterprise admins have now access to improved onboarding as they enable Copilot Enterprise within their enterprise.
  • GitHub Copilot on GitHub.com can now be accessed via the search bar.
See more

The min attribute in Action-Runner-Controller is now updated to enhance system responsiveness and efficiency. Previously, the min attribute was focused on determining the minimum number of runners that the system could scale down to during periods of inactivity. This meant that when there were few to no jobs running, the system would maintain this minimum number of runners, which could be either active or idle.

The new behavior of the min attribute shifts focus to maintaining a minimum number of idle runners at all times. This means that even when there are many jobs in progress, the system will ensure that a certain number of runners are always idle and ready to immediately take on new jobs. This change allows for smoother handling of incoming jobs, reducing wait times and improving overall job processing efficiency.

See more

About a month ago we announced that GitHub's Support Portal will soon require login.

Starting today, you will need to be signed-in to your GitHub account to access our Support portal. If you already have a GitHub account, please sign in as usual when accessing the Support Portal. If you don't have an account or are unable to sign in, we'll guide you through a simple email verification process.

We're excited about this change and confident that it will make your experience with GitHub Support more secure and personalized.

See more