git/github

GitHub provides Git-hosted repositories plus collaboration features (pull requests, code review, Issues) and GitHub Actions for CI/CD, where workflows are defined in YAML to run tests, builds and deployments on hosted/self-hosted runners using marketplace actions and secrets management.

gitgithub

12-Month Skill Trend

Momentum and market value over time
Trending
Score
+20 in 12 mo
96
12 mo agoNow
Career
Value
+$12K in 12 mo
$42K/year
12 mo agoNow

Recommended Survey Paper

Quick overview of the field
View more

Must-Read Papers

Most classic and influential ideas
View more

This study addresses the lack of systematic understanding regarding the evolution of GitHub Actions workflows. Through a mixed-methods approach, we conduct the first large-scale empirical analysis of over 3.4 million workflow file versions from more than 49,000 repositories spanning November 2019 to August 2025. We identify seven categories of conceptual changes and find that repositories typically contain a median of three workflow files, with 7.3% of workflows modified weekly—approximately 75% of which involve only a single change, predominantly in task configuration and specification. Our findings further indicate that current large language model (LLM) tools have not yet significantly influenced workflow maintenance frequency, offering empirical grounding for the design of fine-grained automated maintenance tools.

CI/CDempirical studyGitHub Actions

This study addresses the lack of systematic understanding regarding how GitHub Actions workflows are used in real-world scenarios, how developers respond to workflow failures, and how these practices relate to project characteristics. Combining large-scale quantitative analysis of 258,300 workflow runs with qualitative case studies across 21 diverse repositories, this work identifies three typical patterns developers employ to handle workflow failures and uncovers a “configuration–usage gap”—where YAML configurations exist but workflows remain effectively unused. Furthermore, the study empirically validates five hypotheses linking project features to workflow usage intensity, revealing a significant positive correlation between high usage intensity and low failure rates. These findings provide actionable empirical evidence for improving CI/CD practices.

CI/CDfailure responseGitHub Actions

This study addresses the lack of systematic understanding in the configuration and maintenance of CI/CD caching, which imposes a significant burden on developers despite its benefits for build efficiency. Through a large-scale empirical analysis of 952 repositories on GitHub Actions—encompassing 1,556 workflow files and over ten thousand cache-related changes—the authors employ code mining, configuration analysis, commit tracing, and statistical modeling to uncover real-world caching practices, evolutionary patterns, and human-bot collaboration in maintenance. The findings reveal that cache adopters are more active, caching strategies are diverse and frequently adjusted, and build- and test-related tasks evolve rapidly. Manual interventions primarily address misconfigurations, whereas version upgrades are predominantly automated by bots. The work quantifies the maintenance overhead of caching and provides empirical foundations for improving developer tooling.

cache maintenanceCI/CD cachingempirical study

This study addresses the significant burden developers face in authoring and maintaining GitHub Actions workflows, stemming from a lack of systematic understanding of real-world automation and reuse practices. Through a mixed-methods approach combining a survey of 419 practitioners with qualitative and quantitative analysis, this work presents the first developer-centric characterization of common automation tasks, patterns of reuse mechanism adoption, and maintenance pain points in workflow development. The findings reveal that while developers heavily rely on reusable Actions, they seldom adopt reusable workflows; version management challenges lead to rampant copy-pasting; and critical aspects such as security and performance monitoring remain under-automated. These insights provide empirical foundations for improving CI/CD toolchains and reuse mechanisms.

CI/CDGitHub Actionssoftware maintenance

This study addresses the lack of systematic understanding regarding the content and long-term evolution of GitHub repositories. It presents the first large-scale empirical analysis of 10,000 real-world open-source repositories, combining static content parsing with time-series modeling to trace the evolution of files, directories, and file extensions over the past decade. The findings reveal that README.md, .gitignore, and LICENSE have become standard components; CI/CD tooling has shifted from diversity toward dominance by GitHub Actions; configuration formats exhibit a clear rise of TOML, YAML, and JSON alongside the decline of XML; and Dockerfiles as well as LLM-related files (e.g., AGENTS.md) have grown significantly. This work provides quantitative evidence for understanding technological shifts and standardization processes in the open-source ecosystem.

empirical studyevolution of open sourceGitHub repositories

Latest Papers

What's happening recently
View more

This study presents the first large-scale analysis of AI agents’ modifications to CI/CD configurations, examining 8,031 pull requests authored by AI agents—such as Copilot, Codex, and Devin—across 1,605 GitHub repositories, with a focus on YAML-based CI/CD workflow files. The findings reveal that CI/CD-related changes constitute 3.25% of all AI-generated modifications, with 96.77% targeting GitHub Actions. While the overall build success rate for AI-authored changes (75.59%) is comparable to that of human-authored ones (74.87%), their merge rate is slightly lower. Notably, Copilot demonstrates a significantly higher merge rate (+15.63 percentage points) in CI/CD tasks, suggesting emerging specialization among AI agents in automated DevOps workflows and highlighting behavioral differences across agent types in infrastructure automation contexts.

