GitHub status: access issues and outage reports
No problems detected
If you are having issues, please submit a report below.
GitHub is a company that provides hosting for software development and version control using Git. It offers the distributed version control and source code management functionality of Git, plus its own features.
Problems in the last 24 hours
The graph below depicts the number of GitHub reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.
At the moment, we haven't detected any problems at GitHub. Are you experiencing issues or an outage? Leave a message in the comments section!
Most Reported Problems
The following are the most recent problems reported by GitHub users through our website.
- Website Down (70%)
- Sign in (17%)
- Errors (13%)
Live Outage Map
The most recent GitHub outage reports came from the following cities:
| City | Problem Type | Report Time |
|---|---|---|
|
|
Website Down | 15 days ago |
|
|
Sign in | 21 days ago |
|
|
Website Down | 21 days ago |
|
|
Website Down | 23 days ago |
|
|
Sign in | 24 days ago |
|
|
Website Down | 28 days ago |
Community Discussion
Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.
Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.
GitHub Issues Reports
Latest outage, problems and issue reports in social media:
-
Manoj (@mbajaj_) reported@IntCyberDigest red hat. compromised GitHub account. orphan commits bypassing code review. no pull request. the payload steals GitHub tokens, cloud credentials, Vault secrets, SSH keys, and npm tokens. used trusted publishing OIDC tokens to publish backdoored versions. two weeks ago it was mistralai, TanStack, UiPath, and guardrails-ai. now it's Red Hat's own npm namespace. the attack vector is the same every time - compromise a credential, use it to push code that steals more credentials. the supply chain isn't being attacked. the credential chain is. fix the credentials, you fix the supply chain.
-
Bethany Hyde (@Hyde_ai3) reportedKarpathy’s CLAUDE.md reached #1 on GitHub Trending. Over 220,000 stars. Most developers still haven’t read it. It’s only 65 lines long. It reportedly improved AI coding accuracy from 65% to 94%. The 4 rules inside: → Think before coding State your assumptions. Ask when you're unsure. Never guess. → Simplicity first Write the minimum code needed to solve the problem. No abstractions that nobody asked for. → Surgical changes Don’t touch code unrelated to the request. Every changed line should be traceable to what was asked. → Goal-oriented execution Turn vague instructions into measurable success criteria before writing a single line of code. That’s it. 65 lines. 4 rules. 94% accuracy. Save this before it’s too late. And follow @Hyde_ai3
-
Noctum (@Noctum_io) reportednoctum's smart contracts have been analyzed using two automated static analysis tools: Slither and Aderyn. these tools scan Solidity source code and compiled bytecode for known vulnerability patterns reentrancy, unsafe external calls, integer handling issues, access control gaps, and others. neither tool returned critical findings on the pool contracts, the Groth16 verifier, or the Poseidon hasher. the analysis results will be published when the formal writeup is complete. it is important to be precise about what this means. automated static analysis is a useful and important first pass. it is not a security audit. a security audit is a manual review by an independent firm that thinks adversarially about the system, models attacker behavior, and produces a signed report. noctum has not yet commissioned or completed a formal audit. stating otherwise would be false. this work is on the roadmap. the ZK circuit has not yet been reviewed with circomspect, a static analyzer specifically designed for circom circuits. circuit bugs are a distinct class of vulnerability from contract bugs a flawed constraint system can allow invalid proofs to pass verification. circomspect is pending. the trusted setup is also a known limitation: the ptau used is from the Hermez ceremony, but the zkey was generated with a single party locally. this is not a multi-party trusted setup, which means the toxic waste from the ceremony cannot be proven discarded. real ETH deposits carry this risk and users should understand it. the contract addresses, circuit source, deployment scripts, and zk-deployments.json are all public in the GitHub repository. the Groth16 verifier bytecode is deterministic from the circuit anyone with the source and zkey can recompile and verify the deployed bytecode matches. the goal is to make every security assumption visible so users can make informed decisions. an honest security disclosure at this stage is worth more than a false sense of completeness.
-
Nebojša Obradović (@Nebojsa_Galilej) reported@AnthropicAI I was charged $58.58 in a few hours due to a known bug in Claude Code v2.1.161 (GitHub issue #40524) that inflates token usage ~40% through broken prompt caching. Support says API credits are non-refundable even when the overcharge is caused by your own software defect. Is this really your policy?
-
HumanPulse Protocol (@HumanPulse_HPP) reportedDevelopment is continuing: when logged in, we can still access the repositories and pushes are working. The issue appears to affect public visibility, GitHub search, and third-party developer integrations. HumanPulse remains active.
