Community engagement

We will now post updates and status interruptions in real-time on GitHub Community. We understand that no product is perfect, and there will be times when unsuspected degradations or outages occur. To make information as open and accessible as possible, any incident that occurs and is on our GitHub status page will have a corresponding discussion post on GitHub Community.

This will give you a centralized thread in Community Discussions for you to share your experiences and find up to date information as it impacts your work.

What can you expect?

• If an incident occurs and is on our GitHub status page, a discussion will post declaring the incident in the community
• The ability to subscribe to an open incident discussion for real-time updates
• Subsequent updates to post on the incident’s discussion thread
• When an incident is resolved, you will see a marked answer and an image indicating the incident is resolved
• If available, a link to the public incident summary

Questions or feedback? We want to hear from you! Join our Community discussion to share.

Now, verified nonprofits can access the GitHub Team plan for free or receive 25% off the GitHub Enterprise Cloud plan through GitHub for Nonprofits. This includes nonprofit organizations that are 501(c)(3) or equivalent and are non-governmental, non-academic, non-commercial, non-political in nature, and have no religious affiliation.

You can sign up here to get exclusive discounts automatically applied to your account. Join GitHub for Nonprofits, where technology meets purpose, and together, let’s create a more sustainable and equitable future for all.

Join the discussion within GitHub Community.

As part of our commitment to improving your experience at GitHub, we’re simplifying the terminology we use to refer to products that are in testing and validation stages. Starting on October 18, 2024, you’ll start seeing the word “Preview” instead of “Alpha” or “Beta” to describe our features that are not yet generally available.

What’s Changing?

Our goal with this update is to create a more consistent, clear process that helps our customers understand the state of new features and how they fit into their development workflows.

• As shown in the table below, we’re reducing the number of terms we’re using but keeping the same flexibility for giving early access and gathering customer feedback before a General Availability (GA) launch.
• The key difference between “Private” and “Public” previews is whether the release is publicly announced.

What to Expect

These changes are now live in customer-facing documentation as of today.

Here’s an overview of the changes:

Thanks for being part of the GitHub community! These updates are designed to provide clearer communication and a smoother experience as we roll out new features.

View all your organization’s Sponsors activity in one place.

It’s now easier for organizations to view GitHub Sponsors related activities in one place. From the Sponsors dashboard you can view your current and past sponsorships, create bulk sponsorships, and view your dependencies. You can search for a specific project or export all of your dependencies to easily find maintainers to sponsor.

Learn more about the Sponsors dashboard.

Share Sponsorships on Social Media

Maintainers and sponsors can share and celebrate sponsorships on social media with a click of a button. Maintainers can connect with their sponsors and share their goals.

Learn more about sharing on social.

Maintainers can now display their top sponsors on their Sponsors profile. Users can opt to manually select up to 10 sponsors, automatically display their top funders or opt out of displaying featured sponsors altogether.

To learn more about featured sponsors, please visit our GitHub Sponsors docs.

Today, we’re releasing a beta version of an open source GitHub App that manages private mirrors of public upstream repositories. The Private Mirrors App (PMA) enables organizations with regulatory or policy code review requirements to conduct their reviews in private, before contributing changes upstream. The app manages the lifecycle and synchronization of these private mirrors and automatically configures rulesets to manage PRs made to the mirrors.

The main benefits of working on private mirrors through PMA are:

• Branch protection rules can enforce PR reviews by people on particular teams to ensure proper signoffs
• If commits include code/keys/docs that should not be made public, there’s the opportunity to remove them and squash merge without leaking history
• Initial development can happen inside an Enterprise Managed Users (EMU) organization, whose users ordinarily can’t interact with public GitHub repos. Once the app syncs a change, the public fork and upstream PR use normal github.com identities.

If this is interesting to you, check out the Private Mirrors App repo. If you’ve got questions or feedback, feel free to file an issue in the repostitory or join the conversation in the GitHub Community Discussions.

We’ve streamlined the process for organizations to request invoices as a payment option for GitHub Sponsors. The service agreement for invoiced payments has moved out of the invoice request flow and added to the GitHub Sponsors additional terms.

If your organization is already receiving invoices for Sponsorships, there’s no need to worry. Your invoicing and current agreement will remain unchanged.

For more information on invoice payments for GitHub Sponsors, please visit Paying for GitHub Sponsors by Invoice.”

We’re excited to announce that the dependabot-core project is being relicensed under the MIT License, making it easier for the community to contribute to Dependabot.

Keeping dependencies updated is a crucial part of securing your software supply chain, and Dependabot has been helping GitHub users do this since 2019. It’s used by millions of developers each month to keep their dependencies up-to-date and free of known security vulnerabilities. We don’t charge anyone to use Dependabot, because we think everyone should be able to use open source without fear of vulnerabilities.

dependabot-core is the component of Dependabot that defines the logic to create pull requests for dependency updates across the 20+ languages and package managers it supports today. The update logic in dependabot-core is tightly integrated with the rest of GitHub’s Dependabot features, such as grouped updates and auto-triage rules, and contributions from collaborators have helped with its support of Swift and improvements to NuGet. By adopting the MIT license, we will simplify the process for members of the community to contribute to Dependabot and innovate together.

Dependabot-core was previously available under the Prosperity Public License 2.0, and has received contributions from more than 300 developers over the past few years. Now, the MIT license will make it easier than ever for members of the community to join our cause to improve the security of all the world’s software. If you’d like to learn more about contributing to dependabot-core, please check out the repository, and drop us an issue or pull request!

We’ve simplified the signup flow to make it easier for maintainers to join Sponsors. If you’re in a supported region, your profile will be accepted immediately.

If you live in a region that isn’t already supported by GitHub Sponsors, you can sign up for the waitlist to participate in GitHub Sponsors. For a list of supported regions, see GitHub Sponsors.

Haven’t signed up for GitHub Sponsors yet? Join now at GitHub Sponsors.

To enhance accessibility for our users, we have introduced a new accessibility setting that allows the underlining of links within text. It is important that links are clearly distinguishable from the surrounding text, which is achieved not only through color but also through additional styling.

For more information on this feature, please visit our documentation. Thank you for all your valuable feedback during the beta phase.