Changelog

Subscribe to all Changelog posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

GitHub Models prompt editor now integrates with user repository code [GA]

You can now iterate on your prompt in any user repositories without breaking your flow. With just one click, jump from a prompt in your GitHub-hosted code to the GitHub Models prompt editor:

Screenshot of the GitHub UI with "Open as prompt in GitHub Models" menu item selected.

This feature detects files with “prompt” in the content and uses 10 lines above and below the selected line as context. Once in the prompt editor, you can experiment with models, fine-tune your prompts, and customize parameters.

GitHub Models is a catalog and prompt editor of AI models to help you build AI features and products. You can start using models for free with just your GitHub PAT. This is the first of more features to come that will help with seamless integration between your existing workflow and the GitHub Models prompt editor!

Learn more about GitHub Models or join the discussion in our community forums.

See more

Notice of upcoming deprecations and breaking changes for GitHub Actions

Changes to check run status modification

To ensure the trustworthiness and security of Actions Check Run results, developers will soon lose the ability to modify the conclusion and status of an Actions-created check run using the GitHub token from a workflow run. This change will take effect on March 31, 2025. Impacted workflows will start displaying annotations during the week of February 17, 2025.

Updates to the network allow list for self-hosted runners and Azure private networking

In preparation for the public preview of consuming Immutable Actions in February 2025, GitHub has started migrating standard hosted runner customers to immutable actions. There is no action required on your end. This means GitHub Actions will use as an immutable action where available and will default to traditional actions resolution where none exist.

For customers using self-hosted runners, please ensure your self-hosted runner allow lists are updated to accommodate the network traffic. Specifically, you should allow traffic to pkg.actions.githubusercontent.com to ensure immutable actions can be downloaded successfully and jobs don’t fail during setup. If you already allow *.actions.githubusercontent.com (which is listed as a required domain) then no action is necessary. You will also need to enable traffic to ghcr.io for publishing new versions of an immutable action in the future, which will be available with the GA release.

Customers who have not updated their allow lists will automatically be opted out from using immutable actions during the migration. Once GitHub confirms that the runners have been updated, you will automatically be opted back in once the allow lists are updated. If you need to manually opt out or in for using immutable actions, please contact support.

This update also affects runners in all versions of GitHub Enterprise Server that use the GitHub Connect feature to download actions directly from github.com. Customers are advised to update their self-hosted runner network allow lists accordingly. For further guidance on communication between self-hosted runners and GitHub, please refer to our documentation.

Additionally, we’ve updated our guidance for configuring Azure private networking to account for the new domains. The following IP addresses have been added to the NSG template in our documentation.

– 140.82.121.33/32
– 140.82.121.34/32
– 140.82.113.33/32
– 140.82.113.34/32
– 140.82.112.33/32
– 140.82.112.34/32
– 140.82.114.33/32
– 140.82.114.34/32
– 192.30.255.164/31
– 4.237.22.32/32
– 20.217.135.1/32
– 4.225.11.196/32
– 20.26.156.211/32

Ubuntu 20 image brownouts

To raise awareness of the upcoming removal of Ubuntu 20, we will temporarily fail jobs using the ubuntu-20.04 label starting in March 2025. The brownouts will occur on the following dates and times:

  • March 4 14:00 UTC – 22:00 UTC
  • March 11 13:00 UTC – 21:00 UTC
  • March 18 13:00 UTC – 21:00 UTC
  • March 25 13:00 UTC – 21:00 UTC

actions/cache v1-v2 and actions/toolkit cache package brownouts

To raise awareness of the upcoming removal, we have scheduled brownouts for the following dates/times, Actions jobs referencing a deprecated verion of the Cache action will fail.

  • February 18, 2pm – 10pm UTC
See more

CodeQL performance and coverage improvements in recent releases

CodeQL is the static analysis engine behind GitHub code scanning, which finds and remediates security issues in your code. The CodeQL engine has become faster, covers 28 more security queries, supports more ecosystems, and can now scan GitHub Actions (public preview)—among various other bug fixes and small improvements.