AI agentsCI/CD configurationsDevOps automation

This study addresses the critical issue of frequent failures in GitHub Actions workflows, which severely undermine automation reliability and maintainability. For the first time, it systematically maps 197 language constructs to 14 workflow capability features through a large-scale quantitative analysis of over 260,000 workflows across 49,000 repositories. By integrating language construct categorization with metadata mining, the work uncovers prevalent usage patterns, evolutionary trends, and their impact on workflow reliability. The findings reveal that only a small subset of constructs is heavily used, and that specific capability features are significantly associated with elevated failure rates and maintenance costs. These empirical insights provide actionable guidance for optimizing workflow design and improving robustness in continuous integration and delivery pipelines.

execution failuresGitHub Actionslanguage constructs

This study presents the first systematic evaluation of reliability differences among multiple AI agents—Claude, Devin, Cursor, Copilot, and Codex—in GitHub Actions CI/CD workflows. Leveraging the AIDev dataset, the authors collected 61,837 workflow runs via the GitHub Actions API and integrated CI logs, pull request metadata, and commit data to construct a taxonomy of 13 distinct failure causes. Their analysis reveals that Copilot and Codex achieve the highest success rates (93%–94%), while the frequency of AI contributions exhibits a significant negative correlation with workflow success. Moreover, high-frequency AI involvement is associated with an increased likelihood of specific failure types. These findings provide empirical evidence and a practical framework for integrating AI-generated code into CI/CD pipelines, particularly in high-stakes development scenarios.

Agentic PRsAI BotsCI/CD Workflows

What Makes a GitHub Issue Ready for Copilot?

Dec 24, 2025
MS
Mohammed Sayagh
🏛️ École de Technologie Supérieure | Université de Québec

GitHub issue quality significantly influences the mergeability of code generated by AI coding agents (e.g., GitHub Copilot), yet current best practices remain vague and lack empirical validation. Method: We systematically construct 32 fine-grained, interpretable issue quality guidelines and propose the first explainable, AI-aware issue mergeability prediction model. Leveraging text-based feature engineering and machine learning, our model achieves a median AUC of 72%. Contribution/Results: We identify key determinants of mergeability: issues that are concise, narrowly scoped, include implementation guidance, and specify code locations exhibit higher merge rates; conversely, issues involving external dependencies or configuration yield significantly lower merge rates. Our work provides both theoretical foundations and practical tools—namely, actionable quality criteria and an interpretable predictive model—to enhance human–AI collaborative software development efficacy.

Identifies criteria for GitHub issue quality for AI agentsPredicts merge likelihood of pull requests from issuesProvides guidance to improve issues for successful AI implementation

This study addresses the vulnerability of GitHub Actions workflows to software supply chain attacks and the lack of standardized evaluation criteria for existing security scanners. It presents the first comprehensive taxonomy encompassing ten categories of security weaknesses and conducts a systematic, cross-tool evaluation of nine widely used scanners based on a dataset of 596 real-world workflows. Employing both quantitative and qualitative methodologies, the research analyzes each tool’s detection coverage, capability, and usability. The findings reveal significant disparities among the tools in terms of breadth of coverage and underlying detection logic. Building on these insights, the work offers practical hardening recommendations for developers and provides empirical evidence to support the enhancement of CI/CD pipeline security.

GitHub Actionssecurity scannerssecurity weaknesses

Hot Scholars

TA

Taher A. Ghaleb

Assistant Professor of Software Engineering @ Trent University
Software EngineeringDevOpsCI/CDSoftware Analytics
AH

Andre Hora

Universidade Federal de Minas Gerais (UFMG)
Software EvolutionSoftware MaintenanceSoftware TestingMining Software Repositories
SZ

Stefano Zacchiroli

LTCI, Télécom Paris, Polytechnique Institute of Paris, France
software engineeringopen source softwaredigital commonscomputer security
CT

Christoph Treude

Associate Professor of Computer Science, Singapore Management University
Software EngineeringEmpirical Software EngineeringHuman-AI InteractionAI for Science
AE

Ahmed E. Hassan

Mustafa Prize Laureate, ACM/IEEE/NSERC Steacie Fellow, ACM Influential/IEEE Distinguished Educator
Mining Software RepositoriesSoftware AnalyticsEmpirical Software EngineeringSoftware