{"id":"org_yHXqOMVbbu9cGxfhqO8Fd","slug":"github","name":"GitHub","domain":"github.com","description":null,"category":"developer-tools","tags":["ci-cd","collaboration","git"],"sourceCount":3,"releaseCount":234,"releasesLast30Days":36,"avgReleasesPerWeek":3.5,"lastFetchedAt":"2026-04-19T03:02:11.559Z","trackingSince":"2021-07-21T15:58:15.000Z","aliases":[],"accounts":[{"platform":"github","handle":"github"}],"products":[{"id":"prod_ku38gbfkZIj8jCtmOqcJf","slug":"github-actions","name":"GitHub Actions","url":null,"description":null,"sourceCount":1},{"id":"prod_gN7aPW9TnYg2UxZv-1_82","slug":"github-copilot","name":"GitHub Copilot","url":null,"description":null,"sourceCount":0}],"sources":[{"id":"src_MMZseazQML6qIBcYFbNES","slug":"github-actions-runner","name":"Actions Runner","type":"github","url":"https://github.com/actions/runner","isPrimary":false,"isHidden":false,"fetchPriority":"low","releaseCount":100,"latestVersion":"v2.333.1","latestDate":"2026-03-27T17:01:07.000Z","latestAddedAt":"2026-04-08T00:01:05.595Z","productSlug":"github-actions","productName":"GitHub Actions"},{"id":"src_5xa-RULe62CdtLdIQZIXR","slug":"github-cli","name":"GitHub CLI","type":"github","url":"https://github.com/cli/cli","isPrimary":false,"isHidden":false,"fetchPriority":"normal","releaseCount":101,"latestVersion":"v2.90.0","latestDate":"2026-04-16T18:19:28.000Z","latestAddedAt":"2026-04-16T20:05:28.378Z","productSlug":null,"productName":null},{"id":"src_x6Dyj9Llt85SOEWdAUgil","slug":"github-changelog","name":"GitHub Changelog","type":"feed","url":"https://github.blog/changelog/","isPrimary":false,"isHidden":false,"fetchPriority":"normal","releaseCount":33,"latestVersion":null,"latestDate":"2026-04-17T22:32:41.000Z","latestAddedAt":"2026-04-18T01:02:29.101Z","productSlug":null,"productName":null}],"overview":{"scope":"org","content":"GitHub is consolidating security, AI, and supply chain tooling while enforcing capacity limits on high-volume usage.\n\n**CodeQL 2.25.2 tightened false positives in Java/Kotlin analysis.** Kotlin support advanced to version 2.3.20, and the `java/tainted-arithmetic` query was refined to stop flagging bounds-checking patterns. The `java/potentially-weak-cryptographic-algorithm` query no longer flags Elliptic Curve, HMAC, or PBKDF2 algorithms as weak—reducing noise for teams using modern cryptography.\n\n**OIDC now eliminates long-lived secrets for Dependabot and code scanning.** Both tools support OpenID Connect authentication for private registries at the organization level, removing the need to store credentials as repository secrets. Organizations can also configure multiple private registry feeds per ecosystem, dropping the previous single-registry constraint.\n\n**Code scanning alerts now link to GitHub Issues.** This public preview feature brings security remediation into existing planning workflows, and a new `Ask Copilot` entry point lets org admins get contextual guidance directly from secret and Code Security risk assessments.\n\n**SBOM exports moved to async operations.** Repository dependency exports and new API endpoints no longer block—exports are computed asynchronously and polled via webhook or status endpoint.\n\n**GitHub CLI 2.88.0+ gained Copilot Code Review integration.** `gh pr create` and `gh pr edit` support `--add-reviewer @copilot`; issues can now close as duplicates with `--duplicate-of`; and `gh workflow run` immediately returns the workflow run URL instead of requiring polling. v2.89.0 fixed `gh agent-task` on ghe.com tenancies and introduced an experimental TUI-based prompter.\n\n**Actions Runner v2.333.0 added service container entrypoint and command support.** Supports `entrypoint` and `command` fields for service containers, aligning Docker Compose behavior.\n\n**Copilot capacity and compliance tightened.** New usage limits enforce a 50-rerun cap on workflows; Copilot Pro free trials paused due to abuse patterns; Opus 4.6 Fast retired from Pro+ to manage concurrency. Copilot cloud agent validation tools run 20% faster. Data residency now available for US and EU regions with FedRAMP compliance for government customers. Usage metrics now aggregate cloud agent and CLI activity into a single breakdown.\n\n**Repository properties and alerts gained deployment context.** New built-in `deployable` and `deployed` properties expose artifact and deployment metadata; alerts and issues now surface release information in sidebars.","releaseCount":40,"lastContributingReleaseAt":"2026-04-15T22:05:52.000Z","generatedAt":"2026-04-16T15:06:42.843Z","updatedAt":"2026-04-16T15:06:42.843Z"},"knowledgePage":{"scope":"org","content":"GitHub is consolidating security, AI, and supply chain tooling while enforcing capacity limits on high-volume usage.\n\n**CodeQL 2.25.2 tightened false positives in Java/Kotlin analysis.** Kotlin support advanced to version 2.3.20, and the `java/tainted-arithmetic` query was refined to stop flagging bounds-checking patterns. The `java/potentially-weak-cryptographic-algorithm` query no longer flags Elliptic Curve, HMAC, or PBKDF2 algorithms as weak—reducing noise for teams using modern cryptography.\n\n**OIDC now eliminates long-lived secrets for Dependabot and code scanning.** Both tools support OpenID Connect authentication for private registries at the organization level, removing the need to store credentials as repository secrets. Organizations can also configure multiple private registry feeds per ecosystem, dropping the previous single-registry constraint.