In December, GitHub experienced five incidents that resulted in degraded performance across GitHub services.
Incident 1: December 08, 19:51 UTC (1 hour 15 minutes)
Between November 26, 2025 at 02:24 UTC and December 8, 2025 at 20:26 UTC, enterprise administrators experienced a disruption viewing agent session activities in the Enterprise AI Controls page, unable to list agent session activity in that view. This did not impact viewing agent session activity in audit logs, directly navigating to individual agent session logs, or otherwise managing AI agents.
Root Cause: A misconfiguration in a change deployed on November 25 unintentionally prevented data from being published to an internal Kafka topic responsible for feeding the AI Controls page with agent session activity information.
Remediation: The problem was identified and mitigated on December 8 by correcting the configuration issue. GitHub is improving monitoring for data pipeline dependencies and enhancing pre-deployment validation to catch configuration issues before they reach production.
Incident 2: December 15, 17:43 UTC (39 minutes)
Between 15:15 and 18:22 UTC, Copilot Code Review experienced a service degradation that caused 46.97% of pull request review requests to fail, requiring users to re-request a review. Impacted users saw the error: “Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.”
Root Cause: Elevated response times in an internal, model-backed dependency led to request timeouts and backpressure in the review processing pipeline, resulting in sustained queue growth and failed review completion.
Remediation: GitHub mitigated the issue by temporarily bypassing fix suggestions to reduce latency, increasing worker capacity to drain the backlog, and rolling out a model configuration change that reduced end-to-end latency. Following the incident, GitHub increased baseline worker capacity, added instrumentation for worker utilization and queue health, and is improving automatic load-shedding, fallback behavior, and alerting.
Incident 3: December 18, 16:33 UTC (1 hour 8 minutes)
From 08:15 to 17:11 UTC, some GitHub Actions runners experienced intermittent timeouts for GitHub API calls, leading to failures during runner setup and workflow execution. Approximately 1.5% of jobs on larger and standard hosted runners in the West US region (0.28% of all Actions jobs) were impacted.
Root Cause: Network packet loss between runners in the West US region and one of GitHub’s edge sites.
Remediation: By 17:11 UTC, all traffic was routed away from the affected edge site, mitigating the timeouts. GitHub is working to improve early detection of cross-cloud connectivity issues and faster mitigation paths.
Incident 4: December 18, 17:36 UTC (1 hour 33 minutes)
Between 16:25 and 19:09 UTC, the service underlying Copilot policies was degraded, and users, organizations, and enterprises were unable to update any Copilot-related policies. No other GitHub services, including other Copilot services, were impacted.
Root Cause: A database migration causing schema drift.
Remediation: GitHub mitigated the incident by synchronizing the schema. The service has been hardened to prevent schema drift from causing further incidents, and GitHub is investigating deployment pipeline improvements to shorten time to mitigation.
Incident 5: December 22, 22:31 UTC (1 hour 46 minutes)
Between 22:01 and 22:32 UTC, unauthenticated requests to github.com were degraded, resulting in slow or timed-out page loads and API requests. Unauthenticated requests from Actions jobs, such as release downloads, were also impacted. Authenticated traffic was not impacted.
Root Cause: A severe spike in traffic, primarily to search endpoints.
Remediation: GitHub’s response focused on identifying and mitigating the source of the traffic increase, which, along with automated traffic management, restored full service. GitHub improved limiters for load to relevant endpoints and is continuing work to more proactively identify large traffic-volume changes, improve resilience in critical request flows, and improve time to mitigation.