Home / Companies / GitHub / Blog / May 2019

May 2019 Summaries

13 posts from GitHub

Filter
Month: Year:
Post Summaries Back to Blog
GitHub Sponsors provides a platform for open source maintainers and developers, like Mariatta Wijaya, to receive financial support from the communities that benefit from their work, thus granting them the freedom and security to continue contributing to open source projects. Wijaya, a Python core developer and maintainer of projects such as CPython and gidgethub, was motivated by the lack of diversity in the open source community, particularly the absence of women core developers, as highlighted in keynotes by Guido van Rossum. Her involvement in the open source community has been both professionally and personally rewarding, allowing her to tackle diverse challenges and improve her communication skills. However, she notes that the sustainability of open source projects is threatened by the limited time many maintainers can dedicate, often a privilege afforded only in their free time, which also affects diversity within the community. Through GitHub Sponsors, Mariatta hopes to reduce her reliance on her employer's income, enabling her to dedicate more time to open source contributions and initiatives like PyLadies Vancouver and PyCascades, thereby broadening her impact in the tech community.
May 31, 2019 830 words in the original blog post.
Internships present valuable opportunities for students to gain experience and set a foundation for future careers, as highlighted by GitHub Campus Experts who shared insights from their internships at prestigious institutions like NASA and CERN. These experts emphasized the importance of early logistical preparations, such as securing housing and transportation, as well as approaching the internship with a learning mindset rather than assuming prior knowledge. They recounted initial challenges such as first-day nerves, imposter syndrome, and the importance of integrating into the workplace, which they overcame by building connections and focusing on the learning experience. The internships not only enhanced their résumés but also allowed them to explore various roles, gain technical skills, and form lasting professional relationships. The experts underscored that the skills and connections acquired during internships are instrumental in shaping a successful career path.
May 29, 2019 930 words in the original blog post.
GitHub Satellite, a global developer conference in Berlin, unveiled several initiatives aimed at supporting the open-source community, enhancing security, and catering to enterprise needs. GitHub Sponsors was introduced to financially support open-source developers, with a matching fund to amplify contributions. The platform also announced new security features, including partnerships with Whitesource and the acquisition of Dependabot, to help maintain code integrity and automatically address security vulnerabilities. For enterprises, GitHub introduced features to aid collaboration and innovation, emphasizing the adoption of open-source best practices. These initiatives underscore GitHub's mission to foster a supportive, secure, and interconnected developer community globally.
May 23, 2019 451 words in the original blog post.
In an effort to enhance software security, GitHub has introduced several new features aimed at helping developers secure their code and responsibly handle vulnerabilities. These features include security vulnerability alerts enhanced by a partnership with WhiteSource, which broadens coverage and detail on vulnerabilities, and dependency insights for auditing and understanding exposure to security threats. Token scanning now supports a wider range of token formats to prevent data breaches, and Dependabot has been integrated to automate security fixes by monitoring dependencies and opening pull requests to update them. GitHub also introduced maintainer security advisories and security policies to help open source maintainers privately address issues and communicate security protocols. These initiatives are part of GitHub’s ongoing commitment to leveraging its platform's extensive data and connections to protect the software development community and incorporate best practices across the industry.
May 23, 2019 653 words in the original blog post.
GitHub is enhancing its Enterprise platform to support businesses in securely adopting open source practices, thereby facilitating innovation at scale and building trust through improved security and compliance. These enhancements include new features for effective team management such as enterprise accounts, new roles and permissions, team synchronization, and internal repositories to foster an innersource culture. Security upgrades include a dependency insights dashboard, vulnerability alerts, token scanning, and automated security fixes, alongside Git data encryption to bolster data protection. The platform also introduces tools to improve collaboration, such as draft pull requests and Learning Lab courses, while offering uncapped IP indemnification to protect customers against IP infringement claims. Mario Rodriguez, GitHub's Chief Product Officer, is leading these initiatives, having a rich background in developing developer tools and overseeing GitHub's AI strategy.
May 23, 2019 911 words in the original blog post.
GitHub has launched the beta version of GitHub Sponsors, a platform designed to financially support open source developers by allowing users to sponsor them directly through their GitHub profiles. To kickstart this initiative, GitHub is offering a Sponsors Matching Fund, which matches contributions up to $5,000 during a developer's first year in the program, while charging zero platform fees and covering payment processing fees for the first 12 months. This tool supports global payouts and welcomes all types of contributions, not just code, thus broadening opportunities for individuals involved in open source projects. Developers can be sponsored seamlessly as part of the GitHub workflow, and open source projects can display their funding models via a "Sponsor" button on their repository, using a flexible YAML format to list various funding options. GitHub aims to expand participation in open source development and is open to community feedback, with an advisory panel set up to address operational challenges faced by open source teams.
May 23, 2019 753 words in the original blog post.