All of these improvements were automatically rolled out to code scanning users in the past few months. For users of the CodeQL CLI, here are some highlights of the past few CodeQL releases:

  • CodeQL 2.20.46 February 2025
    • Analysis support for GitHub Actions workflow files is now in public preview, and therefore the use of the actions language (for analysis of GitHub Actions workflows) no longer requires the CODEQL_ENABLE_EXPERIMENTAL_FEATURES environment variable to be set.
    • All experimental queries for C#, Java, and Kotlin have been migrated to the default query suite in the CodeQL community packs that are managed by GitHub Security Lab.
  • CodeQL 2.20.324 January 2025
    • Resolves a security vulnerability where CodeQL databases or logs produced by the CodeQL CLI may contain the environment variables from the time of database creation. This includes any secrets stored in an environment variables. For more information, see the CodeQL CLI security advisory.
  • CodeQL 2.20.222 January 2025
    • All data flow queries have been standardized on a single data flow library, which may result in differences for JavaScript and TypeScript analysis.
    • CodeQL databases now take 2-3x less space on disk, which makes them faster to transfer and read/manipulate. This is thanks to a new compressed database format.
  • CodeQL 2.20.19 January 2025
    • CodeQL is now easier to set up and roll out: automatic build command detection with automatic dependency installation for C/C++ is now supported on Ubuntu 24.04.
    • A new Server Side Template Injection query for Python has been released, thanks to a community contribution.
    • Swift 6.0.2 is now supported.
  • CodeQL 2.19.42 December 2024
  • CodeQL 2.19.37 November 2024
    • Analysis for .NET 8 and JDK 17 has been improved.
    • The CodeQL Bundle is now available as an artifact that is compressed using Zstandard. This artifact is smaller and faster to decompress than the original, gzip-compressed bundle. The CodeQL bundle is a tar archive containing tools, scripts, and various CodeQL-specific files.
  • CodeQL 2.19.221 October 2024
    • Analysis of Python apps now has significantly faster extraction and analysis times.
  • CodeQL 2.19.14 October 2024
    • Java 23 is now supported.
    • A new command, codeql resolve packs, shows each step in the pack search process, including what packs were found in each step.

Detailed changelogs for every CodeQL release are available in the CodeQL documentation, and new CodeQL releases occur roughly every two weeks.

For GitHub Enterprise Server customers: All new functionality from CodeQL releases 2.19.0 through 2.20.3 will be included in GHES 3.16 and the latest patch versions of 3.12-3.15. Functionality from 2.20.3 and later 2.20.X versions will be included in 3.17. If you use an older version of GHES, you can manually upgrade your CodeQL version.

See more

GitHub Copilot now available for free in mobile and the CLI

GitHub Copilot Chat in GitHub Mobile and Copilot Extension for the GitHub CLI are now available for free

GitHub Copilot Chat in GitHub Mobile and Copilot Extension for the GitHub CLI are now available for free!

GitHub Copilot Chat on GitHub Mobile

Whether you’re tackling coding questions, brainstorming ideas, or working on the go, GitHub Copilot Chat is here to make collaboration faster and easier, no matter where you are.

On mobile, simply sign in with your personal GitHub account and tap the Copilot button to access 2,000 code completions and 50 chat messages per month! If you reach your quota, you can upgrade through an in-app purchase to enjoy unlimited access.

Download or update GitHub Mobile apps today from the Apple App Store or Google Play Store to experience the AI coding assistance right at your fingertips.

GitHub Copilot Extension on GitHub CLI

In the GitHub CLI, install the gh-copilot extension to access gh copilot explain and gh copilot suggest. If you reach your quota, you can upgrade on the web.

Download the GitHub CLI and the GitHub Copilot Extension directly from your terminal to experience AI assistance in explaining and suggesting gh, git, and other terminal commands without leaving your shell.

Learn more about GitHub Copilot Chat in GitHub Mobile, GitHub Copilot in the CLI, Copilot Free and share your feedback.

See more

Copilot Language Server SDK is now available

Copilot Language Server SDK

We are excited to announce that the Copilot Language Server SDK is now publicly available. This enables any editor or IDE to integrate with GitHub Copilot via the language server protocol standard. Today, Copilot is available in popular editors such as VS Code, Visual Studio, JetBrains IDEs, Vim/Neovim, and most recently Xcode. A key ingredient of bringing Copilot to new editors has been the Copilot Language Server, which is used by all of those editors. At GitHub, we value developer choice and aim to empower developers to use Copilot with their favorite editor.

