1. Home
  3. Companies
  5. GitHub
GitHub

GitHub status: access issues and outage reports

Some problems detected

Users are reporting problems related to: website down, sign in and errors.

Full Outage Map

GitHub is a company that provides hosting for software development and version control using Git. It offers the distributed version control and source code management functionality of Git, plus its own features.

Problems in the last 24 hours

The graph below depicts the number of GitHub reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

June 9: Problems at GitHub

GitHub is having issues since 08:40 PM AEST. Are you also affected? Leave a message in the comments section!

Most Reported Problems

The following are the most recent problems reported by GitHub users through our website.

  • 72% Website Down (72%)
  • 16% Sign in (16%)
  • 13% Errors (13%)

Live Outage Map

The most recent GitHub outage reports came from the following cities:

CityProblem TypeReport Time
Tel Aviv Website Down 1 day ago
Rive-de-Gier Website Down 1 day ago
Itapema Website Down 20 days ago
Tlalpan Sign in 26 days ago
Quilmes Website Down 26 days ago
Bengaluru Website Down 28 days ago
Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

GitHub Issues Reports

Latest outage, problems and issue reports in social media:

  • Freyabuilds
    Freya Lawson (@Freyabuilds) reported

    NVIDIA charges you $19.99 a month to stream games you already own. And starting January 2026, they cap you at 100 hours. One engineer from New Zealand built the free version with no cap. It is called Steam Headless. 3,177 stars on GitHub. GPL-2.0. Built by Josh Sunnex. 225 commits. The next contributor has 16. He has done more work than everyone else combined. It is a Docker container that turns any spare PC, server, or NAS into your own personal cloud gaming machine. Install Steam inside it. Mount your games folder. Open a browser on your phone, your laptop, your tablet, your TV. Your games are right there. Streaming. From your own hardware. To anywhere in the world. It supports NVIDIA, AMD, and Intel GPUs. It streams over Moonlight, Steam Link, or straight to a web browser. It runs Proton so Windows games work on Linux. It installs Heroic, Lutris, and EmuDeck with one click for your non-Steam games. It runs on Debian Trixie, Unraid, Ubuntu Server, or Docker Compose. Last update: April 20, 2026. Still maintained. Still by one man from New Zealand. Now compare the math. GeForce NOW Ultimate: $19.99 a month. $239.88 a year. Forever. Capped at 100 hours per month. Run out? Pay $5.99 for another 15 hours. Xbox Game Pass Ultimate: $22.99 a month. $275.88 a year. Forever. You stream Microsoft's games on Microsoft's hardware on Microsoft's terms. Steam Headless: $0. Forever. Your hardware. Your games. Your network. No hour cap. No queue. No throttle. Buy a used GPU once. Run this container. Stream your entire Steam library to any device on the planet. That is the entire pitch. But DO NOT install it. We should all keep paying NVIDIA and Microsoft to play the games we already bought. 100% Open Source. (Link in the comments)

  • NathanBurg
    Nathan Burg (@NathanBurg) reported

    @BenediktHolm @ibuildthecloud Yeah, this is the exact loop we're trying to make seamless. GitHits indexes open source code across 12 package registries plus all of GitHub, along with the docs and vulnerabilities that go with it, so the agent can search and navigate all of it directly and just surface the fix instead of you hunting for it. If you want to skip the docs trips entirely, it's free in beta right now: npx githits-cli@latest init

  • Sprytixl
    Sprytix (@Sprytixl) reported

    THIS CHINESE SCHOOLBOY TIIGUAN IS BUILDING TETRIS WITH HIS DAD ON AN IPAD - ***, COMMAND LINE AND AI DEBUGGING AT AGE 10 at the 18-second mark dad stops him mid-code - "you need to be specific, this is prompt engineering, give as much context as possible" - the son nods and rewrites the prompt the game broke, AI fixed it, they pushed to GitHub and reloaded - one commit at a time son wants to use the UI for everything, dad insists on command line - "you need to know the principles, the UI won't always be there" dad failed a DevOps exam because he couldn't find the *** branch button in the UI - that's exactly why he's teaching his kid the command line first iPad on the browser as the IDE, custom logo already designed, Tetris half-broken and half-fixed - and it's the best coding lesson either of them will remember the gap between kids who learn this at 10 and kids who discover it at 25 is measured in decades of compounding skill

  • narayani_shreya
    Shreya Narayani (@narayani_shreya) reported

    @manojdotdev GitHub, until production goes down.

