Home / Companies / GitHub / Blog / November 2019

November 2019 Summaries

18 posts from GitHub

Filter
Month: Year:
Post Summaries Back to Blog
GitHub will be participating in AWS re:Invent from December 2-6 in Las Vegas, where it will showcase its collaboration with AWS in producing and shipping code efficiently and securely. Attendees can visit GitHub's booth at the Venetian to sign up for sessions that cover various topics, such as managing AWS credentials with GitHub Actions, securing the software supply chain, and using reusable infrastructure with the AWS CDK and GitHub Packages. Additionally, GitHub will offer opportunities for one-on-one meetings with experts and host a session on continuous delivery using GitHub Actions to automate the software lifecycle. The event aims to provide valuable insights into integrating GitHub and AWS workflows, enhancing code development processes.
Nov 25, 2019 308 words in the original blog post.
Over the past few years, GitHub has adopted Kubernetes as a standard deployment pattern for many internal and public-facing services, but encountered sporadic latency issues that were not due to the application performance itself. These latency spikes, sometimes exceeding 100ms, were traced back to delays in packet processing on certain Kubernetes nodes, particularly affecting TCP and ICMP packets. The investigation revealed that this issue was linked to the Linux kernel's packet processing and was exacerbated by cadvisor, a tool used to monitor resource usage in containers, which was inadvertently causing stalls. This was due to slow reads of the memory.stat file, attributed to "zombie" cgroups that retained cached memory after processes exited. While the problem was mitigated by clearing the cache or rebooting affected nodes, a permanent solution was achieved by upgrading to a newer Linux kernel version that improved memory.stat performance. This case highlights the importance of maintaining foundational systems like Kubernetes to ensure the reliability and performance of services built upon them.
Nov 21, 2019 4,183 words in the original blog post.
GitHub has announced updates to its Terms of Service, Privacy Statement, and Acceptable Use Policies to reflect new products, legal requirements, and user feedback. Effective November 13, the legal terms now encompass new offerings like GitHub Actions, Packages, and Advanced Security, while December 20 will see the implementation of updated Privacy and Acceptable Use Policies, which consider the California Consumer Privacy Act. These revisions aim to enhance clarity and security, and GitHub encourages user engagement by open-sourcing policies for collaborative development in its site-policy repository. Users can provide feedback on these updates until December 15, with the changes being finalized shortly thereafter, and organizations are invited to adapt these policies for their own use.
Nov 15, 2019 577 words in the original blog post.
GitHub has announced the launch of GitHub Security Lab, a collaborative initiative aimed at enhancing the security of open source software by partnering with companies, security researchers, and maintainers across the industry. The lab will utilize tools like CodeQL, a code analysis engine now freely available for open source projects, to identify vulnerabilities and improve software security. GitHub is also introducing the GitHub Advisory Database, a public repository of security advisories, and has enhanced its platform with features such as automated security updates and token scanning to streamline the process of vulnerability management. The initiative seeks to address challenges like the vast scale of open source ecosystems, the shortage of security expertise, and the need for better coordination among global security experts. Key partners in this effort include F5, Google, Microsoft, Mozilla, and Uber, among others, all of whom have committed to contributing resources and expertise to secure open source software. GitHub Security Lab aims to inspire and enable the global security research community to work collaboratively in securing the world's code.
Nov 14, 2019 952 words in the original blog post.
GitHub Actions, released last year, has quickly become a robust framework for automating workflows directly from repositories, gaining traction as developers and enterprises integrate it into their processes. With over 1,200 Actions now available in the GitHub Marketplace, the community has leveraged it for diverse applications, from social media automation to cloud deployments, with contributions from both individual developers and partners like Atlassian, Twilio, and Cloudflare. GitHub has partnered with major cloud providers such as AWS, Google Cloud, and Microsoft Azure to streamline continuous integration and deployment processes, allowing developers to deploy directly to their preferred cloud environment from GitHub. Enterprises like Pinterest, Decathlon, and Dow Jones have realized significant efficiency gains, reducing build times and enhancing automation capabilities. As GitHub Actions becomes generally available, the platform is poised to further expand its ecosystem, encouraging developers to innovate and automate with ease.