The Copilot Language Server SDK is available now: @github/copilot-language-server

This SDK can be used to integrate GitHub Copilot into any editor or IDE. See the documentation on the package to get started.

See more

OpenAI o3-mini is now available in GitHub Copilot Free

OpenAI’s latest model, o3-mini, is now available in GitHub Copilot Free.

o3-mini model picker GIF

OpenAI’s latest model, o3-mini, is the most cost-efficient model in their reasoning series. o3-mini outperforms o1 on coding benchmarks with response times that are comparable to o1-mini, meaning you’ll get improved quality at nearly the same latency. The model is configured to use OpenAI’s medium reasoning effort and can be accessed in VS Code and Github.com Copilot chat today, with support to follow soon in Visual Studio and JetBrains.

Access to o3-mini is currently in preview and is subject to the 50 free chats per month limit when using Copilot Free.

Get started with Copilot Free on GitHub and in VSCode today or learn more in our documentation.

See more

Vision, agent mode, next edit suggestions, and more for GitHub Copilot in VS Code January release (v0.24)

In the latest Visual Studio Code release, you will find a range of GitHub Copilot features designed to make your coding and debugging experience in VS Code more productive and efficient. These features are now available for you to try out in the latest version of VS Code.

Vision (public preview)

You can now attach images and work with them directly in Copilot Chat. Share screenshots of errors and Copilot will interpret the image and resolve the issue. Or share mockups of new designs, and Vision will help you bring them to life.

Copilot Chat analyzing an image

Getting started

Vision is available today in the VS Code Insiders release. You can drag and drop images into Chat, paste them from a clipboard, or attach them through the VS Code UI. Vision requires that you use the GPT-4o model and upload one of the following file types: JPEG/JPG, PNG, GIF, and WEBP.

Agent mode (public preview)

As of today’s VS Code Insiders release, a new agent mode is available for GitHub Copilot Edits. You can opt in to this experience via the VS Code setting github.copilot.chat.agent.enabled.

In agent mode, Copilot can iterate on its own code. This includes automatically identifying and fixing errors, executing terminal commands to complete a requested task, and resolving runtime errors with self-healing capabilities. GitHub Copilot can now infer the other tasks that were not specified and also need to be completed in order for your explicit request to work.

Agent mode in Copilot Edits view

Agent mode will continue to improve over the coming weeks. Please share your feedback as you try it out (today in VS Code Insiders, and soon in Stable).

Next edit suggestions (public preview)

Next edit suggestions use recent edits that you’ve made to anticipate the next edit you might want to make, and where that edit is located.

With this new ability, GitHub Copilot will suggest revisions to your code, comments, tests, and more. Next edit suggestions help you edit code that you (or others) have previously written and need to edit to better meet your current goals.

Getting started

You can enable next edit suggestions via the VS Code setting github.copilot.nextEditSuggestions.enabled. If you are a Copilot Business or Enterprise user, you will also need your Administrator to enable next edit suggestions for your organization by opting in to Copilot “Editor Preview Features”.

Using next edit suggestions

When you’re presented with an edit suggestion, you can navigate to it with the Tab key and then accept it with the Tab key again, saving you time to find the next relevant edit (no manual searching through files or references required). An arrow in the gutter indicates whether an edit suggestion is available.

In the example below, next edit suggestions help with a challenging mistake in logic.

NES fixing a fibonacci logic mistake

For more scenarios where next edit suggestions will help, visit the Visual Studio Code docs.

Prompt files (public preview)

Prompt files allow you and your team to build, store, and share reusable prompts. They contain pre-defined instructions and context for GitHub Copilot Chat and Copilot Edits, which will help you save time, maintain consistency, and support the sharing of best practices across workflows for shared development tasks and domains.

They complement custom instructions through their flexibility for specific tasks and scalability for complex projects with multiple workflows.

Getting started

To enable prompt files, set the VS Code setting chat.promptFiles to true.

Copilot Edits (GA)

With Copilot Edits, you can smoothly make changes to one or more of your files directly from Copilot Chat. This feature, which has been in preview since the October VS Code release, is now generally available.

To learn more about Copilot Edits, visit the VS Code docs.