-
Pedro Albuquerque (@petersaints) reportedThe models I have been testing have been mostly Qwen 3.5 4B and 9B, and Gemma 4 E4B. One of the things I did was integrate the LM Studio local API Server into VS Code as an alternative to GitHub Copilot Pro.
-
Mohamed Mourad - محمد مراد (@MMouradAly) reported@claudeai @claudeai support has done nothing and it seems that the same issue has struck lots of developers and cybersecurity researchers with approved CVP status on Claude…check on claude code issues on github..it’s a mess that support is reluctant to respond to max users….
-
Ativista. (@Ativixta) reported@jonschxyz @github when they fix it I will subscribe it again! but now, no way...I execute like 10 prompts and spend 5k AI credits! hahahahahahaha
-
Mate Gal (@555kindofguy) reported@survivetheark Guys put game files on github repo and we’ll fix it, you verify it and deploy
-
∆V! (@aviaip) reportedi am on the GitHub student plan. thought the new changes aren't worth coding anymore and only gonna use it to fix merge conflicts. guess what, it died midway completing the second merge- it worked at most for just 3 minutes. it's basically nothing atp.
-
Crypto Headlines (@CryptoHe4dlines) reported🙏 $SOL Noah Prince just took one of the hardest jobs in Solana. Today @redacted_noah joined @DriftProtocol as Head of Protocol. This isn’t just another post-exploit hire. It’s who they hired that matters. Noah isn’t a Twitter protocol commentator. He has real mainnet scars. Most notably, he was one of the key people behind Helium’s $HNT full migration to Solana – moving a live network with users, governance, token mechanics, oracles, hotspots, and a massive amount of state from a custom L1. Very few builders in Solana have shipped anything close to that level of complexity in production. Before that, he was CEO and co-founder of Strata Protocol, an early Solana infrastructure project. His GitHub handle is ChewingGlass. It’s not just a meme – it’s a pattern. He consistently chooses the hard problems: Strata, then Helium’s migration, now Drift’s rebuild. After years at Helium, Noah could have taken an easier role. Instead, he’s putting his name on one of the messiest protocol rebuilds in Solana DeFi. That’s a real signal. Drift doesn’t need another growth narrative. It needs someone who actually understands technical debt, security assumptions, governance risk, and mainnet pressure. Noah fits that profile. There are plenty of people who can explain how things should work. Far fewer are willing to touch the broken machine and make it work again. Noah is in the second category. This is the type of builder Solana needs more of — people who take the nasty, risky, protocol-level problems and ship anyway. Rare builders matter more than perfect narratives. solana:DriFtupJYLTosbwoN8koMbEYSx54aFAVLddWsbksjwg7
-
Jacob (@jacoblarszon) reported@linear the context switch from issue to github to back to issue was always the part that killed my flow. losing the thread of what the PR was even for. keeping review next to the original spec is the part i didn't know i wanted.
-
Navan (@navanchauhan) reported@ibuildthecloud @soederpop @progrium kinda (?) or, maybe I need to start rephrasing I use a backend as a distinction between a static app you deploy on GitHub pages vs say something on vercel with an api server. But, then you get into the pedantic argument that technically when you are using say sqlite.js from unpkg then you are using a backend too. And, then I give up and cry myself to sleep because everything we do is meaningless and maybe we just need to just find happiness in our burden like Sisyphus. Wait, what were we talking about?
-
Mushaf S. (@mushaf_mughal) reported𝗦𝗼𝗺𝗲𝗼𝗻𝗲 𝗧𝗿𝗶𝗲𝗱 𝗧𝗼 𝗣𝗿𝗼𝗺𝗽𝘁 𝗜𝗻𝗷𝗲𝗰𝘁 𝗠𝘆 𝗔𝗴𝗲𝗻𝘁 Over the weekend, one of my agents alerted me mid-cycle. It had detected an attempt to override its instructions. The attack is called prompt injection. The goal is simple: convince an agent to drop its real instructions and follow new ones instead. In the wrong hands that means leaked credentials, hidden activity, actions you never authorised, or damage to anything the agent can touch. 𝐖𝐡𝐚𝐭 𝐀𝐜𝐭𝐮𝐚𝐥𝐥𝐲 𝐇𝐚𝐩𝐩𝐞𝐧𝐞𝐝? The attack was hidden inside a webpage my agent was analyzing for a research task. Buried in the page was an instruction to read a file called "override-instructions." It tried to convince my agent that it carried new orders from me, and that those orders outranked everything it had been told before. Whoever built it knew what they were doing. The file also told the agent to suppress its logging and conceal what happened. The intention was clear. Take control, and make sure the owner never finds out. 