Changelog

Subscribe to all Changelog posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

Deprecation of beta GitHub Copilot usage API endpoint

Summary

Beginning February 2025, the beta Copilot /usage endpoints will be deprecated.
No new data will be inserted for retrieval via the beta /usage endpoints. This endpoint will be accessible through February, but the 28 day retention policy will remain.

Who’s impacted?

Enterprise organizations with Copilot licenses not yet migrated from the /usage metrics APIs are impacted by this deprecation.

What’s changing and why?

The deprecation of the beta /usage endpoints is a part of GitHub’s effort to deliver more powerful and flexible data offerings for enterprises, organizations, and teams. The new endpoints provide:
– Visibility into the adoption and consumption of Copilot across various stages of dev lifecycle (from code suggestions to PR reviews), from the team to the enterprise level
– Expanded scope of metrics, with the addition of GitHub.com Copilot Chat and Copilot for Pull Requests
– Consistent terminology with the user management API
– Better visibility into unique users at various drilldowns

Next steps

Ensure your organization is no longer consuming the now deprecated /usage endpoints in any jobs, workflows, and analytics tools.
As an alternative to the beta Copilot /usage endpoints, check out the PowerBI template and the Copilot /metrics endpoints.

Join the discussion in the GitHub community.

See more

Edit the GitHub-owned image on a larger hosted runner

Starting today, customers can change the runner image on larger hosted runners without deleting and re-creating them. You can now update the image and the change will be applied on all future workflow runs to that label. For customers using static IPs, you can change the image on your runner while keeping your IP addresses the same.

Note: partner images cannot be edited at this time and still require the runner to be deleted and re-created.

To edit your runners, follow the steps outlined in our documentation.

See more

Copilot Autofix is available for more code scanning alerts

Copilot Autofix helps you fix code scanning alerts and avoid introducing new security vulnerabilities by using large language models to suggest potential fixes.

We recently expanded the range of CodeQL security alerts where Copilot can suggest an autofix, covering a group that accounts for 29% of all CodeQL alerts. This expansion led to an 8% overall increase in alerts with an available autofix and a 270% increase in autofixes for this specific group of improved alerts. With more autofix suggestions, you can resolve security issues identified by CodeQL more easily—either by applying Copilot’s suggested fix directly or using it as a starting point for your own edits.

We made these improvements by analyzing our usage data to understand the most common types of alerts where Copilot was not suggesting fixes and then made a targeted effort to improve autofix for these alerts. Read more about the testing process that GitHub uses to identify the quality of autofix suggestions.

We continuously evaluate the performance of CodeQL and Copilot Autofix, so look for more improvements in the future.

See more

GitHub Copilot in JetBrains IDEs: @project context and commit message suggestions

The GitHub Copilot plugin for JetBrains IDES now helps you ask questions about your entire codebase, via @project, and Copilot can help you out even more by generating commit message suggestions.

@project context

With @project context, you can ask any question you have about your project, and Github Copilot will read your entire project’s codebase and return detailed answers with references to relevant files and symbols. @project context helps you find the code you’re looking for, understand how functionality is implemented, and much more.

Commit message suggestions

Now GitHub Copilot in JetBrains will generate commit messages for you, helping you craft informative commit messages and saving you that extra bit of time every day. 

UX improvements & bug fixes

This update also includes a few other UX improvements:

  • Chat conversations are now ordered by last modified time.
  • We fixed a bug where chat conversation history was lost after signing out.
  • We fixed color display issues when switching system themes between dark and light. 

Get started and join the discussion

Try out the latest version of the GitHub Copilot plugin and share your thoughts in the GitHub Community. We’d love to hear your feedback!

 

See more

Dependabot helps users focus on the most important alerts by including EPSS scores that indicate likelihood of exploitation, now generally available

Dependabot alerts now feature the Exploit Prediction Scoring System (EPSS) from the global Forum of Incident Response and Security Teams (FIRST), helping you better assess vulnerability risks.

EPSS scores predict the likelihood of a vulnerability being exploited, with scores ranging from 0 to 1 (0 to 100%). Higher scores mean higher risk. We also show the EPSS score percentile, indicating how a vulnerability compares to others.

