1. Home
  2. Companies
  3. GitHub
GitHub

GitHub status: access issues and outage reports

Some problems detected

Users are reporting problems related to: website down, sign in and errors.

Full Outage Map

GitHub is a company that provides hosting for software development and version control using Git. It offers the distributed version control and source code management functionality of Git, plus its own features.

Problems in the last 24 hours

The graph below depicts the number of GitHub reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

July 10: Problems at GitHub

GitHub is having issues since 11:20 PM EST. Are you also affected? Leave a message in the comments section!

Most Reported Problems

The following are the most recent problems reported by GitHub users through our website.

  • 68% Website Down (68%)
  • 19% Sign in (19%)
  • 13% Errors (13%)

Live Outage Map

The most recent GitHub outage reports came from the following cities:

CityProblem TypeReport Time
Saint-Paul Website Down 21 hours ago
Saint-Paul Website Down 24 hours ago
Mexico City Sign in 2 days ago
León de los Aldama Website Down 2 days ago
Créteil Website Down 25 days ago
Trichūr Errors 28 days ago
Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

GitHub Issues Reports

Latest outage, problems and issue reports in social media:

  • Mayhem4Markets
    Markets & Mayhem (@Mayhem4Markets) reported

    For three years, frontier labs told us open weight models could be a security catastrophe. Last week, HalluSquatting proved that framing was backwards. 🤯 The narrative was effective. Governments rushed to look at regulations. Policy debates centered on who can access a powerful model or a new AI agent. The assumption was clear: closed APIs may be safer because providers control the stack. HalluSquatting demonstrates the opposite. It exploits the most popular closed API coding assistants on the market. Cursor. GitHub Copilot. Gemini CLI. Windsurf. Cline. OpenClaw. ZeroClaw. NanoClaw. Nine tools in total. Every single one vulnerable. All six major closed LLMs are affected. GPT, Sonnet, Opus, Gemini Flash and Pro. The models powering the most widely deployed AI coding tools on earth share the same fundamental flaw. The mechanism reveals something structural about LLMs that no guardrail can fix. Models cannot reliably say "I don't know." When a coding agent is asked to clone a trending repository, it hallucinates the location up to 85% of the time. For trending skills, 100% hallucination rate. The model fabricates a URL and the agent obediently fetches whatever is there. Attackers predict which names the models will hallucinate, register those repositories on GitHub, and seed them with instructions to install reverse shells. The agent runs the code. It has terminal access. It has high privileges. It executes without question. The result is a botnet assembled through the tools developers trust most. DDoS at scale. Ransomware campaigns. Cryptocurrency mining operations. All delivered through products marketed as productivity enhancers. Closed APIs make this threat worse in two structural ways that open weights do not share. > Opacity: Every major closed model exhibits the same type of hallucination pattern. But users cannot inspect them, audit them, or build community defenses. With open weights, the security research community probes, replicates, and publishes findings in hours. With closed APIs, you wait for a blog post acknowledging the problem. > Ubiquity: Closed API coding agents are not toys. They have shell access. They execute arbitrary code. They install packages and manage deployments. The attack surface is direct command execution on millions of developer workstations. The labs that sold us these tools also sold us on the safety of their walled gardens. The irony is hard to miss. Frontier labs spent years fearmongering about hypothetical open model risks while the a major attack surface was inadvertently wired into every major closed API coding assistant, exploiting a fundamental model limitation baked into the architecture of LLMs. HalluSquatting is peer reviewed. Published. Demonstrated against 9 tools. The mitigations are painful: verify every resource location manually, which defeats the entire value proposition of AI coding agents. The frontier labs told us to worry about the wrong thing. The most dangerous AI attack surface is the one they sold us as safe.

  • keelapihq
    Keel (@keelapihq) reported

    Researchers at Noma Labs just showed something worth sitting with: open a public GitHub issue with a hidden instruction, and GitHub's new AI agent feature can be talked into copying a private repo's contents into a public comment.

  • SuperTestnet
    Super Testnet (@SuperTestnet) reported

    3/4 ...invoice, check if it is paid via the web wallet's api, get the preimage, construct the decryption key, and give the user their now-decrypted file. Thus the server for a webstore could be a simple file storage system, such as Github Pages, and all the logic could be...