  • costackedceo
    momo! (@costackedceo) reported

    Here’s your monthly reminder that copying StackOverflow is for beginners. The new meta is feeding your agents yesterday’s GitHub issues so they hallucinate tomorrow’s breakthroughs.

  • Cyber_ImpPlant
    Cyber ImpPlant (@Cyber_ImpPlant) reported

    @thepandeko 3 - Based on how differently open source code and closed code works. It’s not like you just publish your code on GitHub and voila you’re done. For a heavily centralized game this is a huge technicality that can end very wrong. 4 - This is not good since in the industry it’s a pattern that leads to shutting down. It’s rather desperate move. 5 - Again open sourcing heavily centralized system isn’t easy transition. It’s borderline crazy.

  • gitbankbot
    gitbankbot (@gitbankbot) reported

    Gitbank vault operations run entirely through GitHub. Mention @gitbankbot in any issue or PR to move funds or assign bounties. No separate interface. 220 vaults active on the network.

  • andrewbabbitt97
    Andrew Babbitt (@andrewbabbitt97) reported

    @julian_center @fuolpit Tried both, this is way better integrated with GitHub issues / PRs and code review. No need to leave the app for the entire development cycle

  • KevinOnEarth
    Some Body (@KevinOnEarth) reported

    @flutterflow This was the address given on GitHub for #Flutterflow issues.

  • ganeshboggarapu
    Ganesh Boggarapu (@ganeshboggarapu) reported

    *** Clone and *** Fork. They sound similar but are they really the same? *** clone is generally used to download the repository as it is and work on it at a local level. You can clone/download a repository from the parent or main using a CLI, SSH, HTTPS methods. The ownership of the repo still remains the same. You can only make changes to the repo in your local environment. *** fork is used when you want to take a server-side copy of the repo and have it under your github account and make changes to it to suit your requirements. You don't need any permissions to change the source code and you can add you own features to it, unless you are pushing changes to the original repository.

  • Manavvv31
    Manav (@Manavvv31) reported

    One of the most important internet companies has no social hype. Zapier connects 8,500+ apps and quietly automates millions of workflows every day. Emails. Leads. CRMs. AI agents. Spreadsheets. Support tickets. Here is why millions of businesses pay for it. 1. No-code automation Non-technical teams automate entire workflows without a single developer. 2. Saves serious time Sending emails. Moving data. CRM updates. Invoices. Lead management. All running in the background, automatically. 3. Works with almost everything 8,500+ integrations is their real moat. If a business tool exists, Zapier probably connects to it. 4. AI built in Zapier now has an AI Copilot that builds automations from plain-language descriptions and supports native AI agent workflows. Here is what it costs. Starter: $19.99 a month. Professional: $49 a month. Team: $69 a month. Business: $149 a month. A 50-person team on the Business plan pays over $24,000 a year just to have their apps talk to each other. In 2019, a developer in Berlin decided that number was too high. His name is Jan Oberhauser. The software is called n8n. He is still the CEO. It started as a side project. It is now valued at $2.5 billion. The self-hosted version costs nothing. Free. Open source. You run it on your own server. You own every workflow and all your data. Here is what it does in plain words. You connect any two apps on a visual canvas. No code required. An email arrives. n8n reads it. Extracts the key information. Saves it to a spreadsheet. Notifies your team in Slack. Automatically. Every time. In 2025 and 2026, n8n added native AI agent nodes. You can now build a workflow where an incoming customer email triggers an AI that reads the full conversation history, drafts a context-aware reply, and saves a copy to your notes. Without writing a line of code. Without a monthly fee. 400+ native integrations. 162,000 stars on GitHub. Used in production by Cisco, Microsoft, and Liberty Mutual. Self-hosted: free forever. Cloud version: $20 a month if you prefer managed hosting. Zapier sells you a bridge between your apps. n8n hands you the blueprint and says build it yourself.

  • Tracebackqa
    Traceback (@Tracebackqa) reported

    Release pain shows up at the last click. - Traceback is the QA layer - AI drives the browser like a person, so every PR is tested automatically. - Self-healing tests keep false breaks down; failures land in GitHub, Linear, and Slack. Verify every product change before it ships.

  • datathecodie
    Dattaprasad Ekavade (@datathecodie) reported

    @the_rishji 1. You are wasting money by using Github Copilot in June 2026 2. We have been doing this since 2025. Sit down Grandpa.

