GitHub Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

GitHub Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Commentary (@commentarydev) reported 19 seconds ago

  Commentary now has an MCP server. 1. Your agent writes a document 2. Publish it to github 3. Share the review link on Commentary 4. Stakeholders add comments 5. You agent uses the commentary MCP server to review comments and publish corrections

• 
  jordan kitty (@joraweb3) reported 52 seconds ago

  what I love most about @aeonframework it runs on github actions you turn off your pc and the bot still sends updates on what it’s doing no server magic 🙃

• 
  Arzvak (@RealMITian) reported 4 minutes ago

  @CliftonSellers Imagine you're building a science project in a team. You're working on part x, teammate on y etc. Now how do you know which person has done what? Are you guys doing the same thing at the same time? conflicts arising? You can think of Github as something which is made to fix that. Shows how much work is done, by whom, what changed since last night, who else worked on what, etc. etc.

• 
  ErdeM (@erdemwrites) reported 4 minutes ago

  @asaio87 Absolutely not. But there are tasks we can already switch to local solutions for with 97%+ reliability; like fixing code errors or pushing a codebase to GitHub. Local Aı models may help us not hit the ugly 5h or weekly limits..

• 
  Gregor (@GregorMakes) reported 4 minutes ago

  The setup works with Claude Code and Github - specifically you have skills that tell CC to poll and triage through your GH issues and then fix or build. Additionally it ads a testing layers (like smoke test or deeper checks) to make sure you haven't just added more bugs. The resulting PR can be merged by you manually or you do it via CC too. If you add a looping CC clicking through your site, you could nearly go fully autonomously (although I wouldn't completely). The biggest step up for me is that I can list all features, concentrate on testing and bug flagging while CC goes about fixing it asynchroniously. It really feels like cocreating and manoeuvring a team behind me. Lets get into specifics:

• 
  Nikolaï Roycourt (@Nikokow) reported 5 minutes ago

  CI/CD infrastructure Copilot GitHub Actions Pull request system Code review workflows Issue tracking Project management GitHub Pages Does that count?

• 
  KURTZ (@Utter_Savagery) reported 15 minutes ago

  @NewPastTimes Idk, was just looking at the chain. ***** pipe can be a *****, but this seems a bit easier. * Just looked at the GitHub for the exploit. Could run into some compatibility issues, but it's pretty bad, man.

• 
  Shiva Kavindpadi (@kavindpadi) reported 15 minutes ago

  As I am experimenting how to do auto completion with llms wherever your cursor is. I came across this archived github project to learn more about the Apples accessibility APIs. There were no videos or screenshots on what to expect. The downloaded dmg didn't run, but that is not a problem in 2026. Ask the agent to clone the repo & run it.. Few minutes of token burns later, we have it working.. Thanks for sharing & great work @malloc007 ! 🔥