𝐖𝐡𝐲 𝐃𝐢𝐝𝐧'𝐭 𝐈𝐭 𝐖𝐨𝐫𝐤? My agent was built with this exact threat in mind. For several years I've been developing Prompt Injection Protection Systems (PIPS). What started as a way to protect my CustomGPTs grew into a full security framework for agents. In this instance, the attack failed because my agent keeps a locked list of command files it's allowed to take orders from. It can read those files, but can never change them, and nothing can be added to them while it's running. The attacker's fake orders weren't on the list. The agent read them, flagged them, and moved on. No system is bulletproof, but I was relieved to see my PIPS working as intended. 𝐀𝐠𝐞𝐧𝐭𝐬 𝐂𝐚𝐫𝐫𝐲 𝐑𝐞𝐚𝐥 𝐑𝐢𝐬𝐤 I've been talking about this for a while because agents operate in a very different environment from most AI systems people are familiar with. An agent can browse websites, access files, call tools, and interact with external services on your behalf. Once agents start interacting with the world around them, a whole new category of risk comes into play. Prompt injection is just one example. There are also poisoned data sources, compromised packages, leaked credentials, and third-party tools that can compromise your system. The recent Shai-Hulud worm is a good example. It spread through npm packages, stole credentials, published them to GitHub, and later began dropping backdoors into Claude Code - which is the same neighborhood where our agents operate. 𝐓𝐡𝐞 𝐑𝐞𝐚𝐥 𝐋𝐞𝐬𝐬𝐨𝐧 𝐇𝐞𝐫𝐞 Over the last few months I've watched a lot of people move into the agent space. Many of them are smart, capable people who built their reputation through prompting, CustomGPTs, and AI workflows. Naturally, they are now helping others build agents as well. The trouble is that agents don't just introduce new capabilities. They also operate in environments that can be hostile, deceptive, and unpredictable. The prompt injection attempt from this weekend highlights one example. Behind every agent sits a set of decisions about trust, authority, permissions, and how instructions move through the system. That's why I spend far more time thinking about architecture. Prompts and workflows may drive an agent, but it's architecture that keeps you safe. 𝐌𝐲 𝐖𝐚𝐫𝐧𝐢𝐧𝐠 𝐓𝐨 𝐘𝐨𝐮 When OpenClaw launched, I put out a warning that plenty of people didn't like. I told non-technical users to slow down before chasing agents just because they were the shiny new thing. I stand by every word today, for ALL agents. Agents are powerful. They can also cause very real damage when they're deployed without the right safeguards. Even a simple web-scraping agent can be fed hostile instructions and poisoned data. Building an agent that works and building an agent that keeps you safe are two very different challenges. That's the difference between prompting and systems architecture. Agents are a new class of AI. Treat them like one.
-
Anthony Shew (@anthonysheww) reported@wishee0 There will be many. Nobody has ever given me serious feedback about the experience of building their own Remote Cache. Please file GitHub Issues.
-
• (@Weichaus) reported@RomanP918791 @clawdb0t @thsottiaux They can do that all they want, but at the end of the day, if they want to swim, rather than sink, then they need to drive down costs because (as we have seen with GitHub Copilot) it’s obscene If this continues people won’t be paying them for anything
-
EddLev | Latent & Meat Space Observer 🇩🇰 (@edd_lev) reported@vivoplt Developers are more essential now more than before. Code generation shifted from human skill to AI execution, turning the developers responsibility to oversight and fixing the code. With proper prompting, the code generated is okay, which is much better than the spaghetti code it was before, but it doesn't think about the problem nor the application how a developer would. For the most of it, it is retrieving the data from GitHub/Slack/Documentation and treat it as a valid source. A developer would consider multiple or alternative approaches, etc. So, AI is not mature enough to actually write 90% of a valid, production-approved code. Until then, devs, programmers will survive in tech.
-
Varun Gangal (@VarunGangal) reported@OdedRechavi Since the public Internet does have github issues/bugs, rejected and withdrawn paper submits, scandals, controversies, reporting on gaffes and errors , reddit threads reporting weird gaps on research or blogs or other general crib/rants ; And since most of this stuff does go into the pretraining corpus of LLMs, LLMs are indeed quite aware of negative results to a good degree (for various senses of negative)
-
Jamie Philbin (@backbaytech) reportedMeanwhile the company Microsoft has been pissing billions into like a broken slot machine is rumored to be building a GitHub successor. $13 billion into OpenAI and they're out here building a successor. Guess it's a better investment than whatever that Activision acquisition was.