For example, a 90.534% EPSS score at the 95th percentile means:

  • 90.534% chance of exploitation in the next 30 days
  • 95% of other vulnerabilities are less likely to be exploited

You can use EPSS scores to help prioritize dependency vulnerabilities based on exploit likelihood.

This feature is available on GitHub.com today, and will be available in GitHub Enterprise Server staring with version 3.17.

Learn more in FIRST’s EPSS User Guide.
Join the discussion within GitHub Community.
Read more about viewing, sorting, and filtering Dependabot alerts in GitHub’s Dependabot docs.

See more

Enhanced billing platform for Free plan for organizations

Starting February 4, 2025, new GitHub Free plan customers will gain access to the enhanced billing platform: a suite of new features designed to help administrators understand and manage GitHub spend for their organization.

Benefits of the new platform include:

  • Spend transparency: view usage for organizations, repositories, products, and SKUs by day, month, or year
  • Improved control: set budgets to limit spending and configure alerts to stay informed of budget utilization

Screenshot of the metered usage graph in the Mona-free-organization

What to expect

Existing Free plan customers will gain access to the enhanced billing platform in the coming months. You will be informed via email and an in-app banner on the billing page in advance of the transition.

Here are some things to know about the transition:

  • Once transitioned, a new Billing & Licensing section will appear in the enterprise account menu.
  • Spending limits will be migrated and renamed as budgets in the new billing platform. For more details about budgets, visit Preventing overspending.
  • While the new billing platform will not visually display historical usage, you will be able to download a usage report to get your pre-transition historical usage.

Other important changes

  • Git Large File Storage will transition from prepaid, quota-based data packs to a usage-based metered billing model. If you use Git Large File Storage today, you’ll receive credits for any unused data packs. For more information, visit “About enhanced billing for Git Large File Storage.”

Learn more

For more information, visit Using the enhanced billing platform for organizations.

See more

Announcing the General Availability of GitHub Copilot Extensions

Copilot Extensions GA

Your tools. Your workflows. All within Copilot Chat.

GitHub Copilot Extensions are now generally available for users across all Copilot license tiers. With Copilot Extensions, you can integrate and prompt your favorite tools directly in Copilot Chat using natural language wherever you develop, including Visual Studio Code, Visual Studio, JetBrains IDEs, and GitHub.com. Copilot Extensions on GitHub Mobile will be generally available in the coming weeks.

Copilot Extensions help you stay in your workflow, with context-aware assistance from your favorite tools right at your fingertips. Today’s marketplace is home to a wide range of extensions, from Perplexity to Stack Overflow, to Docker and Mermaid Chart. Developers can unlock productivity gains with extensions in minutes. For example, Arm’s extension streamlines cloud adoption and migration, enabling developers to build, test, and deploy software on Arm-based servers while seamlessly leveraging Arm’s efficient, scalable, and high-performance architecture.

Explore these extensions and more on the GitHub Marketplace to bring new contexts and capabilities into the chat. All you need is access to GitHub Copilot to get started. 🚀

Building GitHub Copilot Extensions

Our platform also empowers you to build your own public or private extension depending on your requirements. This flexibility allows you to develop extremely customized extensions for your enterprise or organization, or develop general applications that can serve thousands of developers. The comprehensive Copilot Extensions toolkit provides you with centralized code samples and tools to help you build high quality extensions.

Alongside General Availability, we’re introducing OpenID Connect (OIDC) support for builders. This replaces the X-Github-Token auth model with native third-party tokens, reducing API round trips, and improving security. Instead of verifying GitHub tokens on every request, integrators receive pre-exchanged tokens tailored to their system, enabling direct authentication and authorization. This lowers latency, simplifies identity mapping, and aligns with GitHub’s existing OIDC workflows for Actions.

Builders have several ways to develop customized extensions, including:

  • Copilot skillsets, a faster, lightweight implementation option
  • Context passing, a capability that helps extensions benefit from a user’s local editor context for more tailored responses

Ready to contribute to our growing ecosystem? Get started with our Copilot Extension builder docs.

👀 What’s next?