\n\n**Code scanning alerts now link to GitHub Issues.** This public preview feature brings security remediation into existing planning workflows, and a new `Ask Copilot` entry point lets org admins get contextual guidance directly from secret and Code Security risk assessments.\n\n**SBOM exports moved to async operations.** Repository dependency exports and new API endpoints no longer block—exports are computed asynchronously and polled via webhook or status endpoint.\n\n**GitHub CLI 2.88.0+ gained Copilot Code Review integration.** `gh pr create` and `gh pr edit` support `--add-reviewer @copilot`; issues can now close as duplicates with `--duplicate-of`; and `gh workflow run` immediately returns the workflow run URL instead of requiring polling. v2.89.0 fixed `gh agent-task` on ghe.com tenancies and introduced an experimental TUI-based prompter.\n\n**Actions Runner v2.333.0 added service container entrypoint and command support.** Supports `entrypoint` and `command` fields for service containers, aligning Docker Compose behavior.\n\n**Copilot capacity and compliance tightened.** New usage limits enforce a 50-rerun cap on workflows; Copilot Pro free trials paused due to abuse patterns; Opus 4.6 Fast retired from Pro+ to manage concurrency. Copilot cloud agent validation tools run 20% faster. Data residency now available for US and EU regions with FedRAMP compliance for government customers. Usage metrics now aggregate cloud agent and CLI activity into a single breakdown.\n\n**Repository properties and alerts gained deployment context.** New built-in `deployable` and `deployed` properties expose artifact and deployment metadata; alerts and issues now surface release information in sidebars.","releaseCount":40,"lastContributingReleaseAt":"2026-04-15T22:05:52.000Z","generatedAt":"2026-04-16T15:06:42.843Z","updatedAt":"2026-04-16T15:06:42.843Z"},"playbook":{"scope":"playbook","content":"# GitHub — Playbook\n\n> Agent reference for fetching and maintaining **GitHub** (`github`) changelog sources.\n\n**3** active sources · **2** products: GitHub Actions, GitHub Copilot · domain: github.com\n\n## Sources\n\n| Name | ID | Type | URL | Product | Last Fetched |\n|------|-----|------|-----|---------|--------------|\n| GitHub Changelog | `src_x6Dyj9Llt85SOEWdAUgil` | feed | https://github.blog/changelog/ | — | Apr 18 |\n| GitHub CLI | `src_5xa-RULe62CdtLdIQZIXR` | github | https://github.com/cli/cli | — | Apr 18 |\n| Actions Runner | `src_MMZseazQML6qIBcYFbNES` | github · low | https://github.com/actions/runner | GitHub Actions | Apr 18 |\n\n## Agent Notes\n\n### Extraction patterns\n\n**GitHub Actions Runner** (`github-actions-runner`) — GitHub releases from `actions/runner`. The Actions runner is a critical component of the GitHub Actions platform. Releases are semver (e.g., v2.318.0) with patch releases for bug fixes and feature updates. High-volume repo with regular releases. Maps to the **GitHub Actions** product (`github-actions`).\n\n**GitHub CLI** (`github-cli`) — GitHub releases from `cli/cli`. The official GitHub command-line tool (`gh`). Semver versioning with steady release cadence. Frequently updated with new features and bug fixes. Org-level source (not product-scoped), though CLI tooling is foundational to GitHub workflows.\n\n**GitHub Changelog** (`github-changelog`) — Scrape source from `github.blog/changelog/`. The main platform changelog blog covering features, changes, and improvements across GitHub's web interface and services. This is not a traditional versioned release feed — entries are date-based and cover feature announcements, deprecations, and platform updates. May reference Actions, Copilot, or other products. Has a discovered feed at `github.blog/changelog/feed/`.\n\n### Known quirks\n\n- The GitHub org names for repos are inconsistent: `actions/runner` (not under `github` org), `cli/cli` (not under `github` org). The org slug is unified as `github`, but repos live in different GitHub orgs.\n- The `github-changelog` scrape source auto-discovers a feed URL (`github.blog/changelog/feed/`). Feed polling is reliable; content is typically blog-post-style entries rather than atomic releases.\n- `github-actions-runner` is a very active repo with frequent updates. Use `--max` during bulk fetches to avoid overwhelming ingestion.\n- The GitHub Actions Runner releases sometimes include pre-release versions (alpha, rc). Filter by stable semver patterns if only stable versions are desired.\n- GitHub Copilot is a defined product (`github-copilot`) but currently has no sources assigned. Future sources may include dedicated Copilot updates or announcements.\n\n### Source coverage\n\n**GitHub Actions** product covers only the runner (`github-actions-runner`). The broader Actions platform (workflow syntax, marketplace, billing) may be announced in the `github-changelog` feed.\n\n**Organization-level sources:** `github-cli` and `github-changelog` are not tied to a specific product. Platform changelog entries span feature announcements and may reference multiple products or none specifically.\n\n**Uncovered areas:** Copilot (`github-copilot`) has no sources yet. GitHub Enterprise, GitHub Mobile, and other product-specific release channels are not currently tracked.\n","updatedAt":"2026-04-18T20:42:36.873Z"}}