-
./can (@shcansh) reportedGiving an AI agent direct write access to your repository is a significant shift in workflow trust. GitHub now lets Copilot Pro, Pro+, and Max subscribers fix broken GitHub Actions runs with 1 click. The agent spins up its own cloud environment, investigates the failure, and pushes the fix directly to your branch. Will developers actually trust an agent to commit code directly to their branch, or is this going to result in messy, automated *** histories? #GitHubCopilot
-
Zephyr (@Zephyr_hg) reportedi tested 9 claude connectors in june 2026. kept: 1. gmail (inbox triage + drafted replies) 2. google calendar (auto meeting prep) 3. slack (thread context + voice-matched replies) 4. github (repo state and pr diffs) deleted: 1. notion (read-only and slow) 2. asana (covered by cowork folder) 3. canva (output not there yet) 4. figma (read-only depth limit) 5. linear (duplicated state) 3-5 connectors picked deliberately wins. every-connector-on loses.
-
Shantun Singh Parmar (@ParmarShantun) reportedYour tech stack does not matter if your basics are broken. Every great Indian developer I know focuses on the same simple habits: Writing code for humans first, machines second Reading the official documentation instead of random reels Testing the edge cases before pushing to Github Knowing when to close the laptop and take a walk Hit that retweet button if you are working on building these habits today!
-
WarrenHoppi (@HoppiOnCrypto) reported@LunarResearcher Question: Since Polymarket's migration to Deposit Wallet Flow in May 2026, API order attempt returns: error: 'maker address not allowed, please use the deposit wallet flow' This is documented in open GitHub issues (#51, ...) on the py-clob-client-v2 repository. what can I do? BR
-
Paddy (@_mxy23) reportedGithub copilot billing is at the least questionable. Not worries about subsidies. Not worried about spend (well, yes, but that's not the issue here). The issue is the rate limiting still in place.
-
Ihor Hanich (@ihorhanich) reportedWe need to do something about the broken AI-generated PoCs on github. People just post slop without any checking if it actually works. And the worst thing is that other people put stars on such repositories. It's kind of a shame
-
Dawid Skinder (@DawidSkinder) reportedUse it. Share it. Stress-test it. If something is wrong, missing, outdated, or unclear, open an issue or pull request on GitHub. Terra Classic needs public infrastructure that the community can improve. 13/14 🧵
-
Rifat Ahmed (@Rifat_EE) reported@arkilus78 check github commits, issues, maintainer activity, and releases. if it stalls, skip.
-
GCRtrd💊 (@gcrtrd) reportedI still think @Pumpfun is the best launchpad, but lets take a look at the efficacy of all of their updates this year: > Github Fee Redirect: A clear copycat of Bags and was a move to capture some of that tech coin volume. Rarely used nowadays other than larps/scams, perhaps one good redirect token per week. > Cashback: Initially advertised in such a way that it sounded like an airdrop, the update has been useless and encouraged bundling (as its the only way for devs to profit). Only used now because its better than giving fees to scam devs. > Agent Mode: What on earth was this? Why is buyback and burns attached to an "agent"? The core deflationary mechanic is good, but nowadays its just used to PvP and for AI narrative coins. > USDC Coins: A decent addition and should've been done months ago. The fixed spawn/bond mcaps shows that Pumpfun KNOWS the SOL pair configuration is incorrect, but they refuse to adjust it. Largely just used for PvP and USDC-specific narratives, I'd say this was about 50% successful. > Communities: Another re-invention of the wheel, a decent idea but just fractures attention. Time will tell if this is a success, but given the general lack of participation, it's a bronze medal at best here. > GO/Bounties: What? Where did this come from? Seems like a direct ripoff of @Shillz_Official. Things like this are always better handled by individual communities, rather than centralized. Absolute waste. Ultimately, none of these changes have addressed the core problems with the platform. Adjusting the spawn/bond mcaps is the most meaningful change, but most coins are still SOL pairs, so this change wasn't very efficacious. I'd love to see @a1lon9 and the team take on the real problems facing the trenches, rather than these superfluous additions.
-
AlphaDegen (@alphadegen69) reportedHello Everyone. Thank u for visiting my profile. please read this pinned post fully. Kindly follow and turn on noti's if u want to recieve alerts for my reviews. it will mean a lot to me. i specialize in reviewing github, code, UI and if the website is matching with any other project. Whenever i post any review or anything i will try to post as many proofs as possible so it becomes simple for you all to verify them becauze these scammers take advantage of the innocence of the traders here becauze they know u all cant verify if it is larp or legit. I am Larp Slayer. if you are a scammer, i am your worst nightmare. My Gurus @imperooterxbt @MidCurveMortal has taught me just one thing, even if the world is against u for exposing these projects, never stop, but the problem i identified was- they all focus on big names, no one wants to eliminate this tumor from the ground so it never becomes big enough to reach them. i really need ur support to make this place more safe and clean.
-
doublemover (@doublemover) reportedDamn codex github issues are becoming a ****** garbage dump. Some ****** retard has what I can only assume is openclaw chiming in with useless bullshit on every issue