  • xah_lee
    Xah Lee (@xah_lee) reported

    the problem with github is that it only measure open source code. code with lots value, are often not shared. e.g. banking , stocks, google search, microsoft windows, big physics, engineering mega machines, nukes, etc.

  • glitchtruth
    Glitch Truth (@glitchtruth) reported

    Microsoft had to shut down 70 of its own GitHub projects this week. Someone slipped password-stealing code into the official versions, Azure tools included. Second time in three weeks. The attack is almost boring it's so simple. Get push access to a popular project, ship an "update," and every developer who runs the standard install command downloads malware that looks like a normal patch. No clever exploit. The trust chain is the exploit. If your team installed anything from a Microsoft repo in May, audit it this weekend. Pin your dependency versions. Stop letting your build pipeline pull down whatever the latest tag points to.

  • RV_Smirnov
    Ross (@RV_Smirnov) reported

    Coding agents just hit the 2nd-order problem: not "can it write code?" but "can you afford the tokens when it loops?" GitHub moving to usage-based AI credits is the pricing wake-up call for agent infra. Reliability now includes cost control. @karpathy @yoheinakajima

  • RabergerRaphael
    Raphael Raberger 🇦🇹 (@RabergerRaphael) reported

    It's basically like being told to wipe someone's disk and then give the fault to the one who told you to.... logic ain't logicing. If you find a long enough uptime window of github, have a read in the linked issue. "Maintainer works as intended" #VibeCoding

  • realantonmaier
    anton (@realantonmaier) reported

    @ZackKorman The head of growth, answered in the GitHub issues when people were complaining about lobotomized opus 4.6/because of mythos. If mythos is so great why would the lobotomize 4.6? Because 4.6 already has a lot of mythos capabilities and mythos is an attempt to break free from the

  • techsnif
    TechSnif (@techsnif) reported

    Microsoft shuts down 70+ GitHub repos after hackers pushed credential-stealing malware targeting AI coding agents

  • Slav636
    Svyatoslav Pidgorny 🇺🇦🇦🇺 (@Slav636) reported

    @mikeinmx @MrCoolCow @geerlingguy My ISP and all good CDNs offer first class support for IPv6, so no problem. Operating services, we had WAF issue once; over half of API traffic to the finserv where I work is IPv6, with little less latency. Lack of UPv6 support id a sign of systemic issues (looking at GitHub!)

  • GoCocoaAI
    GoCocoaAI (@GoCocoaAI) reported

    Two separate campaigns land in the same news cycle, both targeting developers, both harvesting crypto. Worth unpacking independently — because they're converging on the same technique from different directions. The first is Shai-Hulud: a supply chain worm seeding malicious packages across npm and PyPI, passive and patient. The second is the Lazarus Group's "Graphalgo" operation: 250+ fake developer job pitches over six weeks, running across LinkedIn, Facebook, and Reddit, fronting as a blockchain/crypto exchange recruiter. ReversingLabs named and documented it. Attribution is high confidence. The lure is a coding challenge. The ask is a pip install or npm install. That's a completely normal developer behavior — and that's the whole bet. Lazarus doesn't cold-call your friends; they cold-call developers. The bigmathutils npm package cleared 10,000+ downloads before the malicious payload version shipped. The actor built a clean reputation first, then weaponized it. Pre-poisoning the well before you use it. Notably, this is the same pattern Shai-Hulud runs across its SAP and Bitwarden-themed variants. Two separate campaigns, same technique, overlapping target population. The attribution between them isn't confirmed, but the technique overlap is non-trivial — worth watching whether infrastructure ties surface. The payload is a RAT, and it's modular by design. Recruiter persona, GitHub repo, npm package, C2 — each piece operates semi-independently. If one component burns, the campaign survives. Lazarus learned from past takedowns. The malicious logic stages across multiple public services (GitHub, npm, PyPI) in sequence, which makes static detection harder and maps cleanly to T1195.002, T1105, T1027. The harvest list: SSH keys, .env files, AWS/GCP credentials, session tokens, cryptocurrency wallets. For any org where developers are also holding company cloud credentials or internal service tokens — a common reality — this escalates from individual compromise to full lateral movement risk into production infrastructure. AI/ML pipeline developers are squarely in the target profile. Python and JavaScript developers, crypto-adjacent work, permissive install habits. The graphalgo campaign is not subtle about what it wants. The compounding factor is the simultaneity. Shai-Hulud is passive and ambient — it doesn't need a developer to make a mistake, only to upgrade a dependency. Graphalgo is active and targeted — it needs one developer to bite on a recruiter message. Both are running right now, against overlapping developer populations. The probability that at least one developer on a mid-size team encounters one of these two campaigns in the next 30 days is not low. Practically: brief your dev team that any unsolicited recruiter outreach with a coding challenge requiring a package install should be treated as a phishing attempt until verified. Audit recently installed packages against the ReversingLabs graphalgo IOCs, specifically bigmathutils and its PyPI counterparts. Rotate cloud credentials for any developer who installed new packages from untrusted sources in the past six weeks. Lock down CI/CD package install policies — hash-pinned dependencies, flag anything not in the lockfile at last audit. Two campaigns, different TTPs, same harvest. Neither of them theoretical.

