Content by allison (543)

Allison announces that Dependabot and code scanning can now use OpenID Connect (OIDC) for organization-level access to private registries, reducing reliance on long-lived secrets and enabling short-lived, dynamically issued credentials.

Allison announces new GitHub features that surface deployment and runtime context in repository properties and security alert pages, helping teams automate policy enforcement and prioritize Dependabot and code scanning alerts based on real production risk.

Allison announces a public preview feature that lets teams link GitHub code scanning alerts to GitHub Issues, making it easier to track and prioritize security remediation work in existing planning workflows.

Allison summarizes GitHub Secret Scanning updates that expand push protection defaults, improve enterprise fork coverage, and add new API capabilities for alert validity, provider filtering, scan history, and enterprise-wide dismissal request reporting.

Allison explains how GitHub’s SBOM export flow moved to an asynchronous model in the Dependency Graph UI and REST API, removing hard timeouts and adding a generate/fetch pattern for reliably downloading SBOM reports from large repositories.

Allison announces that GitHub Copilot’s third-party coding agents (Claude and Codex) now support model selection on github.com, including the currently available Claude Sonnet/Opus and GPT-5 Codex model options, plus notes on required admin policies and repo settings.

Allison announces updates to GitHub Code Quality standard findings (public preview), including faster triage features like file-path search, bulk dismiss/reopen, and richer per-finding context, with fix suggestions generated by GitHub Copilot Autofix.

Allison announces GitHub Copilot data residency for US and EU regions plus FedRAMP Moderate support, outlining what features are covered, which models are available, the pricing uplift for compliant endpoints, and how enterprise/org admins can enable the policies.

Allison announces a new “Fix with Copilot” button on github.com that uses Copilot cloud agent to resolve merge conflicts, verify builds/tests, and push updates from a cloud development environment, plus @copilot commands for PR fixes and workflow failures.

Allison announces a public preview feature for GitHub Copilot CLI that enables remote control of running CLI sessions from GitHub on the web and in GitHub Mobile, including monitoring, steering messages, plan review, and policy-controlled permissions.

Allison explains upcoming GitHub Copilot limit changes aimed at improving service reliability, including rate limiting behavior, guidance to switch models or use Auto mode, and the retirement of Opus 4.6 Fast for Copilot Pro+ users.

Allison announces updates to the GitHub Copilot usage metrics API, adding aggregated daily, weekly, and monthly active user counts for Copilot cloud agent (formerly Copilot coding agent) in enterprise and organization reports.

Allison announces a temporary pause on new GitHub Copilot Pro free trials due to increased abuse, while GitHub investigates and adds stronger safeguards; existing trials and paid options (including Copilot Free) continue to work as normal.

Allison announces a new GitHub Actions limit: each workflow run can only be rerun up to 50 times (including partial job reruns), after which GitHub will return a failed check suite with an annotation explaining the limit.

Allison explains an update to the GitHub Copilot usage metrics API where Copilot CLI activity is now included in top-level totals and feature breakdowns, changing how enterprise and organization dashboards should interpret usage fields.

Allison shares a GitHub update: Copilot cloud agent now runs its built-in security and quality validation tools in parallel, cutting validation time by about 20%, while keeping the same checks (CodeQL, secret scanning, Advisory Database, and Copilot code review).

Allison announces a new GitHub moderation option that lets moderators classify hidden comments as “Low Quality” (in addition to options like Spam and Abuse) across issues, discussions, pull requests, and commits.

Allison announces a GitHub update that shows contributor role labels (like First-time contributor, Contributor, and Member) directly in the pull request list view, helping maintainers triage PRs faster and spot first-time contributions more easily.

Allison announces GitHub updates that surface release information directly in the issue sidebar, add default values for GitHub Projects fields, and improve navigation by opening issue references in the issue viewer.

Allison announces new GitHub Copilot usage metrics API fields that measure how Copilot code review affects pull request merges and time-to-merge, enabling enterprise and org owners to track adoption and review impact across reporting windows.