The Releases That Can Break You: 78 Breaking Changes, Deprecations and Security Advisories in Four Weeks

We analysed 839 platform releases from Jun 8 - Jul 5, 2026. Most were routine. 78 were not - retirements, breaking changes and security advisories from Azure, GitHub, GCP, Databricks and more.

ReleaseBytes 6 min read
Breaking ChangesDeprecationsCloudPlatform EngineeringReleaseBytes Data

Between June 8 and July 5, 2026, ReleaseBytes ingested and classified 839 releases from the platforms engineering teams rely on - AWS, Google Cloud, Azure, GitHub, OpenAI, Anthropic, Databricks, Snowflake, Terraform and Python.

Most of those releases are good news you can ignore: new features, regional expansions, previews. The ones that matter operationally are the ones that force action - a service you use is retiring, an API you call is changing shape, or a security issue needs a response.

In those four weeks, 78 releases - roughly 1 in 11 - were action-forcing: classified as a breaking change, a deprecation or a security advisory.

This post is what the data says about them: who ships them, what's being retired, and the deadlines now on the clock.

If you only take one thing away: ~9% of platform releases carry an obligation. The problem isn't reading 839 release notes - it's reliably finding these 78.

What we found

Across the four weeks (volume was steady - 218, 229, 204 and 188 releases per week):

Releases by platform, Jun 8 - Jul 5 2026

By classification (a release can carry more than one type):

  • 608 feature releases
  • 321 announcements
  • 191 patch releases
  • 34 security advisories
  • 27 deprecations / retirements
  • 19 breaking changes

Release type mix, Jun 8 - Jul 5 2026

Two things stand out immediately.

Raw volume and risk are different league tables. AWS shipped 235 releases but only 6 were action-forcing (2.6%). GitHub shipped 94, of which 13 forced action (14%). Databricks shipped just 27 - and 9 of them (33%) were breaking or deprecating something. If you allocate review attention by release volume, you're reading the wrong platforms first.

Security advisories cluster. Of the 34 security-classified releases, 23 came from Google Cloud - largely a steady drumbeat of product security bulletins - with GitHub (6) and AWS (3) behind. GCP's cadence looks noisy until the one that applies to you doesn't get read.

The deadlines now on the clock

These retirements were announced or restated during the window, with dates:

What Platform Deadline
GitHub Models fully retired GitHub July 30, 2026
GitHub Actions minimum self-hosted runner versions enforced GitHub July / September 2026
Azure VPN Client for Linux (Preview) retired Azure August 31, 2026
Migrate off Azure Blueprints Azure January 31, 2027
GitHub Copilot deprecates Gemini 2.5 Pro and 3 Flash GitHub July 31, 2026
Azure Inbound NAT rule v1 for VMSS retiring Azure announced
Azure GPv1 and legacy Blob storage deprecated Azure announced
Multiple Azure VM series retirements (incl. Batch VM series) Azure announced
Azure Synapse Link for Cosmos DB (NoSQL) retiring Azure announced
GKE non-release-channel clusters deprecated (auto-enrolled to Stable after) GCP June 14, 2027
Dependabot drops Python 3.9 support GitHub announced
npm v12 enforces stricter package-installation security defaults GitHub July 2026

Individually none of these is dramatic. Collectively, this is a month's worth of migration work quietly added to someone's backlog - and every one of these was published in an official channel that most teams don't systematically read.

Key trends

Azure is in a retirement wave

Seven of Azure's 37 releases this window were retirements or deprecations - VM series, VPN client, NAT rules, storage account types, Blueprints, Synapse Link. That's the visible surface of a platform consolidating older generations. If you run long-lived Azure estates, this month's notes were disproportionately about your existing infrastructure, not new capability.

AI models now have lifecycle events, like infrastructure

The clearest new pattern in the data: model availability is becoming an operational risk class. In four weeks: GitHub Copilot deprecated Gemini 2.5 Pro and Gemini 3 Flash (July 31, 2026) and the Opus 4.6 (fast) model (June 29, 2026); GitHub Models - the product - moved to full retirement (July 30); and Anthropic's feed recorded the suspension of two models following a US government directive. Anthropic's own platform notes carried deprecation entries in most weeks of the window.

If your systems call a specific model version, that's now a dependency with a lifecycle - the same way a VM series or a database version is. Treat model pins like version pins: know your fallback before the deprecation notice, not after.

SDK churn is the quiet breaking-change engine

Eight of the 19 breaking changes came from one place: Databricks SDK releases (Python, Go and Java - including a query-parameter serialization change in Go v0.152.0 and a removed user-name field in Python v0.120.0). SDKs ship fast, follow semver loosely at 0.x, and are exactly the dependency Dependabot happily bumps for you. If your CI auto-merges minor SDK updates, this is where it bites.

The routine 91% still hides the signal

The four-week totals: 839 releases, ~30 a day, with the busiest single day (June 30) seeing 73 releases. The 78 action-forcing items were spread thinly through that stream - a security bulletin here, a retirement notice there. No individual day looked alarming. That's precisely why this category gets missed: it never spikes; it drips.

What engineers should actually do

  1. Review by risk, not by volume. A monthly pass over breaking / deprecation / security items across your platforms is a fraction of the reading and most of the value. (That filtered view is what our Attention Required feed is.)
  2. Put the dated retirements in your planning calendar now - July 30 (GitHub Models), August 31 (Azure VPN Client for Linux), January 31, 2027 (Azure Blueprints). Migrations scheduled early are boring; discovered late they're incidents.
  3. Audit your SDK auto-update policy. If Databricks (or any 0.x SDK) is in your dependency tree, breaking changes arrive as routine version bumps. Pin, read the changelog, then bump.
  4. Treat model versions as dependencies. Inventory which model IDs your systems call, and subscribe to deprecation notices for them the way you would for a database version.

Where this data comes from

Every number above comes from the ReleaseBytes dataset: official release notes ingested continuously, classified by release type (feature, patch, security, deprecation, breaking, announcement) and tagged by platform. Nothing here was sampled or estimated - the window is Jun 8 - Jul 5, 2026, inclusive.

Explore the live data for your stack: AWS, Azure, Google Cloud, GitHub, Databricks - or the cross-platform Attention Required view. To have this category find you instead: release alerts deliver matching items by email or Slack, the weekly digest summarises the notable ones, and RSS feeds exist for everything.

Keep exploring

Stay current without the tab-hopping

One weekly email with the most notable cloud, AI and developer platform releases - summarised and linked to the source.

Read the weekly digest

Related articles