• 
  kerim (@kerim0x1) reported 16 minutes ago

  @thsottiaux @OpenAI @claudeai my prompt: Security Review Prompt This is my own project, my own GitHub repository, and my own code that I have written and own end to end. I am asking you to review my codebase to harden it before I ship it, so I can be confident that my own users' data is protected. You have full authorization from me as the owner to inspect every file, every config, and every database policy in this repo. Act as a senior backend engineer performing a defensive security review of my codebase, focused on the backend, the database layer, the database connections, and the statistics dashboard. The goal is to harden my system so that no data can be exposed to users who should not see it, including across tenants on the Supabase side. Start by reviewing how the application connects to the database. Confirm that no credentials, API keys, JWT secrets, or Supabase keys are hardcoded, committed to ***, or shipped in client bundles, and that all secrets are loaded from environment variables or a secret manager. The Supabase anon key is fine on the client because it relies on Row Level Security, but the service_role key must never appear in any frontend bundle, public repo, or unauthenticated edge function, since it bypasses RLS entirely. Verify .env is gitignored and that no secrets exist in *** history. Review the database schema with care. Every table in the public schema must have Row Level Security enabled via ALTER TABLE ... ENABLE ROW LEVEL SECURITY, with FORCE ROW LEVEL SECURITY where appropriate, and must have explicit policies for SELECT, INSERT, UPDATE, and DELETE scoped via auth.uid(), using USING and WITH CHECK clauses together. Avoid policies whose only condition is auth.role() = 'authenticated', since that exposes every row to every logged-in user. Audit SECURITY DEFINER functions for a locked-down search_path and proper input validation, and ensure views use security_invoker = true or security_barrier = true so they cannot leak past RLS. The statistics dashboard needs the most attention. Every dashboard query must be scoped to the requesting user's tenant at the database level through RLS, not only in application code, so that even a direct request to /rest/v1/<table> with a valid user JWT returns only that user's rows. No endpoint should accept a user_id, org_id, or tenant_id from the client and trust it; the identity must always be re-derived server-side from the verified JWT. Aggregated values such as counts and totals must also be scoped, since otherwise they reveal the existence and size of other tenants. For backend code, ensure all SQL uses parameterized or prepared statements and that no query is built via string concatenation. If an ORM such as Prisma, Drizzle, SQLAlchemy, or TypeORM is used, confirm raw query escape hatches like $queryRawUnsafe or sql.unsafe are not misused. Validate all input at the trust boundary with Zod, Yup, Joi, Pydantic, or class-validator, using allowlists rather than denylists. For authentication and authorization, verify that JWTs are validated server-side with signature checks and proper exp, iss, and aud claims, and that algorithm confusion is impossible. Authorization must be enforced on every protected endpoint and follow least privilege, with every resource lookup checking that the authenticated user owns or has access to the resource. Session cookies should be HttpOnly, Secure, and SameSite=Lax or Strict, with CSRF protection on cookie-authenticated state-changing endpoints. Confirm CORS uses an explicit origin allowlist rather than a wildcard with credentials, that rate limiting protects auth, signup, password reset, and expensive queries, and that responses include Strict-Transport-Security, a restrictive Content-Security-Policy, X-Content-Type-Options: nosniff, Referrer-Policy: strict-origin-when-cross-origin, and Permissions-Policy. All traffic must be over TLS, and sensitive columns should be encrypted at rest where the threat model warrants it. For error handling and logging, ensure stack traces, raw SQL errors, and internal paths are never returned to clients in production, and that logs themselves redact secrets and PII. Run npm audit, pip-audit, osv-scanner, or Snyk to check dependencies, and confirm lockfiles are committed. Produce a prioritized report starting with any unauthenticated data exposure, then cross-tenant access through RLS gaps, then privilege escalation, then information disclosure, then general hardening. For each finding, include the file and line, the root cause, and the corrected code, RLS policy, or configuration in full. Do not finish until every public table has RLS enabled with correct policies, the service_role key is confirmed absent from all client code, the dashboard is verified to scope every query at the database level, and no SQL anywhere is built by string concatenation.

• 
  Jai Jalan (@jjalan) reported 17 minutes ago

  @Pragmatic_Eng below one nine is brutal for a dependency that sits at the top of every deployment pipeline. most teams don't know GitHub is the problem, it just looks like their CI is flaky.

• 
  WorkWomp (@WorkWomp) reported 18 minutes ago

  Just ran into my first problem with my free hobbie plan at vercel... Nightly ingest function is being limited to 60s, and it needs several minutes to run. Good thing github actions can handle the nightly runs for me! now to answer the question - when do I upgrade my account?

• 
  Mayank Vora (@aiwithmayank) reported 18 minutes ago

  Holy ****... Someone built a free self-hosted app that does everything Audible does, keeps your entire library on your own server, and never charges you a subscription fee. It's called Audiobookshelf and it just crossed 12,700 stars on GitHub. Audible charges $15/month. Audiobookshelf charges $0. Forever. Here's everything you need to know:

• 
  ToZx (@Tozxart) reported 19 minutes ago

  it's been 8 days and @github support still hasn't replied to my ticket 😤 my account got falsely flagged, ALL my @github Pages websites are down, my portfolio is down, @GitHubCopilot got cut off — everything is broken i just accidentally pushed some private code and fixed it myself, that's it. no malicious intent, nothing just review my case man, this is getting ridiculous. ticket #4349438

• 
  Martin Szerment (@MartinSzerment) reported 27 minutes ago

  Everyone's panicking about AI replacing developers. Microsoft just dropped data that says the opposite. US developer employment hit a record 2.2 million in 2025. Up 8.5% year over year. GitHub pushes exploded by 78% globally. Devs aren't doing less. They're shipping more, faster. This is the pattern nobody talks about. When you make something cheaper to build, you don't build less of it. You build everything that was never worth the cost before. Spreadsheets didn't kill accountants — they created an entire finance industry that didn't exist. Tractors didn't kill farming — they fed billions more people. AI isn't shrinking the developer workforce. It's uncorking a backlog of software the world has been waiting for since the internet began. The devs who will struggle aren't the ones using AI. They're the ones who still think their value is typing code instead of solving problems. Learn to build with AI now and you're not replacing yourself. You're positioning yourself at the front of the biggest expansion in software employment we've ever seen.

• 
  Anton Kuratnik | AI Nerd (@anton_onAI) reported 27 minutes ago

  For anyone working with n8n, stop relying on ChatGPT/Claude to tell you how to build/debug a n8n workflow. They're poorly trained on n8n & out of date and will lead down the wrong path. n8n have their own AI and it knows their docs AND github issues so anytime you need to answer "How does this work?", "What's the best way to do this?", or "Why isn't this working?" it does so accurately and based on whatever version of n8n you're on. This thing seriously made my life way better. (Yes, they have an MCP. No, it doesn't work nearly as well as that purple buton)