GitHub status: access issues and outage reports
Problems detected
Users are reporting problems related to: website down, sign in and errors.
GitHub is a company that provides hosting for software development and version control using Git. It offers the distributed version control and source code management functionality of Git, plus its own features.
Problems in the last 24 hours
The graph below depicts the number of GitHub reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.
July 17: Problems at GitHub
GitHub is having issues since 05:40 PM EST. Are you also affected? Leave a message in the comments section!
Most Reported Problems
The following are the most recent problems reported by GitHub users through our website.
- Website Down (67%)
- Sign in (20%)
- Errors (13%)
Live Outage Map
The most recent GitHub outage reports came from the following cities:
| City | Problem Type | Report Time |
|---|---|---|
|
|
Errors | 3 days ago |
|
|
Website Down | 7 days ago |
|
|
Website Down | 8 days ago |
|
|
Website Down | 8 days ago |
|
|
Sign in | 8 days ago |
|
|
Website Down | 9 days ago |
Community Discussion
Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.
Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.
GitHub Issues Reports
Latest outage, problems and issue reports in social media:
-
Julian Goldie SEO (@JulianGoldieSEO) reportedHALLMARK SKILL: Fix Ugly AI Websites in One Command 99% of AI websites are garbage. This free skill builds the 1%. You know the look: purple gradient, centered hero, 3 feature cards. Visitors have seen that page 100 times this month. They stop trusting it instantly. Hallmark fixes it. One free open-source skill (7,000 GitHub stars). Plug it into Claude, Cursor, or any agent. It works like a design department: → An art director that asks 3 questions before any code → 21 page layouts — never uses the same one twice → 20 real themes with proper fonts and colors → 57 quality checks before you ever see the page No fake stats. No invented testimonials. No template heroes. Your AI already codes better than most humans. It just never learned taste. This installs taste in one command. Save this. You'll want it later. 💬
-
Marcos Ramírez (@S0cram) reported@chrisalta it was a github api degradation issue, it is back to normal now
-
Omar Farooq (@potencytoact) reported@github: "We are continuing to investigate an issue causing approximately 35% of REST API requests to fail. Based on our current understanding, requests are not consistently reaching the application layer, resulting in failed requests returning HTML responses instead of the expected API response format. We are actively investigating the issue and will provide another update as soon as more information is available."
-
Dr. Jose Silva 🪽🇧🇷 (@jseluisX) reportedCyberTalks: 🤖📱Mobile OS The LineageOS is your ultimate playground if you want to rip out corporate bloatware and breathe new life into dying hardware. It is fully open-source, giving you total root potential and high customization. If you flash it clean without GApps, you completely cut the corporate tracking record. It is highly versatile and runs on almost any device you throw it at I prefer the GrapheneOS, which is a completely different beast built like a digital fortress. It is designed for maximum operational security and hardening against zero-day exploits. It locks down vulnerabilities by sandboxing every single app and disabling tracking networks at the baseline firmware level. It is the gold standard for high-risk targets, but the catch is you can only run it on Google Pixel hardware. If you want the GrapheneOS fortress, we are strictly targeting a Google Pixel (Pixel 6 or newer is ideal for long-term security patches). The hardware architecture of the Pixel allows GrapheneOS to re-lock the bootloader with custom keys, keeping the device secure.If you are targeting LineageOS, the hardware choice is much wider. A Motorola or a global Xiaomi device works perfectly because their bootloaders are easy to unlock, and they have massive developer community support on GitHub. So, picture this. You just spent the last hour flashing this clean, beautiful new operating system. You boot it up, everything feels fast, and you feel like a tech god. Then, you open your banking app to check your balance, and boom. Red screen of death. The app crashes or hits you with a "Security Violation: Device Modified" error. Here is exactly what is happening under the hood. The bank is running a silent check using Google's Play Integrity API. Think of it like a digital bouncer checking IDs. It looks at your phone and instantly spots that your bootloader is wide open and the factory operating system is gone. It flags you as a security risk and locks you out.But don't panic, we can outsmart the bouncer.If you chose the LineageOS route, we fight fire with fire using root access. First, you flash Magisk, which gives you administrative control over the entire system. Once Magisk is running, you download an open-source tool called