GitHub releases
GitHub changelog, platform updates, and Copilot coding-assistant releases. New features, breaking changes, security advisories and deprecations - each summarised in plain English and updated continuously.
Tracking 72 GitHub releases · Updated
- GitHub Changelog aigaengineer ·
Copilot code review adds AGENTS.md support and UI improvements
GitHub Copilot code review now supports AGENTS.md files at the repository root, allowing users to shape feedback based on project conventions. UI enhancements include an easier way to request reviews on draft pull requests and collapsed timeline events for a cleaner pull request conversation view. These updates are generally available and aimed at improving the code review experience for developers.
feature patch - GitHub Changelog securityinfraengineer ·
GitHub Actions checkout v7 enhances security for pull_request_target
GitHub Actions checkout v7 now defaults to refusing common 'pwn request' patterns, preventing vulnerabilities in workflows triggered by pull_request_target events from forks. This change is crucial for supply-chain security, affecting users who rely on checking out unreviewed pull request code. The update is available now for workflows pinned to floating major tags, with enforcement backported to supported major versions by July 2026.
feature security - GitHub Changelog securityinfraengineer ·
GitHub Secret Scanning Enhancements in June 2026
GitHub has updated its secret scanning capabilities with expanded detection coverage, including new partners like Cloudsmith and Meraki, and enhanced GitLab token support. Push protection now defaults to blocking more secret types, improving security for all repositories. Additionally, validity checks and richer metadata have been added for certain leaked credentials, aiding faster remediation for affected users.
feature patch - GitHub Changelog governancegapreviewengineer ·
GitHub Code Quality Moves to General Availability
GitHub Code Quality will transition from public preview to general availability on July 20, 2026, becoming a purchasable product for enterprises. This change introduces new capabilities like organization-wide deployment and enhanced dashboards, alongside a new pricing model that includes a per-committer license and usage-based charges for AI features. Customers on GitHub Enterprise Cloud and Team plans will be affected, with options to disable the feature before the transition.
announcement feature patch - GitHub Changelog governanceinfragaengineer ·
GitHub Enterprise Server 3.21 Released
GitHub Enterprise Server 3.21 is now generally available, bringing enhancements to deployment efficiency, monitoring, code security, and policy management. Key updates include the general availability of organization custom properties and hierarchy view for GitHub Projects, alongside a new REST API version with breaking changes. These updates benefit enterprise administrators and developers by improving metadata tagging, project visualization, and workflow management.
feature patch breaking - GitHub Changelog aigaengineer ·
GitHub AI Usage Reports Updated
GitHub AI usage reports have been updated to reflect native AI credit billing, replacing preview fields with standard ones. This change clarifies how to monitor AI credit usage going forward using quantity and gross_amount. A bug that caused incorrect values in preview fields has been fixed and retroactively applied for usage from June 1. This update is available for GitHub Enterprise Cloud customers.
patch feature - GitHub Changelog infraengineer ·
npm v12 to enforce stricter security defaults for package installation
npm v12, slated for July 2026, introduces security enhancements by defaulting to stricter controls for package installation scripts and Git/remote dependencies. These changes aim to mitigate code execution risks by requiring explicit user opt-in for potentially risky operations. Users on npm 11.16.0 or newer can prepare by reviewing warnings and using `npm approve-scripts` to manage trusted packages.
breaking feature security - GitHub Changelog securityengineer ·
CodeQL 2.25.6 adds Swift 6.3.2 support, improves C# coverage
CodeQL, GitHub's static analysis engine, has released version 2.25.6. This update introduces support for Swift 6.3.2 and enhances existing C# coverage. The release is part of ongoing efforts to improve code scanning capabilities for security issue detection. It impacts developers and security engineers using GitHub code scanning.
patch - GitHub Changelog securityinfraengineer ·
CodeQL 2.25.5 improves query accuracy for GitHub Actions
CodeQL 2.25.5, the static analysis engine powering GitHub code scanning, has been released with accuracy improvements for C/C++ codebases. These enhancements help to better detect and remediate security vulnerabilities within code. This patch is relevant to developers and security teams using GitHub Actions for code scanning.
patch