InfoQ Homepage GitHub Actions Content on InfoQ

News

RSS Feed

DevOps

GitHub Actions Custom Runner Images Reach General Availability

GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview phase that started back in October behind them. This feature will enable teams to use a GitHub-approved base image and then construct a virtual machine image that really meets their workflow requirements.

Claudio Masolo
on Apr 08, 2026
Architecture & Design

GitHub Integrates AI to Improve Accessibility Issue Management and Automate Feedback Triage

GitHub has launched a continuous AI-powered workflow to manage accessibility feedback at scale. Using GitHub Actions, Copilot, and Models APIs, the system centralizes reports, analyzes WCAG compliance, and automates triage while maintaining human validation. Teams now resolve feedback faster, improving inclusion and cross-functional collaboration.

Leela Kumili
on Apr 02, 2026
Development

AI-Powered Bot Compromises GitHub Actions Workflows across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days using 5 attack techniques. Bot achieved RCE in 5 of 7 targets, stole GitHub token from awesome-go (140k stars), and fully compromised Aqua Security's Trivy. Campaign included first documented AI-on-AI attack where bot attempted prompt injection against Claude Code.

Steef-Jan Wiggers
on Mar 11, 2026
Development

GitHub Agentic Workflows Unleash AI-Driven Repository Automation

Recently launched in technical preview, GitHub Agentic Workflows introduce a way to automate complex, repetitive repository tasks using coding agents that understand context and intent, GitHub says. This enables workflows such as automatic issue triage and labeling, documentation updates, CI troubleshooting, test improvements, and reporting.

Sergio De Simone
on Feb 18, 2026
Architecture & Design

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, enabling consistent, enforceable code scanning across thousands of repositories. The redesign improves security coverage, developer workflow, and observability while supporting the company’s shift-left strategy.

Leela Kumili
on Feb 06, 2026

Unlock the full InfoQ experience

Don't have an InfoQ account?

Topics

From VR to Flat Screens: Bridging the Input and Immersion Gap

Stripe’s Docdb: How Zero-Downtime Data Movement Powers Trillion-Dollar Payment Processing

Engineering at AI Speed: Lessons from the First Agentically Accelerated Software Project

The Human Scalability Problem: Why Your Teams Don’t Scale Like Your Code

How Netflix Shapes our Fleet for Efficiency and Reliability

Helpful links

Choose your language

News

GitHub Actions Custom Runner Images Reach General Availability

GitHub Integrates AI to Improve Accessibility Issue Management and Automate Feedback Triage

AI-Powered Bot Compromises GitHub Actions Workflows across Microsoft, DataDog, and CNCF Projects

GitHub Agentic Workflows Unleash AI-Driven Repository Automation

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

Attacker Bought 30 WordPress Plugins on Flippa and Backdoored All of Them

Cloudflare Introduces Flagship: an Edge-Native Feature Flag Service Built on OpenFeature

QCon San Francisco 2026: 12 Tracks Announced

OpenAI Introduces Websocket-Based Execution Mode to Reduce Latency in Agentic Workflows

LinkedIn Consolidates Hiring Data Pipelines to Power AI Driven Talent Systems

Inside Claude Code Auto Mode: Anthropic’s Autonomous Coding System with Human Approval Gates

Applying Best Simple System for Now for Software Design

The Human Scalability Problem: Why Your Teams Don’t Scale Like Your Code

Driving and Measuring the Impact of Platform Engineering

Engineering at AI Speed: Lessons from the First Agentically Accelerated Software Project

AI-First Software Delivery: Balancing Innovation with Proven Practices

Google New TPU Generation is Specifically Designed for Agents and SOTA Model Training

Leading Open Source Author Calls for Verification over Trust in Software Supply Chains

Grafana's Kubernetes Monitoring Helm Chart v4 Brings Multiple Fixes

How Netflix Shapes our Fleet for Efficiency and Reliability

Online InfoQ Architect Certification

QCon AI Boston

Online InfoQ Architect Certification

QCon San Francisco

InfoQ Software Architects' Newsletter

News