Play Integrity Fix. This genius little module feeds the bouncer a fake, certified device fingerprint from an old, official phone. Finally, you flip on Magisk's DenyList feature to completely blind your banking app to the fact that the phone is even rooted. To the bank, you look like a standard, boring retail device. Now, if you went with GrapheneOS, the game is totally different because we do not use root at all. Rooting actually creates security holes, and Graphene hates that. Instead, you use their built-in Sandboxed Google Play Services. This tricks the banking app by letting Google's security code run, but it traps it inside a restricted digital cage. The app gets the official security handshake it wants, but it has zero permission to spy on the rest of your hardened OS. Most global banks just work out of the box this way. To bypass banking app security on a custom ROM, you must trick the Google Play Integrity API into thinking your device is locked and official. Banks use this API to check if your bootloader is unlocked or if the system is modified.On LineageOS, you achieve this by flashing Magisk to gain root access. Once rooted, you install an open-source module called Play Integrity Fix, which spoofs a certified device fingerprint. You then use Magisk's DenyList feature to hide the root status directly from your banking apps. On GrapheneOS, the approach is completely different because the system does not use root access. GrapheneOS includes a built-in feature called Sandboxed Google Play Services. This allows the official Google code to run inside a restricted sandbox without system privileges, which successfully passes basic Integrity checks for most global banking apps right out of the box. Happy Coding!
-
BRute Logic (@BRuteLogic) reportedEven CISA, the agency responsible for US cybersecurity, fell for it. A contractor left AWS GovCloud admin keys in a public GitHub repo named "importantAWStokens" for six months. Nine automated alerts ignored. Keys stayed valid 48 hours after the repo was taken down. hack2earn
-
Gustavo Alessandri (@webgus) reportedIf you find an error, have an idea, or want to propose an improvement, just open an issue or fork it on Codeberg or GitHub. Contributions are welcome. That’s exactly the point.
-
Peni (@Penivera001) reported@github Commit before and after a major change/fix
-
Stew1000 (Ø,G) 👾🛡️ (@Stew_SoFresh) reported@catebligh @OpenAI @sama No problem, yeah it can be frustrating at times it’s hard getting a certain output your looking for. Have you tried GitHub copilot can use that as a direct line to the code and attach the repo your working under and it generates the code or suggested prompt setup by the model it helps with prompt accuracy and context for the model
-
Kavya Puranik (@iamkavu) reportedAnother day and another github outage 😑
-
Nurullah Kuş (@nurullah_kuus) reported@thsottiaux @OpenAI In app browser crashes codex app in windows. There are enough issues about it in github i think. It is really annoying.
-
Sheiias Ars Goetia (@SheiiaTheRito) reported@MarcyBelowFloor @StormslayerDev Ah so you aren’t in the field, okay. So, I’m a programmer, specifically FSF web development (full stack flex, I can build servers for a backend for a website that the front end references so end users can access it without issue. There’s a principle here, people who use AI tend to learn the codebase first, when ai messes up, the programmers can go in, understand what messed up, then fix it themselves. Using for example GitHub copilot or tabnine doesn’t just eliminate programmers entirely.
-
Hispanophile 🇹🇷🇪🇸 (@n_hispanophile) reported@ariadnisaa @aether_oracle @scaling01 Problem is deepSWE. Tasks are created from scratch and the models cannot cheat by reviewing GitHub. So it should be Fable/Sol level at least in coding.
-
cosmiclibertarian (@cosmiclibe57707) reported@a_apanasik Same thing they did when github or slack or bitbucket went down. Watch youtube and wait
-
J.D. Salbego (@JDSalbego) reportedHow to scope MCP permissions per agent, not globally. The isolation pattern most AI agent builders skip. Most setups: one set of MCP credentials shared across every agent in the workspace. Your research agent, your writing agent, and your deploy agent all have the same access to Gmail, GitHub, Slack, and your filesystem. If any one agent is compromised, the attacker inherits everything. The fix: per-agent credential isolation. 🔵 Each agent gets only the MCP servers it actually needs 🔵 Each MCP server connection uses credentials scoped to that agent's role 🔵 Your research agent gets read-only access. Your deploy agent gets write access. Neither sees the other's credentials. How to implement: 🔵 Create separate credential files per agent role 🔵 Mount only the relevant credentials into each agent's environment 🔵 Use different API keys per MCP server per agent where the server supports it The pattern: principle of least privilege, applied to AI agent MCP connections. One compromised agent should never cascade to everything.
