Search results for: GitHub Actions

A look at how we rebuilt GitHub Actions’ core architecture and shipped long-requested upgrades to improve performance, workflow flexibility, reliability, and everyday developer experience.

GitHub code scanning default setup now runs even if your organization has GitHub Actions policies that restrict which workflows can run. In the past, restrictive actions policies could block code…

GitHub Actions cache size can now exceed 10 GB per repository You can now store more build dependencies between workflow runs with expanded GitHub Actions cache storage. Repositories can go…

GitHub Actions OpenID Connect (OIDC) token claims now include check_run_id This enhancement enables fine-grained, attribute-based access control and improves auditability for workflows that integrate with external services. Platform teams often…

Increased limits for reusable workflows You can now use up to 10 nested reusable workflows and call up to 50 workflows in total from a given workflow run. The previous…

GitHub Actions 1 vCPU Linux runners are now in public preview. Customers looking to run lightweight operations can take advantage of these lower cost runners. These runners are optimized for…

Node20 will reach end-of-life (EOL) in April of 2026. As a result we have started the deprecation process of Node20 for GitHub Actions. We plan to migrate all actions to…

The macOS 13 runner image will be retired by December 4th, 2025. To raise awareness of the upcoming removal, jobs using macOS 13 will temporarily fail during the scheduled brownout…

Two GitHub Actions are now available to help open source maintainers using the GitHub Models inference API: AI assessment comment labeler: Streamline your issue triage with a simple trigger label…

GitHub Actions is powered by a diverse ecosystem of first-party and community contributed actions. If one of these actions has a vulnerability or is compromised by a malicious actor, it…

New REST APIs for actions settings Today, GitHub Actions is launching new REST APIs for managing settings. The following settings are now accessible via these new endpoints: Approval for running…

The GitHub macOS hosted runner fleet is being upgraded to M2 Pro-powered machines on our largest runners. Starting today the macOS XLarge runner sku now utilizes a 5 vCPU M2…

Strengthen your repositories against actions workflow injections — one of the most common vulnerabilities.

Upcoming changes to GitHub Actions runner APIs The orgs/{org}/actions/runners API currently shows self-hosted runners and individual larger hosted runner instances. As of July 3rd, 2025, we will no longer show…

GitHub Actions fine-grained permissions are now generally available and can be used to define custom repository roles. Last year, GitHub introduced the CI/CD Admin role—a pre-defined organization role that grants…

GitHub is consolidating Dependabot’s compute platform to GitHub Actions, and jobs that generate pull requests will be run as GitHub Actions workflows. This allows Dependabot to leverage GitHub Actions infrastructure,…

GitHub Actions has expanded the number of supported Azure private networking regions available to customers, with the following new additions: – Canada East – Canada Central – Japan West –…

Self-hosted runner network communication requirements GitHub has introduced fully qualified and wildcard domains into a new actions_inbound section within the meta API. This enhancement provides customers with a streamlined way…

GitHub code scanning now offers enhanced security protection for your GitHub Actions workflow files through CodeQL analysis, which is now generally available. This feature enables you to identify and remediate…

We’re introducing new controls for automation workflows, enhancing security and flexibility for teams. Additionally, we’ve released updates to Actions runner controller designed to improve performance, customization, and compatibility with evolving…

Comparing GitHub-hosted vs self-hosted runners for your CI/CD workflows? This deep dive explores important factors to consider when making this critical infrastructure decision for your development team.