Our general availability is only the starting point for agentic capabilities. We’re continuing to reimagine AI assisted workflows, with recent releases like agent mode and explorations around Project Padawan. These innovations only scratch the surface of what is possible with GitHub and AI agents. Continue being a part of the conversation by providing feedback as you try out extensions. ⭐

See more

New GPT-4o Copilot code completion model now available for Copilot in JetBrains IDEs

The new code completion model announced yesterday is available today to all JetBrains users of GitHub Copilot.

To get started, ensure that you are on the latest stable release of the extension (v1.5.35 or above). Click the Copilot icon in the JetBrains IDE of your choice and select Edit model for Completion. This will open the GitHub Copilot settings, where you can switch between models.

See more

Repositories – Enterprise rules and custom properties updates

Custom properties

Screenshot depicting new filter options available

There are new search and filtering options for custom properties now generally available to ensure you can easily find the right property.

  • Managed by allows you to limit your result by the organization or enterprise who manages the property.
  • Property type allows you to limit your result by the available type of properties.
  • Text allows you to limit your result by the context of the property name or values.

Enterprise custom properties

Screenshot of custom property promotion screen

Enterprise custom properties as part of the current preview can now be promoted from an organization to an enterprise property. This ensures properties configured in one organization are available across all organizations in an enterprise.

Enterprise code rulesets

Screenshot of configuring enterprise workflow rule

Required workflows are now available as a new rule in the enterprise code rules preview. This will allow you to target workflows across specific organizations and repositories with a single workflow file managed at the enterprise.

Note: GitHub Enterprise Cloud with data residency support for the enterprise workflow rule will be coming soon.

Join the discussion within GitHub Community.

See more

Recent improvements to Artifact Attestations

We released a collection of improvements to Artifact Attestations to make the verification of attestations easier and more consistent.

Artifact Attestations let you create provenance signatures, which provide an unforgeable paper trail that links your artifact back to its originating workflow run. By verifying the signature, you can gate deployments to ensure that what you deploy is exactly what you built, guaranteeing that the artifact has not been tampered with.

Today we are announcing multiple improvements based on the user feedback we have received:

  • Attestation verification defaults to build provenance: Build provenance is just one type of information that can be attested to an artifact. It provides a verifiable trail that links the artifact back to its originating workflow run, ensuring its authenticity and integrity. However, other types of information can also be attested to an artifact, for example a Software Bill of Materials (SBOM). Attestations can be verified by running gh attestation verify using the GitHub CLI. Previously, verification succeeded as soon as there was any attestation associated with the artifact. However, we observed that provenance is verified in the vast majority of cases. Therefore, we altered the CLI to default to provenance when no predicate type is specified. This change ensures that verification does not pass merely because, for example, an SBOM was attested to the artifact. To verify an SBOM, the predicate type must be explicitly supplied as a parameter using gh attestation verify with the --predicate-type parameter.
  • CLI outputs evaluated policies during verification: When verifying an attestation, the CLI now outputs all the policies it evaluated to determine whether the verification succeeds or fails. This increases transparency, making it easier to understand the reasons behind the verification outcome.
  • Attest actions support multiple subjects: Following the release to support attesting multiple subjects, we have enhanced our attest, attest-build-provenance and attest-sbom actions to also accept a checksum file that contains a list of artifacts and their corresponding digests as input.
  • Attestation verification is now monotonic: This means that once verification passes for an artifact, the addition of another attestation cannot change that status. Verification now succeeds if at least one attestation passes verification. This ensures that downstream processes, such as gated deployments, are not affected for any legitimate build that has a valid provenance attestation, even if someone adds another attestation that is bad or malformed.

For more information about Artifact Attestations, see Using artifact attestations to establish provenance for builds in the GitHub documentation. If you have any feedback on Artifact Attestations, join the discussion in the GitHub Community.

See more

New GPT-4o Copilot code completion model available now in public preview for Copilot in VS Code

Header introducing GPT-4o Copilot model

A new code completion model, GPT-4o Copilot, can now be enabled by VS Code users.

This new model based on GPT-4o mini has additional training on over 275,000 high-quality public repositories in over 30 popular programming languages. As a result, you can expect this model to provide more accurate suggestions and to have better performance.

Getting started with GPT-4o Copilot in VS Code

To get started, open the Copilot menu in the VS Code title bar, select Configure Code Completions... > Change Completions Model.... Alternatively, open the Command Palette and select GitHub Copilot: Change Completions Model....