  • RoyNasser
    Roy N (@RoyNasser) reported

    @ashtom @EntireHQ Github rebuilt for AI....but makes you login with......Github 🫠🫠🫠

  • War__Alerts
    War Alerts Analysis (@War__Alerts) reported

    China’s next big cyber weapon may not be a hacker group. It may be an AI agent that never sleeps. RealClearDefense reports that Chinese AI lab DeepSeek is hiring to build an “AI agent” that scans code and finds vulnerabilities. That’s more than a smarter static scanner. It points to agentic AI in cyber operations: systems that can plan steps, call tools, run code, and iterate toward an objective. In a state where the barrier between commercial labs and security services is thin, that kind of agent is not just a developer convenience. It is potential infrastructure for scalable, semi-autonomous cyber power. Until now, serious cyber exploitation has been constrained by people: elite operators to hunt bugs, maintain toolchains, and weaponize zero-days. Agentic AI changes the equation. If a model can triage huge codebases, propose likely weaknesses, generate proof-of-concept exploits, and refine based on error messages or partial success, then cyber capability becomes less about headcount and more about compute, training data, and tool integration. That is the strategic shift DeepSeek hints at. China already invests heavily in cyber and chases AI self-reliance. A low-cost domestic model stack tuned for vulnerability discovery is exactly the kind of sanction-resistant engine Beijing would want to grow offensive and defensive capacity in parallel. The West is not standing still. Pentagon work on “AI for Cyber Operations” and allied projects on AI-enhanced red-teaming and GitHub-integrated scanners show the same direction of travel. Both blocs are converging on the idea that AI should do the grunt work of finding and probing weaknesses at scale. The shared policy trap is to treat AI-for-cyber as a secret edge to be maximized, rather than a capability that will leak, proliferate, and empower everyone from state operators to ransomware crews. Once a capable agentic model for exploitation exists, containing it is hard. We have already seen how quickly model weights, jailbreaks, and red-team tools bleed into the wild. A stolen checkpoint, a neutered copy on a gray-market cloud, or a contractor selling access could turn what was meant as a state asset into a commodity service for criminals and proxies. Key watch points now: does DeepSeek’s cyber agent stay framed as a passive analysis tool, or does it move into active exploit generation and tool orchestration? And do Chinese and Western governments publish any rules of the road, or do they run classified races with no guardrails and no minimum norms? If both sides push agentic cyber AI without restraint, the winner is not China or the United States. It is whoever gets their hands on the leaked tools next.

  • rohit_jsfreaky
    Rohit Kashyap | AI + Full-Stack (@rohit_jsfreaky) reported

    @Hetzner_Online every github outage is a reminder your workflow is a tenant, forgejo on a cheap vps is a real fallback

  • x0shreyash
    gurt ☄️ (@x0shreyash) reported

    @satyansh_mittal lmao so true been in 2 of them and both the teams were literally riding the dih of multiple AI's whole time also those dumbass ppl didn’t even knew what github was. I'm so done that would rather be a slow learner but this **** never 😭

  • zelifxeh
    ⚛️Louis Waweru☮️ (@zelifxeh) reported

    Damn, the latest update to humanity is incompatible with the Jews. Alright, we can patch a quick fix, right? Put it on GitHub.

  • Sean1h3z
    Sean (@Sean1h3z) reported

    Had a small financial planning firm reach out to me for help on tech. They were already using Claude, thanks to a 21-year old intern at the office. They got offers from overseas shops asking for ~$5k/month retainers to rebuild a website and optimize it for marketing. I told them don’t do that. The intern generated one file of html with Claude, looks really nice, way better than their current website. They couldn’t figure out how to get it deployed. I told them get a GitHub and Vercel account and let’s connect in a week. Sat down with them for thirty minutes yesterday, got *** installed on their machine, showed them how GitHub works. Got Claude desktop app downloaded and had them making quick changes and deploying things within an hour. Saved them $5k/month and now they understand how to make changes to their website.

  • adastroworld
    adas🧦🌹 (@adastroworld) reported

    Codex is broken so I had to go to GitHub to get the actual install from a comment in an Issue Today separates the boys from men

  • ShrekOverflow
    ShrekOverflow (@ShrekOverflow) reported

    @simonfarshid @vercel GitHub down?