-
Greg Mushen (@gregmushen) reported@Macrike @Brady_H @hubermanlab I would be interested in reading those papers. I know there have been recent modeling papers from Stanford and I believe he may be referring to the **** paper since he shared Figure 3 of that study if I recall correctly last year. In that paper, both permanent DST and ST resulted in better outcomes than switching for obesity and stroke. But if you compared ST and DST the differences for either were tiny. Like 0.27% for obesity and 0.02% for stroke. But if you look at the confidence intervals, they are quite wide. But there's no confidence interval for DST - ST and no p-value. So it's impossible to tell if it's significant or not. Also, that paper was recently corrected in April of this year. That is a substantial correction, and what the correction does not say is if it impacted these numbers or not. They do have everything checked into Github, so I guess if you were curious, you could find the commit that fixed it and test on the data set pre/post. This reminds me of this intra time zone study I remember reading a few years back. At first, the paper thought they saw more negative outcomes for people in the Western edge of timezones, so people glommed on to that conclusion. However, a few years later they found an error in the data set, and once they corrected that, there was no difference. This is classic modeling type stuff. It happens to everyone who tries to model anything. But even then, these are just models. They estimate what may happen and have to make assumptions to do so, such as assuming that bedtimes are fixed from 10pm-7am. Do people actually behave this way? Probably not. In fact, that would have been a really great addition to the model...a sensitivity analysis on the factors they assumed were fixed. That would make the model much more robust actually. That and time zone comparison with a p value would make the paper mucho stronger. But that's why I think Steponenaite et al 2026 is a great paper because it doesn't lean on mechanisms or models. It's purely epidemiological. And while that has its obvious downsides, if you're not seeing strong signal across 157 papers in 36 countries, that in itself is a strong signal. It mirrors what we see in this modeling paper as well. There are big advantages to sticking to a permanent time zone, but there doesn't seem to be strong evidence for one vs. the other.
-
Tech With Matteo (@TechWithMatteo) reported@sonialy0 github streak for me honestly cause building stuff feels more real than grinding random problems all day.
-
Daes (@0xDaes) reportedAre you sick of missing out on the next 100x runner because you weren't in the right group or you didn't have the right tools to snipe the next launch? If you're not part of any cabal and don't have the insider tools and trackers, there's still a way to front run all of them, and I've been doing it quite consistently For context I'm not active in a single Telegram group besides @ggdotxyz groups. I get everything scrolling on the gg feed and scrolling X, and when I find something good I turn it into an alpha call by tagging @ggmaxi_agent So here's here's the formula for finding 'Slow Cooks' onchain that eventually return 10x-100x bangers 1. Check new launches every day but don't top blast into new stuff you're not fully sure about. Get a small bag and come back to it when the hype dies down. You'll be able to evaluate if - the dev is still shipping (& not a larp) - the product and community metrics improving (+ revenue) If the answer is yes, you get an easy entry when no one is paying attention. 2. Don't just do surface level research: I've made that mistake and missed potential 100x-1000x plays. Try out the product (if live), read about the underlying protocol and mechanics. I also check for exisitng thesis posts on @ggdotxyz and on X. 3. Use an LLM for your DD: I use Claude Code with a skill I built that tries out the app/website, scans all the socials and mentions, and checks the GitHub to make sure it's not vaporware or vibe coded slop. Helps speed up research 10x if you know what you're doing. 4. Build your intuition for gems: As you try out more products and do more deep dives into crypto tech trees (Defi, x402, Onchain Preps, AI Agents etc), you start understanding the tech, which apps really click with users. All of this helps you make calculated bets on which narratives will do well in the near future. 5. Lay off the new deploys and memescope: It's a bear market, unless you have some edge don't get shredded in this market. Focus on devs and projects that are still here after the noise has died down + make sure what they're building is novel + it falls into a hot narrative current or future.