GPT-4o Copilot access notes

If you are a Copilot Business or Enterprise user, you will first need your administrator to enable this model for your organization by opting in to Editor preview features in the Copilot policy settings on github.com.

If you are a Copilot Free user, using this model will count toward your 2,000 free monthly completions.

The model will also be available soon to Copilot users in all JetBrains IDEs.

Please share your feedback as you try out the new model. It will help us improve the experience for all Copilot users.

See more

GitHub Issues & Projects – February 18th update

Today’s changelog brings you a snappier issue creation flow in projects, the ability to convert checklist items to sub-issues, required fields on private repositories, and important updates on tasklist blocks and single issue templates.

✍️ Improved issue creation flow in projects

Creating a new issue from a project is now easier than ever. Previously, when you started typing in an issue title in a project, the default was to create a draft issue. However, we’ve heard from user feedback that the primary
desired use case is to create an issue instead of a draft. Now, with this update, you can directly create a new issue by pressing Enter or create a draft with Cmd / Ctrl + Enter.

🔒 Required fields on issue forms for private repositories

You can now specify required fields on issue forms in private repositories, which ensures that contributors provide essential information before submitting an issue.

➡️ Convert checklist items to sub-issues

You can now convert checklist items in issues directly to sub-issues, making it easier to turn draft or to-do tasks into actionable work items.

🌇 Tasklist blocks will be retired and replaced with sub-issues

The private preview feature, tasklist blocks, will be retired on April 30, 2025. Your feedback from the private preview has been invaluable, helping us shape the release of sub-issues, the replacement for tasklist blocks.

Sub-issues provide a dedicated section within each issue, making it easier to track related work without relying on Markdown. You can manage up to eight levels of hierarchy within a single issue and monitor progress directly in your projects.

Migrate to sub-issues

We recommend migrating your tasklists to sub-issues before the retirement date.

To migrate, first simply remove the tasklist Markdown syntax to display the list as an issue checklist.

- ```[tasklist]
- - [ ] task 1
- - [ ] https://github.com/github/github/issues/123
- ```
+ - [ ] task 1
+ - [ ] https://github.com/github/github/issues/123

Then, use the Convert to sub-issue feature to convert desired issues or checklist items into sub-issues.

After April 30, 2025, remaining tasklist blocks will no longer be rendered and will instead be converted to raw Markdown. The Tracked and Tracked by fields on projects will no longer be available.

🌅 Single issue templates (ISSUE_TEMPLATE.md) will be retired

The legacy ISSUE_TEMPLATE.md feature will be retired on March 30, 2025. As a replacement, we encourage creating an ISSUE_TEMPLATE/ subdirectory in any of the supported folders to store multiple issue templates. You can then use the template query parameter to specify which template should populate the issue body. For more details, see the documentation.

After March 30, 2025, repositories still using ISSUE_TEMPLATE.md will default to a blank issue form, allowing users to start fresh when creating issues.

Additional improvements

On top of the many bug fixes we’ve shipped, we’ve also introduced the following improvements:

  • You can now create new milestones directly from the milestone picker in any issue.
  • The issue template selection will now be bypassed if only one template is available and the blank issue template is disabled.
  • You can now create and edit iteration fields via the ProjectV2 GraphQL API.
  • We’ve introduced a move dialog in Projects, allowing you to rearrange items and views with precision. You can move views from a tab’s view options menu, while items can be moved through the row actions menu. This allows users who rely on screen readers, keyboards, and other assistive technology to use projects more accessibly.

Tell us what you think!

Join the discussion within the GitHub Community.

See how to use GitHub for project planning with GitHub Issues, check out what’s on the roadmap, and learn more in the documentation.

See more

Code completion in GitHub Copilot for Xcode is now generally available

Code completion in GitHub Copilot for Xcode is now generally available

GitHub Copilot for Xcode code completion

Code completion in GitHub Copilot for Xcode is now generally available. Developers using Xcode can now experience AI-powered, real-time code suggestions that enhance productivity and streamline the development process.

AI-Powered code suggestions for faster development

GitHub Copilot code completion integrates seamlessly into Xcode, offering context-aware suggestions as you type. Whether you’re writing function implementations, refactoring code, or handling repetitive tasks, Copilot intelligently predicts and completes your code, allowing you to focus on higher-level development.