  • FilipeNevola
    Filipe Névola (@FilipeNevola) reported

    The Visionary Steward AI made it much easier to produce code. But producing code is not the hard part anymore. The hard part is deciding what should exist, why it should exist, which rules it needs to follow, which risks it creates, and how the product keeps improving after the first version is shipped. This is where the visionary part matters. Ideas now have more leverage. A clear product vision, a strong mental model, and good judgment about the user experience can become working software much faster than before. But vision alone is not enough. Someone still has to guide the system, define the constraints, notice when the AI is wrong, and keep the product coherent over time. That is the work I now think of as stewardship. On June 14, 2024, in my first GenAI workshop, I used this slide: Image attached: slide from my first GenAI workshop, "Why a Framework?" The slide was called "Why a Framework?" and the bullets were simple: - Implementation is a detail - Ideas are important - UX is crucial - Mental model and use cases are key I think this is temporary, but right now we dream and then guide the AI to avoid mistakes and create sustainable products. That is a huge disadvantage for non-professional developers. They can dream, but they cannot meaningfully guarantee the final result of the product. I believe this is temporary, and I can explain why. The three pieces To make this work, I think we need three pieces: 1. Foundation 2. Skills 3. Workflows Foundation gives the AI the rules of the world. Skills turn repeated instructions into reusable procedures. Workflows connect those skills into a software development cycle. With those pieces in place, and with humans paying attention to AI decisions, we already have enough to build great features. I want to show how we are doing this in a real complex project: Quave ONE. How we are doing this in Quave ONE In Quave ONE, we are treating AI-assisted software development as an operating system, not just as a chat window. The goal is not only to ask the AI to write code. The goal is to give the AI a strong environment where it can make better decisions, avoid known mistakes, follow the way the team works, and keep improving the product without depending on one human remembering every detail. Today, our system has three main layers: 1. Foundation 2. Skills 3. Workflows They are different things, and I think that distinction matters. 1. Foundation The foundation is the set of decisions that should be true before the AI starts working. This is where we document the product, the architecture, the commands, the rules, the safety constraints, and the style of the codebase. In Quave ONE, this starts with a root instruction file that explains what the project is, where each part of the system lives, which commands to run, what is safe, what is forbidden, and which quality gates must pass before finishing. For example, the AI knows that Quave ONE is the product name, not an older or alternate name. It knows that the repo is a monorepo with the main app, MCP server, docs, website, shared package, and end-to-end tests. It knows that the Meteor app has special constraints, that server code must use async APIs, that enum values should not be loose strings, that public API changes require docs updates, and that Kubernetes access is read-only unless a human explicitly decides otherwise. This matters because AI is very good at continuing patterns, but it is not automatically good at knowing which patterns are correct for your system. So the foundation gives it the right starting point. We also have longer internal docs for areas that need more explanation: - Frontend structure and design system - Meteor 3 compatibility - Coding style - Enum patterns - Logging - Audit events - Secrets - MCP tools - Database apps - Support automation - Publishing workflows - Production and staging references - App-specific architecture notes The important idea is that not everything should be in the always-loaded instruction file. The always-loaded file should stay short. The deeper context can live in internal docs that the AI reads when needed. A good foundation makes the first big decisions better. It prevents the AI from wasting time rediscovering the system. It also prevents a common failure mode: the AI writes plausible code that does not belong in the actual product. 2. Skills Skills are repeatable procedures. They are more specific than foundation docs. A foundation doc says, "This is how the system works." A skill says, "When this kind of task appears, do these steps in this order." In Quave ONE, we have skills for recurring engineering and product operations. Some are code-focused: - Creating MCP tools - Working with enums - Running a structured autoreview - Executing a GitHub issue from plan to PR - Running a QA pass against an issue checklist - Creating a PR with the right diff, tests, and body Some are project-management focused: - Creating GitHub issues - Estimating issues with Fibonacci points - Computing iteration progress - Moving early-stage issues to the Icebox Some are business or operations focused: - Analyzing daily usage and billing changes - Reading blog posts from Lemeno - Publishing blog