See more

Google Gemini 2.0 Flash is now available to all Copilot users in public preview

Announced at GitHub Universe 2024, Gemini 2.0 Flash is now available to all GitHub Copilot customers, including Copilot Free. The latest Gemini model from Google shows high capabilities for code suggestions, documentation, and explaining code.

Get started today!

Copilot Free or Pro users

You can start using the new Gemini 2.0 Flash model today via the model selector in Copilot Chat in Visual Studio Code and immersive chat on GitHub.com.

Copilot Business or Enterprise users

Copilot Business and Enterprise organization administrators will need to grant access to Gemini 2.0 Flash in Copilot via a new policy in Copilot settings. Once enabled, you will see the model selector in VS Code and chat on GitHub.com. You can confirm availability by checking individual Copilot settings and confirming the policy for Gemini 2.0 Flash is set to enabled.

Share your feedback

Join the community discussion to share feedback and tips.

For additional information, check out the docs on Gemini 2.0 Flash in Copilot.

See more

Dependabot no longer supports Python 3.8

As of February 5, 2025, Dependabot no longer supports Python 3.8, which has reached its end-of-life. If you continue to use Python 3.8, Dependabot will not be able to create pull requests to update dependencies. If this affects you, we recommend updating to a supported release of Python. As of February 2025, Python 3.13 is the newest supported release.

View Python’s official documentation for more information about supported releases.

See more

View and iterate on generated files directly within Copilot chat (Preview)

A screenshot showing the new file blocks in the Copilot chat feed and the new side panel where code files are opened.

You can now view and iterate on generated files directly within Copilot chat on GitHub. File suggestions open in a side panel, making it faster than ever to preview and refine your generated code.

What’s new:

  • Quick file iteration: When Copilot chat suggests files, they open immediately for closer inspection.
  • Convenient previews: Markdown files render directly inside the side panel.
  • Support for more formats: We’re just getting started, expect additional file types and capabilities soon.

Try it out:

Your feedback drives our improvements! Let us know what you think using the in-product feedback option or share your thoughts in the GitHub Community.

Join us on this journey as we continue to enhance Copilot Chat and deliver a smoother developer workflow!

See more

Introducing the “Sustainability” category on GitHub Marketplace

We’re thrilled to announce the launch of a new category on GitHub Marketplace: Sustainability.

This new category is designed to highlight GitHub Actions and apps that focus on optimizing workflows to minimize environmental impact. Whether it’s by reducing resource consumption, streamlining builds, or enabling green practices in software development, this is a space for creators to showcase tools that contribute to a more sustainable future.

If you’re a creator, we encourage you to tag your listings with Sustainability if you believe your app or action aligns with this mission. Publishing to the Marketplace is straightforward — here’s how you can get started:
Publish your GitHub Action
Publish your GitHub App

For users, this category provides a dedicated space to discover and explore tools that aim to make software development workflows more environmentally friendly. While GitHub doesn’t verify the claims made by creators in this category, we encourage you to do your own research and find tools that align with your values and needs.

Currently, the Sustainability category is a blank slate, but we’re excited to see it come to life as creators tag their listings. Visit github.com/marketplace to explore the category and check back as new tools become available.

We can’t wait to see what the community shares! 🚀🌍

See more

GitHub Enterprise Cloud Data Residency in Australia is generally available

GitHub Enterprise Cloud with data residency in Australia is now generally available, allowing GitHub Enterprise Cloud customers greater flexibility in choosing where their code and repository data are stored.

With this release, teams can enhance productivity and collaboration while gaining more control over their code to meet their data residency preferences. This will help customers in the Asia-Pacific region optimize performance and maintain availability while using GitHub Enterprise Cloud.

What is GitHub Enterprise Cloud with data residency?

GitHub Enterprise Cloud is a multi-tenant, enterprise SaaS deployment option of GitHub Enterprise, powered by Microsoft Azure. It provides a single, end-to-end DevOps platform with a suite of tools and capabilities designed to enhance the developer experience at scale. GitHub Enterprise Cloud helps DevOps teams focus on building and deploying innovative software without worrying about managing updates or infrastructure.

With the introduction of data residency in Australia, customers now have the flexibility to choose where their code is stored. GitHub Enterprise Cloud with data residency is powered by Microsoft Azure’s global infrastructure, offering enhanced security to protect your code both in transit and at rest.