Code Completion of GitHub Copilot for Xcode

Key benefits of GitHub Copilot in Xcode code completion

  • Real-time, context-aware code completion: Copilot provides intelligent, in-line code suggestions as you type, helping you write high-quality code faster. By understanding the context of your project, it predicts and generates relevant code snippets to accelerate your workflow.
  • Seamless integration with Xcode: Designed to work naturally within Xcode, Copilot enhances the existing coding experience without disrupting your development environment. There’s no need for additional setup—simply enable Copilot and start coding smarter.
  • Reduce repetitive coding tasks: Instead of manually writing boilerplate code, let Copilot generate common patterns, function definitions, and repetitive logic. This allows you to focus more on complex problem-solving and building innovative features.
  • Intelligent auto-completion for improved accuracy: Copilot not only speeds up coding. It also improves accuracy by reducing syntax errors and helping ensure best practices. The AI-powered suggestions help maintain clean and efficient code, minimizing debugging time.

Get started with GitHub Copilot in Xcode

To get started with GitHub Copilot in Xcode:

  1. Ensure you have a GitHub Copilot license.

  2. Enable Copilot in Xcode via your GitHub account.

  3. Start coding with AI-powered assistance today!

Experience the future of AI-assisted development

With GitHub Copilot, you can write code more efficiently, reduce errors, and enhance your overall development workflow. Try it out today and take your Xcode development to the next level!

For more details, visit our GitHub Copilot documentation and start leveraging AI-driven coding assistance in Xcode.

Feedback

To provide feedback or report issues, please open an issue on GitHub at https://github.com/github/CopilotForXcode/issues. Check existing issues and add a comment or ask questions if you find an issue similar to what you’re experiencing.

Join the community

Connect with other developers, share tips, and discuss other updates to Copilot in our dedicated Copilot community discussions.

See more

Personal custom instructions, Bing web search, and more in Copilot on github.com

Personal custom instructions are now available in public preview for Copilot on github.com 🎉

Copilot Chat on github.com now supports personal instructions! This means you can provide Copilot with important details about your preferences, such as your preferred language, response style, or even code standards.

To get started, open up Copilot Chat, click ..., and select Personal instructions. That’s it! Copilot will now incorporate your preferences for all chats in github.com.

💡 Looking for ideas? Here are some examples to kick things off:

  • Language preferences: “Always respond in Portuguese.”
  • Response preferences: “Be concise and to-the-point. Always cite your sources.”
  • Personal preferences: “You are a seasoned React developer with ten years of experience.”
  • Code preferences: “Always provide examples in TypeScript.”

Looking for more? Visit prompts.chat for more inspiration.

Search the web 🔍 in Copilot chat using Bing

Copilot Chat can now search Bing to answer questions and find information beyond its general knowledge or your codebase. This feature makes it easy to chat about recent events, trends, and new developments. It’s now generally available in VS Code, Visual Studio, and github.com.

Since our public preview, we’ve enhanced our web search capabilities to deliver more relevant and accurate responses to your questions.

Give it a try today:

  • “What’s the latest version of React?”
  • “What are the most recent updates in Python’s machine learning libraries?”

Quality improvements to Copilot Chat

In the last month, we have delivered a collection of quick wins and subtle enhancements ✨, making the product smoother and more delightful for everyone.

What’s new:

  • Better search in Copilot Chat for more relevant and complete answers, including expanded lexical search results and larger semantic search responses for better context
  • Improved memory in Copilot, now keeping more of your chat history for better context and flow
  • Improved Copilot Chat’s awareness of the README.md when asking about a repository
  • Enhanced Copilot’s awareness of time, showing times relative to you instead of UTC

We also recently added the ability to view and generate new code files to Copilot chat at github.com/copilot – check it out!

See more

Copilot Workspace: Follow ups and file search improvements

Copilot Workspace Changelog Header

This week’s Copilot Workspace updates center around improving multi-file code generation and search capabilities. Alongside continued improvements to performance and reliability, we are releasing two features: follow ups and a simplified file search experience.

Let’s dive in!