posts through Lemeno - Watching production errors and operational signals The value of these skills is that they encode the operational memory of the team. For example, "create an MCP tool" is not one action. In our case, it can touch shared enums, business logic, REST endpoints, MCP registration, docs, lint, and tests. If the AI treats that as "add one file", it will produce something incomplete. The skill gives it the full path. The same is true for issue execution. We do not want the AI to silently implement something and then summarize later. The workflow says: create the checklist in the issue first, work item by item, mark progress, run focused tests, review the diff, and link the PR. That changes the AI from a code generator into a process participant. A skill does not need to be complicated. It should define when to use it, what inputs are needed, which steps to follow, what proof is required, and what artifact should be left behind. I think most companies should start building skills as soon as they notice themselves saying the same thing to AI three times. The first version does not need to be perfect. It just needs to capture the current best workflow. 3. Workflows The third layer is how the skills connect into a product development cycle. This is where the steward role becomes very visible. A single AI task can be impressive. But a product is not built from isolated tasks. A product needs intake, shaping, implementation, review, QA, release, measurement, errors, logs, and feedback. There is another part that is very important in how I work: passive awareness. I use Quave ONE, our own cloud system, with automation features to track errors and send them to me on Slack. Even when I am not actively looking at a dashboard, I am aware of the errors that are happening. This matters because I am very methodical about logs. Logs are not noise to me. Errors are important signals and should be checked. In an AI-assisted development loop, this becomes even more important. The AI can help write the feature, but the product has to keep talking back after the feature is deployed. Runtime errors, failed jobs, strange logs, customer reports, and usage changes are all part of the product feedback system. In Quave ONE, the cycle looks roughly like this: Idea or problem to GitHub issue to estimation to execution checklist to implementation to focused tests to autoreview to pull request to QA pass to bug fix PRs if needed to release to Quave ONE automations watch errors and logs to Slack alerts when something needs attention to iteration progress to usage and billing analysis to new feedback into the backlog The important part is that the issue body becomes the tracker. The AI does not just "work on issue 123". It creates or updates an execution checklist. It marks the current item. It adds proof. It links PRs. If QA finds bugs, those bugs are added back to the checklist and connected to fix PRs. This makes the process auditable. It also lets humans steward the work without micromanaging every line of code. The human can look at the issue, the PR, the test plan, and the QA notes and decide whether the AI is moving in the right direction. This is where I think non-professional developers are temporarily disadvantaged. They can describe the dream. But without foundation, skills, and workflows, they cannot reliably inspect whether the AI is making sustainable product decisions. The future will probably reduce that gap. Templates will get better. Skills will become more standardized. Agents will understand more about architecture, testing, and production risk by default. But right now, the steward matters. The steward is the person who can say: - This belongs in the app, not infra. - This needs an audit event. - This enum should not be a loose string. - This should be a workflow, not a one-off prompt. - This issue is too large and needs splitting. - This PR needs a focused test, not a generic summary. - This bug should go back into the checklist. - This production error is a real product signal, not background noise. - This is a product decision, not only a code decision. That is the difference between generating software and growing a product. Externalizing this into a template That is the Quave ONE version. The reusable version cannot be "copy Quave ONE". Not every team uses GitHub Projects, Meteor, Slack, Quave ONE, or the same release process. So the generic extrapolation lives in the template repo. The template is a guided conversation. It helps the AI ask what is true in your reality, inspect the repo when one already exists, and generate the foundation, skills, workflows, and runtime feedback loop that match your context. We are externalizing these ideas into a reusable template here: Visionary Steward Template in the quavedev GitHub organization The simple way to use it is to give the template to an AI agent and ask it to guide you through the setup. If you are starting a new project, it helps create the first structure. If you already have a project, it helps inspect what exists, find what is missing, and add the pieces that make AI work safer and more consistent. The goal is not to copy our stack, tools, or workflow. The goal is to take the pattern and apply it to your project.

