GitHub’s new OIDC support for repository custom properties is more than a convenience feature. It gives platform teams a cleaner way to express cloud access around repo attributes instead of maintaining brittle allowlists one workflow at a time.
GitHub says Copilot code review is now generally available on an agentic, tool-calling architecture that can pull broader repository context on demand — and it runs on GitHub Actions. That combination shifts cost, governance, and security considerations for engineering orgs. Here’s how to evaluate it, especially if you use self-hosted runners.
GitHub is rolling out macos-26 GitHub-hosted runners. Here’s why it matters for iOS/macOS builds, code signing, supply-chain controls, and reproducibility in CI.
GitHub’s workflow dispatch API can now return run metadata, eliminating brittle polling and guesswork in automation. Here’s why it matters for platform teams building ChatOps, self-service, and internal developer portals.
GitHub’s workflow_dispatch API can now return run IDs. That makes self-service CI/CD safer and more observable, enabling tighter coupling between portal actions, audit logs, and rollout status.
OIDC in GitHub Actions has quietly become the default pattern for ‘secretless’ CI/CD. Here’s how to think about it as a platform primitive: trust boundaries, short-lived credentials, and how it changes the way you deploy into Kubernetes and cloud APIs.