The April 2019 edition of Release Radar highlights a range of innovative projects, each reaching significant milestones with version 1.0 releases, showcasing advancements across gaming, design, web development, and localization tools. SuperTuxKart introduces network multiplayer in its 3D arcade racing game, while Termshark debuts as a visual interface for analyzing network traffic. The United States Web Design System 2.0 enhances federal web services with increased modularity and accessibility. Docz and MDX streamline the creation of documentation and content integration, respectively, fostering ease and flexibility in development processes. GB Studio enables the creation of 2D adventure games without coding experience, and Uppy enhances file uploading with new features. Fluent offers an expressive localization system, and Caddy emphasizes secure web server functionalities. Babylon.js 4.0 improves WebGL graphics with performance enhancements and a scene inspector. Additional projects like Quinesnake and Tinkersynth showcase creative endeavors in programming and generative art. These projects collectively demonstrate the diverse and impactful contributions of the open-source community.
May 21, 2019 906 words in the original blog post.
Open source software plays a crucial role in tackling global social issues, such as climate change and education, by enabling collaboration among nonprofits, governments, and developers on platforms like GitHub. A notable example is the Global Learning XPRIZE, a competition by the XPRIZE Foundation that sought scalable, open-source software solutions to aid children's self-education in reading, writing, and arithmetic. This challenge, conducted in partnership with organizations like the World Food Programme and UNESCO, culminated in a tie between two winning teams, Kitkit and onebillion, whose software demonstrated significant educational improvements among children in Tanzania. The initiative highlights the potential for open source solutions to drive social change, while also emphasizing the need for ongoing support in localizing these tools for various languages and cultural contexts.
May 16, 2019 443 words in the original blog post.
Atlassian Bitbucket, GitHub, and GitLab issued a joint blog post to address a recent Git ransomware incident, aiming to educate users on secure practices and share details of the event. On May 2, user accounts across these platforms were compromised due to credential leakage, leading to public and private repositories being held for ransom. The incident involved automated attacks using legitimate credentials, where repositories were overwritten with a ransom note demanding Bitcoin payments. Investigations revealed that the attack stemmed from a third-party credential dump, and the platforms have since invalidated compromised credentials and notified affected users. The companies emphasize the importance of enabling multi-factor authentication, using strong and unique passwords, and safeguarding personal access tokens to prevent such incidents. They also provide guidance on recovering affected repositories and encourage users to utilize available security features on their respective platforms.
May 14, 2019 1,232 words in the original blog post.
GitHub Package Registry is a new package management service that allows users to publish public or private packages alongside their source code, fully integrated with GitHub's existing tools for managing repositories. It supports a variety of package management tools, including npm, Maven, RubyGems, NuGet, and Docker images, providing fast, reliable downloads via GitHub's global CDN. The service offers a unified system for user and team permissions, allowing for streamlined management of both code and packages, and includes features like webhooks and GitHub Actions for customizable publishing workflows. Users can access package insights, including download statistics and history, enhancing trust and understanding of dependencies. Currently in limited public beta, GitHub Package Registry is free for open-source projects, with further pricing details forthcoming.
May 10, 2019 511 words in the original blog post.
Git and GitHub offer numerous functionalities that facilitate the sharing of work among developers, such as branches, forks, issues, and pull requests, but these features can be challenging for students and new developers to master. GitHub provides tools like issue and pull request templates, labels, project boards, and saved replies to assist instructors in offering productive feedback and enhancing students' communication and project planning skills. By preparing repositories with templates and utilizing GitHub Classroom, instructors can guide students in creating structured issues and pull requests, fostering collaboration and peer feedback. Instructors can also assess and provide feedback on students' work using the same tools, modeling real-world development practices and encouraging students to improve. Saved replies can streamline the feedback process by allowing instructors to reuse common comments across issues and pull requests. The integration of these tools into the educational process exemplifies how GitHub can be leveraged to teach essential software development skills in a classroom setting.
May 06, 2019 694 words in the original blog post.
Team synchronization is a new feature that allows teams to efficiently manage GitHub at scale by syncing groups across Azure Active Directory (Azure AD) and GitHub teams, set to be available in beta to Azure AD administrators soon. This feature facilitates the management of developer access to repositories and other GitHub resources by syncing Azure AD with GitHub teams, enabling the assignment of access permissions to entire groups rather than individual users. This synchronization not only speeds up administrative tasks but also enhances security and audit compliance by maintaining a single, updated location for user management. The feature is currently in limited beta for organizations using GitHub Enterprise Cloud and Azure AD, with plans to expand its functionality to other identity providers. Mario Rodriguez, Chief Product Officer at GitHub, announced this feature, highlighting his experience and passion for developing tools for developers, including overseeing GitHub's AI strategy and the GitHub Copilot product line.
May 06, 2019 335 words in the original blog post.
GitHub Learning Lab celebrated its first anniversary by launching community-authored courses, allowing members to create bot-supported courses and share their knowledge with a global audience. This new feature caters to a diverse range of learners, from beginners in software development to seasoned professionals seeking new skills. Over the past year, Learning Lab users have engaged in more than 85,000 courses on topics like making their first commit and setting up CI pipelines. The platform aims to facilitate knowledge sharing between project maintainers, contributors, and users, enabling quick and scalable training on new technologies. Course creators can track engagement and progress, receiving insights into how learners interact with their content and where they face challenges, which helps improve course effectiveness. Anyone with a GitHub account can create courses by utilizing available resources such as video series, documentation, and the "Write a Learning Lab course" guide.
May 01, 2019 390 words in the original blog post.