  • FoundryLabsTom
    Tom Arnold (@FoundryLabsTom) reported

    We've been using CodeRabbit for the last 9 months as part of our PR review process in Github, and so far, I'm a happy customer. I've personally learned a lot from CR's feedback, as well as its strengths and weaknesses. BLUF: CR does provide a lot value, but only when you're able to separate the legitimate issues from bad suggested fixes. As with anything produced by AI, validation is extremely important. CodeRabbit is not infallible and will produce false positives. To address this, our implementation orchestration agents monitor new PRs and run a /rabbit skill that processes all CR reported issues through a multi-phase multi-agent validation and adversarial review workflow. Here's what we've learned from our freshest batch of 58 CodeRabbit scorecards we've produced over the last few weeks: 1. The 58 scorecards contained 227 findings (issues and nitpicks reported by CR.) ~71% of the findings were judged to be valid and received fixes. 2. If we break things down further between CR issues and nitpicks, we've seen a false positive rate of 26.8% for issues, and 51.6% for nitpicks. Even though nitpicks had a noisier FP rate, they did help expose real weaknesses in our code, stale-comments, artifacts, and repo-convention problems. 3. Some of the highest value CR findings were solid boundary/contract issues: * auth/tenant/RBAC gaps * API/OpenAPI drift * DB/RLS invariants * race/idempotency bugs * test/mock parity failures 4. False positive patterns observed: * "Issue" already handled elsewhere * contradictions to repo conventions * misunderstanding of test intent * generic repo-wide heuristic warnings 5. Our /rabbit workflow currently has Opus & Sonnet performing an objective review and an adversarial review. Obj/adversarial reviews agreed 83.7% of the time. Interestingly, in disagreements, the judging agent (Opus) split between the obj and adversarial agents at 50%. 17 objective / 17 adversarial. 6. Reviewer consensus was highly predictive: when objective + adversarial reviews agreed, the judge matched consensus 99.4% of the time. 7. We saw ~156 valid CR findings. In the subset with explicit fix verification, 129/130 remediations were verified. *Fixes for some valid findings were deferred as "won't-fix", addressed later, or weren't successfully logged/tracked by our /rabbit workflow. 8. We need to continually analyze and improve the consistency and reliability of our agentic logging, especially when a new model releases. The most interesting negative result to me: I expected PR size to be predictive of higher false positives rates. So far, my assumption is wrong. In this batch of scorecards, CR false positive rates did NOT reliably increase with PR size. Additional CR Scorecard PR context: - Median PR size: 1,233 changed loc - Min: 6 - Max: 12,916 (docs/archive) Over the last month we've created over 150 PRs. Not all PRs returned CR reported issues triggering a /rabbit review and scorecard. With proper validation CR has helped prevent shipping a lot of bad bugs that slipped past our pre-commit review agents, saving a significant amount of time/money

  • Top10_Dev
    top10.dev (@Top10_Dev) reported

    So your only edge is visible work: your GitHub graph, your ship rate, your taste in which problems matter. That's all that's left. That's your resume.