-
unwraithful (@unwraithful) reported@kitten_beloved let's also consider that this company has no problem fudging it's numbers or being dishonest. someone should make a "missing anthropic status page" like they did for github, since the github status page was extremely misleading.
-
CuiqueRuneOrder (@CuiqueRuneOrder) reported@EU_Commission That EU boomers dont understand how it works, isnt our fault! That EU dont understand they can just download em from github is not our problem! Now stop scan all our data your criminals!
-
Sanket (@tinkerersanky) reportedThis is actually so real. People are out here generating entire codebases with AI, throwing them into production, and praying the database doesn't get wiped by a single unauthenticated API call. It's the wild west. The "Vibe Code" Trap We need to talk about vibe coding. Right now, millions of first time founders are building entire apps using nothing but AI prompts. It feels like magic. You type some words, you get a working UI, and the vibe is immaculate. But look under the hood. It is a absolute horror show. Most AI-generated codebases are held together by scotch tape and good intentions. They are secretly riddled with massive security holes, completely missing authentication, and hidden blockers that will absolutely crash your launch day. You don't have a production-ready app. You have a ticking time bomb. Stop Praying, Start Scanning I got tired of watching great ideas die to bad AI code. So I built a tool to fix it. You give it your GitHub repo. It instantly tears the code apart and builds you a visual, step-by-step roadmap to actually make your app safe to launch. Instant Repo Scan: Drops straight into your AI-built GitHub repository. Expose the Chaos: Flags every hidden security gap and broken auth flow instantly. The Launch Roadmap: Generates a brutal, honest, step-by-step checklist to fix it. Vibe to Reality: Bridges the massive gap between "AI generated" and "battle-tested production." Stop shipping raw prompt code and hoping for the best. Scan your repo, fix the holes, and launch something that won't break the second a user touches it.
-
deno (@denohawari) reportedthe entire SEO industry spent a decade guessing how Google ranks pages but in 2024, Google accidentally leaked its internal ranking signals onto GitHub we've built our whole system around this leak, and it's driven over $35M through search rankings these are the signals Google spent years swearing it didn't use, and two of them change how you should work: siteAuthority is a site-wide trust score, so once your site earns it, every new page you publish ranks faster instead of starting from zero NavBoost tracks what people do after they click you, which means Google now watches whether they stay on your page or bounce straight back to search a Google VP confirmed under oath that NavBoost is one of the most powerful signals they have so the pages that win are the ones people click and stay on which means ranking your brand comes down to TWO things you control: - a title so good people can't help but click it, which feeds NavBoost the good clicks that push you up - an opening that answers their question straight away, so they stay instead of bouncing and dragging you back down most agencies are still selling you backlinks for an algorithm that now rewards attention the leak is public, they just never read it your call
-
spring.furrest.net (he/him) (@spring_meowmeow) reportedI guess stacked widgets are slightly broken: > Music > ProtonVPN > Calendar > GitHub > Calendar > Fitness > Github (pull requests) > Music ???
-
Charles Waters (@RelaxedPop) reportedSlashdot, YCombinator, various non-toxic Reddit subs, various Github and Hugging Face groups. Many of them are better than X. X's message feels like a staccato, somewhat random collection of posts while the others are better curated. Please note: I'm terrible at curating my X feed. It's all garbage and I'm fairly certain that there are things I can do to fix that.
-
Upstate Federalist (@upstatefederlst) reportedOh also GitHub and copilot will go down all the time because we use Indians and slop code to run it.