Who is this available for?

GitHub Enterprise Cloud with data residency in Australia is available for customers who need their code and repository data to reside in the region. Support for additional regions is currently being planned and will be announced in the future.

How can I access GitHub Enterprise Cloud with data residency in Australia?

Get started today by contacting our sales team. You can also learn more by visiting our Docs and web page.

See more

Dependabot now supports pnpm workspace catalogs (GA)

Starting today, Dependabot offers full support for pnpm workspace catalogs.

pnpm workspace catalogs are widely used in monorepos, and improper dependency handling can lead to:

  • Broken dependency trees due to unintended modifications.
  • Install failures in CI environments due to lockfile mismatches.
  • `NoChangeErrors` when workspaces conflict with each other.

Starting today, Dependabot fully supports pnpm workspace catalogs. This means that Dependabot now:

  • Ensures safe, scoped updates for each workspace.
  • Prevents lockfile inconsistencies that break dependency resolution.
  • Improves the reliability of updates in `pnpm` monorepos.

Learn more about Dependabot
Learn more about pnpm catalogs
Join the community discussion to share feedback and tips

See more

Deprecation of real-time GitHub Actions workflow job events in Slack and Microsoft Teams apps

We are deprecating real-time job status updates for GitHub Actions workflow notifications in Slack and Microsoft Teams on the 10th of March 2025. Users will continue to receive notifications when a workflow starts and completes, but live job progress updates will no longer be available. This change improves system efficiency while maintaining essential workflow visibility.

See more

Actions Get workflow usage and Get workflow run usage endpoints closing down

As part of the ongoing transition of Enterprise customers and Team plan customers to our new billing platform, the Actions Get workflow usage and Get workflow run usage endpoints will be closing down. The transition of Enterprise and Team plan customers to the new billing platform will complete by April 1, 2025.

Actions usage information is available via the billing platform usage endpoint. This endpoint summarizes Actions usage by SKU, organization, and repository, however it does not provide detailed workflow information. For more information, refer to Getting GitHub Actions billing data from the new response data.

On the new billing platform, workflow information is available in the usage report, which can be requested from the usage page. For more information, refer to Viewing usage.

Learn more about the new billing platform or share feedback on this change in the community discussion.

See more

Copilot Workspace: Auto-validation, go to definition, and more

Copilot Workspace header

We’re excited to share the latest improvements for Copilot Workspace, including enabling enterprise managed users, auto-validating changes in the workspace, and more. Let’s get started! 🚀

Auto-validation

We’ve shipped a new experiment enabling Copilot Workspace to automatically perform a build & test after implementation. If any failures are detected, it will attempt repairs.

To enable this experimental feature, go to Experiments > Start verify loop after implement.

Go to definition

We’ve enabled go to definition support in the editor to improve code navigation.

Photo showing Go-to-Definition

File-specific plan

While you’re implementing your plan with Copilot Workspace, you will now be able to view and edit the file-specific plan items. These are located right above the file, so you can seamlessly edit and iterate on your plan.

File tree reflects plan changes

While iterating on your plan, when you select or deselect a particular plan item, these changes will now be reflected in the file tree in real-time.

Support for enterprise managed users

GitHub Enterprise Cloud customers with Enterprise Managed Users can now use Copilot Workspace. Enterprise administrators have full control over enabling Workspace in their enterprise. To do so:

  1. Enable the Copilot Workspace policy through your enterprise account (note this means accepting the GitHub Next Terms and Conditions)
  2. Enable Preview features and Copilot Extensions at the enterprise or organization level. Please note that if any organization a user belongs to has either of these policies disabled, then they are considered disabled for that user throughout the site, regardless of context. The user will not have access to Copilot Workspace or other features that require those policies.
  3. Ensure the organization has valid Copilot access for users of Copilot Workspace.
  4. Enable the GitHub Next OAuth Application in the organization.

As we continue to evolve Copilot Workspace, we’ll be simplifying these steps, so stay tuned for improvements!

Edit and validate Autofix suggestions

GitHub Advanced Security users can now use Copilot Workspace for pull requests to triage and apply Copilot Autofix suggestions, with the ability to build, test and run the proposed changes without leaving GitHub. Learn more.

