At GitHub’s fourth annual conference, GitHub Universe, in San Francisco on Wednesday, Jason Warner, senior vice-president of Technology, said the open source movement is about “solving real problems wider than ourselves” and GitHub specifically is about “building the future together” with developers, who use its platform.
In 2018, there have been 1.1 billion contributions to GitHub projects, with more code, issues and pull requests than ever before. The userbase passed 31 million developers, including eight million new developers, which Warner said was more than the first six years of GitHub combined. 80% of GitHub users are outside the United States “which shows the phenomenon of what social coding is all about”, he said.
"These 31 million are spread across 96 million repositories, that have collectively seen over 200 million total pull requests, or “conversations around the code,” he said.
Consequently, Warner used his keynote address to question what would the world look like if the platform focused on the best experience for each and every one of these 31 million developers? What would the world look like if developers didn’t have to build a connection between thousands of tools?
In answer, GitHub introduced new features designed to unify the developer experience, provided smarter interconnected workflows powered by code, and deliver greater collaboration and security.
“Too much effort is required to write, review and share code,” said Kathy Simpson, senior director of Product Management. “As developers, we want to solve problems, share knowledge, and change the world around us . The open source community at GitHub is the best place to do it, but there is too much effort required to write, review and share code.”
“Our commitment is to never give up on improving our product and platform. Our commitment is to better serve you and the developer community,” she said.
The major announcement was GitHub Actions, which the company described as its biggest new feature since the pull request, introduced in 2010.
GitHub Actions seeks to bring the power of software development to automate and take away effort involved in architectural considerations. In this new feature, developers can create and share workflows, triggered actions that execute inside containers, using any language.
For example, a workflow can be created that, on a new code release, publishes the changes automatically to AWS, Google Cloud, Azure, Heroku and Zeit all in parallel. These actions would ordinarily require time and effort, but can now be scripted, or even visually designed.
GitHub has 26 available events, or triggers, to fire off a workflow right now, such as on fork, new member signup, pull requests, push, release, review, and so on.
The workflows allow secure tokens and credentials to be stored and encrypted inside the workflow, and for the workflow status to be observed while it executes along with the status of prior instances.
Currently, GitHub has 450 available actions to fire when an event occurs, seamlessly connecting tools. Additionally, developers can write their own actions, and enterprises likewise can create their own repeatable, robust, auditable lifecycle processes.
Other announcements include:
Powerful in its simplicity, Suggested Changes is a new feature available from today where authors do not have to copy and paste suggestions from code reviewers, and reviewers do not need to branch the code. Instead, within the review comment, a new Suggest Change button inserts the selected snippet code allowing it to be edited within the comment. The author sees the suggested change with a clear diff between the existing code and the suggestion and can accept it within a single click. “This takes a lot of the back and forth out of pull review and lets us stay more productive together,” Simpson said.
GitHub exists both in the cloud and on-premises via GitHub Enterprise. Yet GitHub Enterprise developers are siloed away from the wider community, and some companies have multiple organisations with different credentials.
“We want to unity experience for devs regardless of deployment type,” Simpson said.
GitHub Connect answers three common paint points the company says it has heard from enterprise: developers need access to code beyond their firewall, they cannot showcase their private company achievements on their own profile, and administrative tasks need to scale.
Consequently, GitHub Connect delivers three key features:
- Unified search enhancements – allowing developers to search across open source code in GitHub online or their enterprise installations
- Unified contributions – allowing developers’ private contributions like code, reviews and comments to be recognised on their public GitHub profile. The project’s name and code are not identified but metadata about them such as commits to a private repo are included, allowing enterprise developers to fully represent themselves as professional and open source developers
- Unified business identity – allowing administrators to unify identities across organisations, bridging the gap between on-premises and cloud-based innovation.
Unified search and unified contributions are available today while Unified business identity is currently in a limited public beta.
Token scanning for public repositories
Taking seriously its role as a host for petabytes of open source code GitHub says it recognises the challenge to stay vigilant and up-to-date in an increasing hostile world.
This feature scans source code automatically for any publicly-exposed tokens and keys in known formats. When a match is found, GitHub will automatically contact the provider and verify if it is a credential or not, and have the credential re-generated and sent to the owner to keep the keys out of the wrong hands.
Vulnerability scanning for Java and .NET
Semantic code search
Using machine learning, GitHub has released an experimental tool to find code using natural language, for example, “flatten list of lists”, finding functions to achieve this goal. “This allows developers to move from imperative mode to declarative mode,” says Omoju Miller, Senior Data Scientist.
With the acquisition not yet complete, anticipated to do so by the end of the year, GitHub executives did not have news to bring on the acquisition but Warner said “our developer-first ethos is not going anywhere” and the edict from Microsoft was clear - “do what you need to do to serve your customers best.”
The writer attended GitHub Universe as a guest of the company.