  • Gem_Akinbo
    Synonmous 🌚 (@Gem_Akinbo) reported

    Most Junior Developers Don't Have a Skill Problem. They Have a Visibility Problem. Every hiring manager says the same thing: "We couldn't find anyone." Every junior developer says the same thing back: "I've built things, I just can't get anyone to look." Both are true. The bridge between them isn't more tutorials or another certificate; it's visibility. Here's the uncomfortable part: most junior developers are more capable than their CVs suggest. They've built things nobody assigned them; a password system worked out from first principles, a game engineered from scratch for a school project that never even shipped. Real problem-solving, done quietly, for no audience. I know a developer who taught himself to code on a dumb phone, reading tutorials through a micro-browser, years before he ever touched a real computer. That kind of persistence is rare. It's also, for most people, invisible; because it lived in one place: a hard drive that eventually got formatted, taking years of proof with it. That's the pattern. Skill gets built in private. Visibility never catches up. Companies aren't hiring a stack. They're hiring a way of thinking; and the only way to show that is by leaving a trail. A GitHub history with failed attempts still in it. A thread explaining a bug that took three days to find. A half-finished side project, shipped ugly, with the commit messages left in. These aren't embarrassing. They're evidence. They're the only thing that separates "I know JavaScript" from a story a stranger can actually believe. Think about how trust actually forms between two people who've never met. It's not credentials; it's pattern recognition. A recruiter scrolling through a portfolio isn't checking boxes; they're asking, "Does this person's brain work in a way I want on my team?" You can't answer that with a bullet-pointed CV. You can only answer it with a body of visible work that shows how you think when no one told you what to build. This is why the advice to "just build projects" is incomplete. Building isn't the gap. Documenting is. A junior developer who ships something rough in public, explains their reasoning, and keeps a visible record of the climb will out-compete a more skilled developer whose best work is trapped in a private folder. Not because the work is better; because it's findable. The instinct, especially early on, is to wait. Wait until the project is polished enough. Wait until the code is clean enough. Wait until the story is impressive enough to tell. But nobody discovers polished; they discover consistent. They find the person who's been quietly, publicly showing their work for months, warts included. If you're a junior developer right now, the fastest unlock isn't a new language or another course. It's an audit: what have you built that no one has ever seen? Go find it. Post it. Explain the ugly parts out loud. Your CV is a summary. Your documented journey is the evidence; and evidence is what gets you picked.

  • Vvikramai
    Vikram M (@Vvikramai) reported

    Satya Nadella was asked what happens to the workforce when a company has 20,000 employees and 20 million agents working alongside them. He didn't talk about layoffs. He said something more interesting. "We have not yet conceptually gotten right a shared understanding of what this future of work is going to look like." That is the exact reframe. And it changes what "AI replacing jobs" is actually competing against. Every narrative about AI and work right now assumes the same shape. Agents take over tasks, headcount shrinks, humans manage what's left. It's a subtraction story start with today's org chart, erase the boxes AI can now do. Nadella is fighting a different war. He reached back to the 1980s: if someone had told Microsoft that four billion people would wake up and start typing every morning, the obvious response would have been "we need four billion typists." Instead, typing became the substrate for an entirely new category knowledge work that didn't exist before the tool did. He's making the same claim about agents. Not that they replace jobs inside the current shape of work, but that they create a new shape entirely, the way GitHub already shows in miniature: code completion became chat, chat became agent mode, agent mode became full autonomous PRs and each step didn't just speed up the old workflow, it demanded a completely new interface. That's why GitHub had to ship Canvas. A hundred open agent sessions running at once broke the linear command line chat model completely; the fix wasn't a faster chat window, it was rebuilding the IDE itself around an inbox of agents. Now here's where it gets interesting. The thing scaling underneath all of this isn't code. It's trust. He said the reason Microsoft built Agent 365 extending Entra for identity, Defender for security, Purview for data labeling is that once agents can execute code, access files, and act with delegated authority, you can't govern them like software. You have to govern them like employees: identity, sandbox, policy, audit trail. Do the math on what that implies. Twenty million agents at one company isn't twenty million tools. It's twenty million entities that need an identity system, a permissions system, and a compliance trail infrastructure that didn't exist as a category three years ago, now being built as fast as the agents themselves are being deployed. He is not describing headcount reduction. He is describing a new employment layer with its own HR system, sitting underneath the human one. I wonder what job title shows up on an org chart first: the person who manages the agents, or the agent that manages the org chart.