Bug fixes & other improvements

  • Added a notification so users know when they need to update the spec after the task has changed.
  • Changed search so when a file is selected, it is highlighted in the file tree.
  • Enabled renaming files on the file page, rather than just on the files changed page.
  • Changed plan to auto-hide when there is no plan defined.

Providing feedback

Please give feedback in our GitHub Discussion. Any and all feedback is appreciated!

See more

Edit and validate Copilot Autofix suggestions with Copilot Workspace

Copilot Autofix suggestions for code scanning alerts can now be edited and validated using Copilot Workspace for pull requests.

Copilot Workspace for Copilot Autofix for code scanning

With this, GitHub Advanced Security users can:

  • Review and integrate Copilot Autofix suggestions within the context of the pull request, benefiting from an improved diff-viewing experience.
  • Refine and address code scanning alerts directly within the pull request, utilizing an enhanced code editing experience.
  • Build, test, and run proposed changes in the pull request without impacting your personal build and test environment.

All GitHub Advanced Security users can use this feature in private repositories on GitHub.com. A Copilot license is not required.

To learn more about code scanning alerts and Copilot Autofix, see About Copilot Autofix for CodeQL code scanning. If you have feedback regarding Copilot Autofix for code scanning, please join the discussion here.

See more

OpenAI o3-mini now available in GitHub Copilot and GitHub Models (Public Preview)

Copilot and GitHub Models o3-mini Release

OpenAI’s latest model, o3-mini, is now available in GitHub Copilot and GitHub Models, bringing OpenAI’s newest reasoning model to your coding workflow.

The o3-mini reasoning model outperforms o1 on coding benchmarks with response times that are comparable to o1-mini, meaning you’ll get improved quality at nearly the same latency.

This cutting-edge model is rolling out gradually and will be available to GitHub Copilot Pro, Business, and Enterprise users today via the model picker in Visual Studio Code and github.com chat (support in Visual Studio, and JetBrains are coming soon). To accelerate your workflow, whether you’re debugging, refactoring, modernizing, testing, or just getting started, simply select “o3-mini (Preview)” to begin using it.

Paid Copilot subscribers get up to 50 messages every 12 hours. Business or Enterprise admins can enable o3-mini access for org members through their org and enterprise admin settings pages.

GitHub Models users with a paid Copilot plan will also be able to leverage the o3-mini model to enhance their AI applications and projects later today. In the GitHub Models playground, you can explore o3-mini’s versatility as you experiment with sample prompts, refine your ideas, and iterate as you build. You can also try it alongside other models available on GitHub Models including models from Cohere, DeepSeek, Meta, and Mistral.

To learn more, check out product documentation on GitHub Models. You can also join our community discussions.

See more

Recent improvements to security campaigns with Copilot Autofix (public preview)

We’re releasing various improvements to security campaigns to help security teams and developers collaborate more effectively to resolve security debt with the help of Copilot Autofix.

Security campaigns with Copilot Autofix were released in public preview at GitHub Universe.

Available as part of GitHub Advanced Security, security campaigns help you rapidly reduce your backlog of application security debt. With security campaigns, you can make sure your developers focus on the most important security alerts across your portfolio. Copilot Autofix also automatically generates contextual explanations and suggests fixes for alerts in a campaign.

Today we are announcing multiple improvements based on the customer feedback we have received during the security campaigns public preview:

  • The repository limit for security campaigns has increased from 100 to 1000, making it easier to create campaigns from more of your critical repositories.
  • Multiple users or teams can now be specified as campaign managers, giving application security teams greater flexibility in assigning responsibility for monitoring campaign progress and collaborating with developers on fixing alerts.
  • We’ve added a new contact link field in the security campaigns user interface to facilitate better communication between security teams and developers during campaigns.
  • Email notifications are now consolidated when security campaigns are created or closed. Developers watching multiple repositories included in the same campaign will receive a single email including details of all relevant repositories rather than one email per repository.
  • Security campaigns are available for users of GitHub Advanced Security on GitHub Enterprise Cloud.

For more information about security campaigns, see About security campaigns in the GitHub documentation. If you have any feedback on security campaigns, join the discussion in the GitHub Community.

See more
View more changes