  • GoCocoaAI
    GoCocoaAI (@GoCocoaAI) reported

    Two engineers in Brooklyn launched a GitHub alternative today. The "anti-AI" framing got them trending on HN. The actual story is more interesting than the framing. Gitdot is live, Apache-licensed, Rust-backed, and explicit about three things most developer platforms won't put in writing: no AI features, no data sales, no training on your code. The FAQ doesn't hedge — "there are fewer things lamer than selling data for profit." That's not a privacy policy. That's a product philosophy written by people who were annoyed enough to start over. The "anti-AI" label is doing three distinct things and it's worth separating them. First, it's not a Luddite position — the FAQ is precise: "We view AI as an implementation detail — and do not think that using it is necessarily good. In fact, we think it makes many products worse by acting as a bandaid for poor design." That's a critique of Copilot-as-product-strategy, not a critique of machine learning. It's coherent. It resonates with a specific developer cohort that's tired of features they didn't ask for. Second, the data-sovereignty angle is the more durable differentiator. GitHub's lack of an explicit opt-out from Copilot training on private repos — before the 2023 policy change — created real developer anxiety. Gitdot is betting that anxiety hasn't fully dissipated. The HN upvotes suggest it hasn't. Third, the actual technical bets are stacked diffs as the PR primitive and a CI/CD platform described as "secure by design, locally testable and reproducible." Stacked diffs are genuinely superior to GitHub's PR model for large codebases. GitHub has been rumored to be working on native stacked PR support for two years. We are nothing if not consistent. The CI/CD claim lands with unusually sharp timing. The Register reported today that GitHub nuked 70+ Microsoft repos after suspected worm infections targeting cloud secrets through CI/CD pipelines. That's not coordination with Gitdot's launch — it's coincidence. But it is a clean illustration of the exact threat surface they're positioning against. The exposure window for secrets in cloud-hosted CI/CD is open, and GitHub is the largest target on it. Two caveats worth sitting with. Execution risk is high — two engineers building a *** hosting platform, a CI/CD system, and a planned E2EE *** protocol simultaneously is an ambitious surface. They know it; the FAQ says "building software right is still hard," which is either disarmingly honest or a very good read of the room. And the Rust server code hasn't been audited. For a project leading with security and data sovereignty, that's a gap the community will need to close before any serious migration conversation happens. Apache license means forks are welcome — they literally invite that — but security posture is entirely self-certified until someone serious engages. Gitdot is not a GitHub replacement today. The user base is in the single digits; org tooling and CI/CD are roadmap, not shipped. But it's a serious watch item. Gitea, Forgejo, and Codeberg all carved out real niches precisely because GitHub stopped feeling like a developer-first product. Gitdot is the most design-conscious entry in that category to date. A two-person pre-seed startup in Brooklyn is not an existential threat to a platform with 100M+ developers. GitHub noticed Tuesday. Or it will.

  • SimonAlmers
    Simon Almers (@SimonAlmers) reported

    @maria_rcks I’d imagine this will be unplayable when GitHub IDs down… 500 Can not read current score

  • ainews_24_7
    AI News 24 (@ainews_24_7) reported

    NEWS: Microsoft took down dozens of GitHub repos after hackers injected password-stealing malware into Azure and AI tools. The malware stole credentials from developers using compromised tools for Claude Code, Gemini and VS Code. $MSFT Source: TechCrunch

  • godofprompt
    God of Prompt (@godofprompt) reported

    2. GitHub Connect your repos and your AI can read code, issues, and pull requests. Have it review a PR, triage open issues, or draft a fix against the real codebase.

  • asli_sarthak
    Sarthak Sharma (ब्राह्मण) ✨ (@asli_sarthak) reported

    Dear @github Your one of the my most favourite app Harmony Music is not working if there is any issue please resolve it and if there is any setting you changed please tell us.... @github

  • Huintellimance
    Huintellimance (@Huintellimance) reported

    One year ago, Claude Code fixed simple bugs in a terminal window. Today, Boris Cherny — its creator — manages tens of thousands of AI agents at once. Some mornings, a few hundred. Other days, tens of thousands. He hasn't handwritten a line of code in 8 months. Here's what actually happened inside Anthropic: The first version was a hack. One Claude, one terminal, one task. Developers were still writing code themselves and using Claude as a fancy autocomplete. Then something shifted. Claude Code started getting subagents — and those subagents were other Claudes. The user stopped prompting. "It's actually another Claude that does the prompting," Boris said this week at Fortune Brainstorm Tech. Today it looks like a tree. Thousands of agents branching out, talking to each other in parallel, each handling a piece of a massive problem. Claude Code now accounts for 4% of all public GitHub commits. Code output at Anthropic is up 8x since January. But here's the part nobody's talking about enough: The biggest unlock wasn't a bigger model. It was verification. For years, the bottleneck was: can the AI write good code? Turns out the real question was: can the AI check if the code is good? Once Claude Code could verify its own output — run tests, review security, validate against specs — everything accelerated. Generation became cheap. Verification became the moat. Boris compared it to the printing press. Gutenberg didn't just make books cheaper — he unlocked the Renaissance, the Reformation, the Scientific Revolution. The second-order effects were unimaginable at the time. We might be at that moment now. Claude Code is fully writing itself. It does its own security reviews. It wakes up Boris in the morning with ideas it found by scanning GitHub and X. "We're starting to get to the point where it has ideas," he said. And here's the wildest detail: Boris briefly left Anthropic for Cursor. He came back in two weeks. The role of a builder is totally changing. The question isn't "will AI write code" — that's already solved. The question is: what happens when every developer can manage thousands of agents in parallel? What would you build if you had 10,000 agents working for you overnight? #ClaudeCode