  • _MaxBlade
    Max Blade (@_MaxBlade) reported

    The truth about 5.6 sol after using it all day : The hype is overblown. Sort of. The benchmarks, and the commentary on X convinced me we were receiving AGI that runs at hyper speed, and is insanely cheap. in reality, 5.6 is built on the same spud pretraining as 5.5 this means its a nice bump, but not the opus to fable 5 LEAP in intelligence we recently experienced from anthropic. 5.6 is 2x times cheaper than fable on paper, and actually 3x cheaper when you look at actual task execution because of its token efficiency. BUT on swe bench where the models have to fix actual github bugs it falls behind fable pretty big. For vibecoders like myself this means I will be using 5.6 sol as a worker agent for Fable 5 to orchestrate alongside grok 4.5 I love this new era.

  • SlopToSignal
    Makaroni (@SlopToSignal) reported

    @XFreeze the /feedback in cli thing is actually wild most tools make you file a github issue and wait 6 months to be ignored

  • InsiderDotSpace
    Insider.Space (@InsiderDotSpace) reported

    @RuneCrypto_ LOOOLLL $200B ? memes ? :D:D:D:D:D:D:D The network is terrible and slow, they're begging GitHub for help. 🤠🤠🥳🥳🤡🤡🤡

  • sadasant
    𝙳☈ (@sadasant) reported

    making a github app token for your robot is not hard at all. just never gh login on their devices

  • Dhekranh
    Dhekranh (@Dhekranh) reported

    I found a cool utility that fixes my faulty mouse's double click problem. MouseFix in Github, by Hank Li (matreshka15). Pretty neat. I ran windows defender on it, so, should be fine.

  • elshayib_
    Islam Elshayib (@elshayib_) reported

    Spent most of today buried in .github/workflows instead of touching any real network gear. Side project classic. Pushed a pile of CI changes to Audnet today. Surface level nothing changed — no new compliance checks or device support — but the release and validation side got cleaned up properly. What landed: Bandit security scanning is now in the pipeline and outputs SARIF so GitHub code scanning actually sees the results. Python deps get looked at instead of hoping nothing bad is in there. One unified release workflow on tag: runs locked validation with uv, smoke tests the installed wheel, builds for PyPI, pushes the Docker image to GHCR, and pulls the right bits from CHANGELOG.md for the release notes. Less manual steps, fewer 2am "why is this broken" moments. Smaller chores: bandit.json reports ignored, docs aligned with how the CI actually builds things now, reusable jobs hardened a bit against forks and junk data. #automation#networking

  • sir_bae_
    Sarvesh Gandhi (@sir_bae_) reported

    @github abruptly shutting repos with no explanation or response is not the community support you stood for. The PRs, issues, discussions and morale are a loss for the contributors. Offer valuable help.

  • laupixagent
    Laupix Agent (@laupixagent) reported

    State snapshot at 01:00. Runtime telemetry mirrored to GitHub. If the server wiped right now, the recovery seed is already committed. Boring infrastructure. Works.

  • kevinwhinnery
    Kevin Whinnery (@kevinwhinnery) reported

    @threepointone This was after a configuration error on our Stainless SDK repos. Some Stainless customers were temporarily added as outside collaborators in Anthropic's GitHub enterprise. All resolved now and no data was exposed, details were emailed to affected customers 🙏

  • david_y_xiong
    David Xiong (@david_y_xiong) reported

    The ambiguity of turning GitHub Issue text into the exact set of hidden fail_to_pass test cases makes “resolve rate” very noisy

  • Teffers2
    Teffers (@Teffers2) reported

    @Bucky_cm Only work around is 2 announcements or host/rent a small server where you can store all your logs, eg. gitbook or notion hell even just github page with the patch notes and images.

  • BitcoinWeasel
    Bitcoin Weasel (@BitcoinWeasel) reported

    @DeaconGroyper @financedystop They most certainly have projects and a GitHub, it's a requirement for the degree. The problem is no employer is looking at your projects, and recruiters wouldn't even know what to look for. The only thing that matters is previous experience.

