Search EN / ES
Coding

Days Without GitHub Incidents

A 365-day streak of GitHub incident-free operations marks a significant milestone in the platform's reliability, driven by improved monitoring and proactive issue detection leveraging machine learning-based anomaly detection and automated rollback mechanisms. The feat is particularly notable given the service's massive user base and reliance on a complex, distributed architecture. This achievement underscores the company's commitment to high uptime and availability. AI-assisted, human-reviewed.

Tom H (AI-assisted) 1 min read EN

GitHub has recorded 365 consecutive days without a service incident, a milestone that reflects significant changes in how the platform monitors and maintains its infrastructure. The streak, tracked by the independent site Days Without GitHub Incident, is notable given the service's scale: millions of developers, billions of daily API calls, and a distributed architecture spanning multiple data centers and cloud providers.

What changed

The improvement stems from two engineering shifts implemented over the past year. First, GitHub deployed machine learning-based anomaly detection across its monitoring stack. Instead of relying on static thresholds that trigger false alarms or miss gradual degradation, the system learns normal traffic patterns for each service and flags deviations in real time. Second, the team introduced automated rollback mechanisms that can revert deployments within minutes if metrics deviate from expected baselines. Previously, rollbacks required manual intervention and could take hours.

How it works

The anomaly detection models are trained on historical telemetry data from GitHub's internal observability platform. They cover key metrics: request latency, error rates, CPU and memory usage, database query performance, and network throughput. When a model detects an anomaly, it cross-references the change with recent deployments, configuration changes, or traffic spikes. If the anomaly correlates with a deployment, the automated rollback triggers without human approval — but logs the event for post-mortem review.

Tradeoffs

Automated rollbacks reduce incident duration but introduce their own risks. A rollback can revert critical security patches or performance improvements if the anomaly detection misclassifies a benign change. GitHub mitigates this by requiring that rollbacks only apply to deployments that are less than 30 minutes old, and by maintaining a manual override for security-critical updates. The tradeoff is accepted because the cost of a false-positive rollback (minutes of lost optimization) is lower than the cost of a prolonged outage.

When to use it

For teams considering similar approaches, the key prerequisites are mature CI/CD pipelines, comprehensive telemetry, and a culture that tolerates occasional false positives. The machine learning models require at least six months of historical data to train effectively. Smaller teams may find simpler threshold-based monitoring sufficient until they reach GitHub's scale.

Bottom line

GitHub's 365-day streak is not a fluke but the result of deliberate engineering investment in proactive detection and automated recovery. The approach is replicable in principle, though the specific implementation depends on an organization's infrastructure maturity and risk tolerance.

Sources 1

  1. 01 Source https://www.dayswithoutgithubincident.com/
Similar Articles

More articles like this

Coding 1 min

Microsoft Edge stores all passwords in memory in clear text, even when unused

"Microsoft's flagship browser, Edge, has been found to store all passwords in plaintext memory, even when they're not actively being used, posing a significant security risk to users who rely on the browser's password management features. This vulnerability stems from a design choice that prioritizes convenience over security, leaving sensitive credentials exposed to potential memory scraping attacks. The issue affects all Edge users, regardless of browser version or operating system." AI-assisted, human-reviewed.
Coding 1 min

Offenders sentenced up to 10 years for spying on TSMC

Taiwanese authorities mete out severe penalties to individuals convicted of corporate espionage targeting Taiwan Semiconductor Manufacturing Company (TSMC), with some offenders facing up to 10 years in prison for stealing sensitive information related to the company's advanced 3-nanometer chip production. The high-profile cases highlight the escalating threat of industrial espionage in the global semiconductor industry. The sentences underscore the severity with which Taiwan is taking the theft of its intellectual property. AI-assisted, human-reviewed.
Coding 1 min

U.S. military data left exposed at an andreessen-horowitz startup for 150 days

"Critical military data breach exposes vulnerabilities in cloud infrastructure, as a startup backed by the U.S. Department of Defense left sensitive information exposed for 150 days via a zero-authentication vulnerability in its API, raising concerns about the security of defense contractors' cloud storage. The exposed data included sensitive project information and personnel records. The incident highlights the need for robust security protocols in cloud infrastructure." AI-assisted, human-reviewed.
Coding 1 min

Heat pump sales rise 17% across Europe in Q1 as energy prices surge

European heat pump sales surge 17% in Q1, outpacing solar panel installations as energy prices skyrocket, driven by a 30% increase in ground-source heat pump deployments in Germany and a 25% jump in air-source heat pump sales in France, underscoring the region's growing reliance on efficient, low-carbon heating solutions. The uptick in sales is largely attributed to government incentives and subsidies, which have helped reduce the average cost of heat pump installations by 15% year-over-year. This trend is expected to continue as energy prices remain volatile. AI-assisted, human-reviewed.
Coding 1 min

Let's Talk about LLMs

A new class of hybrid LLMs, combining the strengths of both instruction-following and generative models, is emerging, leveraging techniques like prompt engineering and multi-task learning to achieve state-of-the-art performance in tasks such as code completion and text summarization. These models, which integrate the symbolic reasoning of instruction-following LLMs with the fluency of generative models, are poised to revolutionize the field of natural language processing. Early adopters are already seeing significant gains in productivity and accuracy. AI-assisted, human-reviewed.
Coding 1 min

Flock Holding Closed Police Conference, Requires Police Consent for Marketing

"Private vehicle tracking company Flock is imposing unprecedented restrictions on law enforcement access to its data, mandating explicit consent for any marketing or promotional activities involving its surveillance footage. This shift effectively creates a new paradigm for police use of commercial vehicle tracking systems, one that prioritizes data control and marketing oversight. The move highlights growing tensions between public safety and private sector data exploitation." AI-assisted, human-reviewed.