Deprecating the beta media type

Now that the GitHub API is serving the v3 media type by default, we are deprecating the legacy beta media type.

We will eventually remove support for the beta media type, but we have no official retirement date to announce at the moment. When the time comes, rest assured that we'll announce the retirement with plenty of notice. In the meantime, existing API clients that rely on the beta media type should start making plans to migrate to v3. The beta media type differs from v3 in just a few places. In most cases, migrating an application from the beta media type to the v3 media type is smooth and painless.

As always, if you have any questions, please get in touch.

Extending the preview period for the Deployments API

The preview period for the new Deployments API continues to yield valuable feedback from developers. In early March, we used that feedback to improve the payload format that integrations can use to customize deployments. A few weeks later, we began integrating with the new Combined Status API to help ensure that only verified code gets deployed, even if you have multiple systems verifying different aspects of your software.

To give developers time to explore these recent refinements to the Deployments API, we're extending the preview period for a little while longer. As always, if you have any questions or feedback, please get in touch.

Reminder: Default media type will change on April 15

Just a friendly reminder: On April 15, 2014, the GitHub API will start serving the v3 media type by default. Please see the original announcement for full details about this change, who it affects, and how to ensure that you are prepared.

If you have any questions, please get in touch.

Recommendation: Reset OAuth authorizations

As announced earlier today, we are actively responding to the recently-disclosed Heartbleed security vulnerability in OpenSSL. While at this time GitHub has no indication that the attack has been used beyond testing the vulnerability, we recommend that integrators reset the API authorizations for their OAuth applications.

We've added a new API method for this exact purpose. Calling this method will invalidate the old token and return a new token for applications to store and use in its place. This new method provides a safe way to reset user authorizations without requiring users to re-authorize the application on the web.

Integrators can also use the existing revocation methods to revoke all tokens or revoke a single token for their applications.

UPDATE (2016-01-25): API v3 no longer provides a method to revoke all of an application's tokens as previously referenced above. If you need to revoke all tokens for your application, you can do so via the settings page for your application.

If you have any questions or feedback, please get in touch.

Understanding search results and potential timeouts

Some queries are computationally expensive for our search infrastructure to execute. To keep the Search API fast for everyone, we limit how long any individual query can run. In rare situations when a query exceeds the time limit, the API returns all matches that were found prior to the timeout.

Starting today, the Search API also now informs you when such a timeout happens. Reaching a timeout does not necessarily mean that search results are incomplete. It just means that the query was discontinued before it searched through all possible data. More results might have been found, but also might not.

In some cases, if you know that your search results are potentially incomplete, you might think about the data differently. By exposing timeouts when they happen, the API helps you better understand how to interpret the results.

We hope this is useful as you integrate with the Search API. In the meantime, we're working on improving search so that these timeouts occur as rarely as possible. If you have any questions, let us know.

Grant access to create public repositories without granting access to private repositories

The Create Repository method now allows creating public repositories via OAuth with public_repo scope. This means you can safely grant third party applications the ability to create public repositories on your behalf without granting access to your private repositories.

If you have any questions or feedback, please get in touch.

Preview the New Combined Status API

What does it mean for a branch to be "green?" The Status API helps thousands of teams answer that question. Developers use it to record the status of continuous integration builds, contributor license agreements, code coverage analysis, automated security testing, dependency management, and more.

For many teams, a branch is considered "green" only when all of their various status checks are successful. With the new Combined Status API, developers can easily fetch this single, consolidated status for any branch, commit, or tag.

Status context

To help multiple service providers use the Status API simultaneously, statuses now support a context field. This field allows a provider to distinguish its statuses from another provider's statuses. For example, your Jenkins builds might use a context of ci/jenkins, while your Brakeman checks might adopt a context of security/brakeman.

The new Combined Status endpoint returns a single, combined state, as well as the latest status from each context. Systems that consume status updates can now get all the information they need in one place.

Opt-in

The existing Status API continues to work as it always has. The context field is entirely optional, and the color of the merge button on pull requests does not currently take context into account.

Preview period

We're making this new API available today for developers to preview. During this period, we may change aspects of the Combined Status API from time to time. We will announce any changes here (on the developer blog), but we will not provide any advance notice.

We expect the preview period to last 30-60 days. At the end of preview period, the Combined Status API will become an official component of GitHub API v3. At that point, this new API will be stable and suitable for production use.

We hope you'll try it out and send us your feedback!

Pagination changes for some resource lists

In an effort to keep the API fast for everyone, we're enabling pagination on some API methods that previously did not support it. Beginning today, the methods below will paginate if you include page or per_page query parameters. Starting April 17th, 2014, these methods will always return paginated results. If you have any questions or run into trouble, feel free to get in touch.

Here's the complete list of updated methods:

Gist comments

GET /gists/:gist_id/comments

Gist commits

GET /gists/:gist_id/commits

Gist forks

GET /gists/:gist_id/forks

Git refs

GET /repos/:owner/:repo/git/refs

Issue labels

GET /repos/:owner/:repo/issues/:number/labels

Milestone labels

GET /repos/:owner/:repo/milestones/:id/labels

Organization teams

GET /orgs/:org/teams

Pull Request commits

GET /repos/:owner/:repo/pulls/:number/commits

Pull Request files

GET /repos/:owner/:repo/pulls/:number/files

Release assets

GET /repos/:owner/:repo/releases/:id/assets

Repository collaborators

GET /repos/:owner/:repo/collaborators

Repository contributors

GET /repos/:owner/:repo/contributors

Repository branches

GET /repos/:owner/:repo/branches

Repository downloads

GET /repos/:owner/:repo/downloads

Repository keys

GET /repos/:owner/:repo/keys

Repository labels

GET /repos/:owner/:repo/labels

Repository tags

GET /repos/:owner/:repo/tags

Repository teams

GET /repos/:owner/:repo/teams

Team members

GET /teams/:id/members

Team repositories

GET /teams/:id/repos

User emails (v3 media type only)

GET /user/emails

User keys

GET /users/:user/keys
GET /user/keys

Page Build Event for Webhooks

We've made it even easier to track the status of your GitHub Pages builds. By subscribing to the new page_build event, your application will receive an event payload containing the results of each build. (As always, these builds occur automatically following each push to a GitHub Pages-enabled branch.)

If you have a webhook with the "send me everything" option selected (or if you use the "wildcard event" via the API), you will receive the page_build event after the next build of your GitHub Pages site. Alternatively, if you prefer to subscribe to specific event types, you can add to the new page_build event to your webhooks via your repository's webhook settings page or via the webhooks API.

For more information, be sure to check out our guide on working with webhooks. If you have any questions or feedback, please drop us a line.

Reminder: March 12 Cutover Test for Default Media Type

In January, we announced an upcoming change to the default media type. To help developers assess the impact of that change before it becomes permanent, we're performing a 24-hour cutover test next week.

From approximately 12:01am UTC to 11:59pm UTC on March 12, the API will respond with the v3 media type by default. (See the start time for the cutover test in your time zone.)

Follow @GitHubAPI to receive updates before and after the test.

Please see the original announcement for full details. If you have any questions, please get in touch.