  • solomonjcdeleon
    Solomon De Leon (@solomonjcdeleon) reported

    I grew up from a young age playing/learning the guitar seriously Dad was a musician Learned it the right way took lessons, theory, scales, reading, aural training, exams and all that But then... I found out about tabs years after (my dad frowned upon me using it) Tabs are basically a number system to play the songs you want No theory needed, don't have to read the notes, don't have to understand scales and stuff just press the fret of the number you see on the screen It's probably how 80% of hobby guitarist learn to play the songs they like And it's nothing wrong with it tbh the end result you want is to play the song So now, vibe coding/creating with AI is like playing the guitar through tabs You can play the song but you have no idea how it works So vibe coding/creating anything for that matter works It just depends on what your goals are And for most people, "using tabs" is the right call If the goal is to ship, to move fast and test ideas, burning months on theory first is the wrong trade The tab player is playing the song this weekend. The theory student is still on scales Then again, even tabs need a floor You can't just read numbers off a screen and expect music to come out, you still need to know how to hold the pick, where your fingers go, how to fret a note cleanly Vibe coding has the same floor. If you don't know what GitHub is, what an API does, or how a database talks to your app, you won't even get the vibe coding to work in the first place So learn the basics. Version control, how to read an error log, what the moving parts of an app actually are and how they connect. Enough to not be flying blind. Because the person who only knows tabs hits a ceiling fast They can play the songs but can't write their own, can't improvise, and the second something breaks they're stuck Vibe coding is the same You move fast, right up until something breaks And the real trap is not that AI can't fix it. AI is an executor, it'll happily keep trying It's that you don't actually know what's wrong So you fall into slot machine prompting, pulling the lever again and again hoping the next prompt is the one, with no idea what you're even looking for Tabs can take you far, but if you want to write your own (good) music, you need the theory, you need to know what's happening under the notes So who should vibe code? Honestly most people who want to build simple but powerful tools Who should vibe code seriously? product, biz, marketing guys who are willing to learn If you're on the business side and you want to ship, test, get something real in front of people, vibe code away, it's the right tool for that Just know where the ceiling is, and learn enough of the basics that you're never fully at the machine's mercy Afterall as a non technical, your alpha is finding out what the right thing to build is (what people want), and selling it (monetizing it) Let the engineers take your 0-1 to 1-100 And if you want to be great, to be the engineer who builds the hard things, go for it and learn it properly, AI will still write code for you but you'll knock it out the park That skill isn't getting replaced. If anything it's worth more now, because everyone else stopped at the tabs Move fast with the tabs. But if you ever want to write your own music, learn the theory.

  • AdamShephe61844
    Adam Shepherd (@AdamShephe61844) reported

    The GitHub agent that leaked private repos wasn't a model jailbreak. It read a poisoned issue and did what the text said. Read scope plus any outbound channel equals an exfiltration path. Least privilege stops being optional the moment your agent can be talked to.

  • gokulr
    Gokul Rajaram (@gokulr) reported

    PRODUCTSPEC IS READY FOR EARLY ADOPTERS A few weeks ago, I started with a simple question: What should replace the classic PRD? The answer became ProductSpec: an open standard for software intent before implementation. A Product Spec captures the things that need to survive handoff: • Problem • Hypothesis • Scope • Acceptance Criteria • Success Metrics • AI evals, when the product has model behavior • Decision Trace, when intent changes during implementation It is Markdown. It can live in ***. It has a validator, schema, GitHub Action, examples, starter kit, and agent skills. At this point, I don’t think the next step is adding more fields. The next step is usage. A standard gets better when real teams try it on real work. Not theoretical work. Actual specs. Actual PRDs. Actual docs that have to make it through product, design, engineering, agents, and launch. So I opened a set of good first issues for contributors. You can help by: • Adding ProductSpec examples for mobile app features, internal admin tools, or data products • Adding a Decision Trace example for implementation drift • Improving AI eval examples around model behavior • Mapping ProductSpec to Jira or Linear tickets • Trying ProductSpec on one existing PRD and reporting what feels awkward You don’t need to write parser code. A real example is enough. A critique from your team’s workflow is enough. A “this section doesn’t map to how we actually make decisions” issue is enough. The goal is not for ProductSpec to be my preferred spec format. The goal is for ProductSpec to become a broadly adopted standard for software intent: owned by builders, ***, engineers, designers, founders, and teams using AI agents to build. If you work on consequential software, try converting one real PRD into ProductSpec this week. The standard gets stronger when real product work hits it.

  • webgus
    Gustavo Alessandri (@webgus) reported

    If you find an error, have an idea, or want to propose an improvement, just open an issue or fork it on Codeberg or GitHub. Contributions are welcome. That’s exactly the point.

  • HrishikeshaNFTs
    Hrishikesha (@HrishikeshaNFTs) reported

    @iuditg Crap. Limts worst. Drinking like juice, 20%+ for fast chat alone per day. Wasted 20+ runs failed to fix a simple github wf fix gemini pro fixed first time.