Follow ups

When you’re working within a large repository that has complex file dependencies, even simple changes can have significant impacts across the codebase. Invoking Copilot Workspace’s new follow up capability triggers a thorough check across the codebase, automatically editing the necessary files if any follow ups are detected.

Whether you have changed a function name, modified function parameters, or modified a shared class definition, Copilot’s follow ups can swiftly handle dependent fixes across your repository, saving you time and increasing confidence in your changes before you raise a PR!

File search experience improvements

We’ve updated the file search experience to help you maintain context in your file tree while searching for other files to open. Rather than filtering the file tree on search, we now return results in a separate menu that searches the entire repository rather than what is currently visible in the tree. You can open files in new tabs directly from this search.

Providing feedback

Please give your feedback in our GitHub Discussion. We’d love to hear your thoughts!

See more

Secret scanning detects Base64-encoded GitHub tokens

GitHub continually updates its detectors for secret scanning with new patterns and upgrades of existing patterns, ensuring your repositories have comprehensive detection for different secret types.

GitHub now automatically detects Base64-encoded secrets for the following token types:

  • GitHub personal access tokens
  • GitHub OAuth access tokens
  • GitHub user to server tokens
  • GitHub server to server tokens.

GitHub secret scanning protects users by searching repositories for known types of secrets such as tokens and private keys. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. See the full list of supported secrets in the documentation.

Learn more about secret scanning or join the discussion on our dedicated GitHub community.

See more

Feed activity is now sorted chronologically

In your homepage activity Feed, you can see activity from other users, content GitHub recommends for you in “Suggested for you” modules, and trending developers/repositories.

The sorting algorithm we’ve had in place in the Feed could lead to these items being placed out of chronological sequence. We’ve heard your feedback, though, that the out-of-sequence ordering of activity can make it difficult to be effective with daily tasks in GitHub.

So now, we’re sorting all activity in the Feed chronologically. The newest activity appears first and older activity appears as you scroll down your Feed.

As part of this change, we also merged the design and UI to be more consistent across individual feeds and organization feeds, by slightly modifying the card layout in organization feeds. These minor template differences should not impact the content that appears for you.

Learn more and give us your feedback

For more information and discussion on these changes, join us in this discussion.

See more

Verify email address to secure Enterprise Managed User accounts

As previously announced, Enterprise Managed Users (EMUs) must now prove ownership of their email addresses to secure their accounts and prevent any accidental data leaks by third party GitHub Apps and OAuth applications. In January 2025, we also updated the /user/emails REST endpoint to return a placeholder email address with the enterprise’s shortcode appended (e.g. email+shortcode@domain.com) until the EMU user has verified their email address.

While unverified emails may not affect most of your actions on GitHub, some GitHub Apps and OAuth apps may not handle this placeholder email properly. This may prevent you from accessing those apps or result in incomplete data being displayed. These apps may also prompt you to verify your email on GitHub before proceeding.

For example, GitHub Desktop might incorrectly prompt users to update their email in their Git config to their placeholder email. However, updating your Git config email could lead to commit misattribution as opposed to fixing it. While this experience is updated in GitHub Desktop v3.4.17-beta3, we recommend users verify their email address in response to such prompts.

Learn more about how to verify your email address.
App developers should also review our best practices for OAuth and GitHub App implementation to avoid disrupting the user experience in your apps.

See more

GitHub Copilot Chat for Xcode now in public preview

GitHub Copilot Chat for Xcode is now in public preview! You can enable GitHub Copilot in Xcode with any GitHub account and experience both code completions and in-editor chat assistance today.

What’s new

  • Chat view: Ask Copilot for help with coding tasks directly in the chat view.
  • Slash commands: Use quick commands, like /explain for code explanations.
  • Reference code: Scope chats to specific files for more relevant assistance.
  • Multiple conversations: Maintain different threads, each with their own context.
  • Chat history management: Keep track of past conversations for future reference.
  • Free access: Get 2,000 code completions and 50 chat messages per month for free, simply by signing in with your GitHub account or by creating a new one.

Try it out

Share your feedback

Your feedback drives improvements. Let us know what you think using the in-product feedback option, or share your thoughts with the GitHub Community.
Join us on this journey as we continue to enhance GitHub Copilot for Xcode and deliver a smoother developer workflow!

See more
View more changes