-
Dr. Tali Režun (@talirezun) reported@bcherny This resonates deeply with how I actually build, and I'd add a layer from the non-developer side of this. On the automation-as-infra point, every project I run has a growing suite of tests baked in from early on. Every push to main triggers GitHub Actions that run them automatically. When something breaks, the agent doesn't need me to explain what's wrong, the failing test tells it exactly where and why. That's the "fix the class of issue, not the instance" principle in practice, and it compounds the more the test suite grows. On the domain-knowledge-as-infra point, I go further than CLAUDEmd or AGENTSmd files, though I maintain those too. Before I write a single line of code, I build a full foundational documentation package. Architecture-md, blueprint-md, and several others, written during a pure research phase where I'm not touching code at all. That package is what I ground the agent in from day one. When I'm working on existing code that doesn't have this documentation, I reverse engineer it first, generate the architecture and spec docs from the code itself before I let an agent touch anything. And for anything substantial, I maintain a live-spec-md, a running document that tracks the build step by step as it actually happens, not a static plan written once and forgotten. What this means in practice is that I, as someone with zero traditional coding background, can direct agents through genuinely complex builds because the domain knowledge lives in the documentation, not in my head or in years of codebase familiarity. Your point about non-engineers contributing at the level of engineers, I'm not just seeing that from the outside. I'm the live case study for it. The documentation is the actual interface between human judgment and agent execution, and getting that layer right matters more than almost anything else in the build.
-
Yann (@yanndine) reportedOur Claude Code setup runs autonomously across a full sprint using Linear, GitHub and Slack. I'm giving away the entire system we used to build it, for free. Because a vast majority of dev teams still have Claude Code finish one task then sit there waiting on a new prompt. 1. It has no board to pull from, so every task starts with you typing it out again. 2. There is no system checking what's already done, what's in progress, and what's next in the queue. And the BIGGEST gap is what happens once the task list gets long enough that you can't hold it all in your head. Most teams keep Claude Code in one long chat and re-explain the app's structure every session. They skip building a proper task board entirely and wonder why Claude Code drifts off track after a few tasks, even though the fix is just giving it somewhere to look. So... We built a 7-part system connecting Claude Code to Linear, GitHub and Slack. It includes: 1. Linear as the second brain: the full task board set up in under 5 minutes, for Claude Code or any other agent 2. Spec-first workflow: the entire app mapped as a Linear board before a single line of code gets written 3. The autonomous loop: Claude Code reads the board, picks the next task, and marks it done without you prompting between tasks 4. Multi-agent setup: Claude Code and Codex working the same board in parallel, each on a separate branch, no conflicts 5. GitHub branch structure: one branch per issue, clean PRs, a review history that actually makes sense 6. Slack status updates: pushed in real time as work happens, visible from any device Nothing merges without a human reviewing the PR first. Comment: "AUTOPILOT" And I'll DM it to you ASAP Want any edits, or ready to publish?
-
John Rice (@hello_code_) reported@Sathibuilds One paying user proves someone had a problem bad enough to hand you money. A github full of projects just proves you can follow tutorials.
-
pareidolia (@cloudsfables) reported@armaniferrante @lex_node Yes, why are you asking for more policing of user funds and worse UX and fully empathizing with the Ostium team instead of questioning why they didn't have a bug bounty program in place and why their GitHub link is broken so less people can audit them?
-
LOVE&PEACE (@SuddyNC) reported@chuckuddin I think u have to consider the fact that coding has been kinda open to the point where people were using other people's code from stackoverflow and open source github repos even before ai. if you're just looking for a solution to a problem in coding, ai does that part for you
-
Kshitij Mishra | AI & Tech (@DAIEvolutionHub) reportedA NEW OPEN-SOURCE TOOL JUST MADE VIDEO DOWNLOADING RIDICULOUSLY SIMPLE. It's called ReClip. A self-hosted GitHub project that lets you download videos (or audio) from 1,000+ websites without ads, trackers, or subscriptions. Just paste a URL and you're done. It supports platforms like YouTube, TikTok, Instagram, X, and hundreds more. What you get: ↳ Download videos as MP4 or extract audio as MP3 ↳ Choose the video quality before downloading ↳ Queue multiple links with batch downloads ↳ Clean browser-based interface ↳ Lightweight self-hosted deployment ↳ No login, no limits, no hidden catches The growth has been impressive too: 📈 1,400+ GitHub stars in just 9 days 📦 239+ forks already That traction isn't surprising. For years, people have had to deal with download sites packed with ads, pop-ups, fake buttons, and privacy concerns. ReClip takes a completely different approach. You host it yourself. Your files stay on your machine. Your data stays yours. No premium paywall. No data collection. No endless upsells. Just a lightweight open-source project released under the MIT License and built to do one job well. Free. Open source. And likely to become a favorite for anyone who downloads media regularly. 👇