Editor’s note (March 17, 2026): We updated this post to clarify that the v2.329.0 minimum version enforcement that has been paused applies only at configuration/registration time (i.e., when running ./config.sh…
Issue fields are now available in public preview for select GitHub organizations. If you’ve been using labels like priority/p0 or severity/high to track structured data in issues, you know the…
You can ask Copilot coding agent to make changes in any pull request by mentioning @copilot. This works in pull requests created by Copilot and in pull requests created by…
How Copilot code review helps teams keep up with AI-accelerated code changes.
Copilot code review now runs on an agentic tool-calling architecture and is generally available for all users with Copilot Pro, Copilot Pro+, Copilot Business, and Copilot Enterprise. For background, see…
When you trigger a workflow using the GitHub Actions workflow dispatch API endpoint, you’ll now have the option to receive metadata in the response that helps you map your request…
Copilot coding agent is our asynchronous, autonomous background agent. Delegate a task to Copilot, and Copilot works in the background in its own development environment, powered by GitHub Actions. By…
Copilot coding agent is our asynchronous, autonomous background agent. Delegate a task to Copilot, and Copilot works in the background in its own development environment, powered by GitHub Actions. Once…
Open source is hitting an “Eternal September.” As contribution friction drops, maintainers are adapting with new trust signals, triage approaches, and community-led solutions.
CodeQL is the static analysis engine behind GitHub code scanning, which finds and remediates security issues in your code. We’ve recently released CodeQL 2.24.1, improving support for Maven private package…
Think of Continuous AI as background agents that operate in your repository for tasks that require reasoning.
Dependabot can now use OpenID Connect (OIDC) to authenticate with private registries, eliminating the need to store long-lived credentials as repository secrets. What’s new With OIDC-based authentication, Dependabot update jobs…
Announcing GitHub Security Lab Taskflow Agent, an open source and collaborative framework for security research with AI.
Security advice for users and maintainers to help reduce the impact of the next supply chain malware attack.
We envision the future of AI-enabled tooling to look like near-effortless engineering for sustainability. We call it Continuous Efficiency.
Editor’s note (December 19, 2025): We updated this post to indicate new dates for when self-hosted runners need to be updated to v2.329.0 or later. The original upgrade date has…
GitHub now makes it easier for teams to track, prioritize, and remediate security risks that matter by connecting code, build artifacts, and production context. Here’s what’s shipped and how you…
Starting December 1, 2025, all usage-based GitHub products paid by credit card on self-serve metered GitHub Enterprise Cloud accounts will be billed on the first of each month. Your billing…
Nearly a billion commits later, the way we ship code has changed for good. Here’s what the 2025 Octoverse data says about how devs really work now.
Editor’s note (November 5, 2025): We’ve updated this post to explicitly clarify that the affected tokens are npm tokens. Today marks another milestone in our ongoing effort to strengthen npm’s…
On October 7, 2025, we released CodeQL Action v4, which runs on the Node.js 24 runtime. CodeQL Action v3 will be deprecated at the same time as GHES 3.19, which…
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Join us October 28-29 in San Francisco or online for GitHub Universe, our flagship developer event uniting people, agents, and the world’s code.