Nov 14, 2019 844 words in the original blog post.
GitHub Universe celebrated the contributions of over 40 million developers worldwide, announcing several key updates and features. GitHub Actions and Packages have moved out of beta, providing a comprehensive CI/CD solution and package management, while GitHub for mobile and redesigned notifications aim to enhance user experience. The event highlighted the GitHub Archive Program, which seeks to preserve open source code for future generations, and the launch of GitHub Security Lab to improve software security. Initiatives like GitHub Sponsors now allow for project-level funding, emphasizing the collaborative nature of open source development. Additionally, new features like code navigation, code search, and scheduled reminders were introduced to streamline workflows, alongside improvements in GitHub Enterprise Server. These developments underscore GitHub's commitment to advancing the open source community and developer productivity.
Nov 13, 2019 1,813 words in the original blog post.
GitHub Enterprise Server has introduced new features in its latest release, enhancing security, community and project management, and developer productivity. The update includes support for WebAuthn security keys for two-factor authentication, which broadens device compatibility, and improved dependency graph support that now alerts users to security vulnerabilities in NuGet and scoped NPM packages. Additionally, new roles for triage and maintain have been fully integrated to enhance repository management, providing more flexibility in assigning permissions. Developer tools have also been improved with better visibility for related pull request issues and the general availability of the Audit Log GraphQL API, allowing for detailed security and compliance tracking. These updates cater to diverse user needs, reinforcing GitHub's commitment to facilitating a secure and efficient development environment.
Nov 13, 2019 393 words in the original blog post.
GitHub Universe, the company's largest annual event, offers a livestream option for those unable to attend in person, featuring keynotes from GitHub CEO Nat Friedman, COO Erica Brescia, and various special guests. Scheduled for November 13 and November 14 at 9 am PT / 12 pm ET, the event invites participants to tune in via githubuniverse.com/watch, where they can engage in the conversation digitally. The announcement encourages viewers to mark their calendars and provides links for Google and Outlook reminders to ensure they don't miss the presentations.
Nov 12, 2019 119 words in the original blog post.
GitHub experienced a year of growth and change, marked by new leadership, product launches, and a 30% increase in its workforce with 360 new employees joining from around the world. The company remains committed to fostering a diverse, inclusive, and belonging-focused environment for its global developer and employee communities. Its fourth annual Diversity, Inclusion, and Belonging Report highlights initiatives that have supported these goals, such as the development of employee resource groups (ERGs) like Blacktocats and Octoqueer, which engage in impactful community projects. The report also emphasizes the importance of flexible work arrangements, manager training on inclusive practices, and ongoing dialogues between leadership and the Inclusion Advisory Council to enhance inclusion in policies and processes. GitHub continues to prioritize creating a welcoming workplace where all employees, or "Hubbers," can thrive and contribute to the company's mission to build a global platform for developers.
Nov 12, 2019 946 words in the original blog post.
The California Consumer Privacy Act (CCPA), effective January 2020, represents a significant advancement in privacy regulation by granting California residents rights to access, delete, and control their personal information while imposing strict requirements on businesses regarding data handling and sales practices. GitHub has committed to extending these rights to all its U.S. users, despite CCPA's limited jurisdiction, reflecting its dedication to privacy. This law mandates that businesses display a "Do Not Sell My Personal Information" button if they sell user data, defined broadly to include any valuable exchange. Though similar to Europe's GDPR, CCPA has unique requirements, emphasizing the need for businesses to adapt their data protection strategies accordingly. As more countries develop privacy laws, and with potential federal legislation in the U.S., developers must collaborate with legal experts to ensure compliance. They should map data flows, maintain clear documentation, and secure data-sharing agreements to safeguard user information. Additionally, developers are encouraged to participate in public consultations to shape the future of privacy regulations.
Nov 11, 2019 972 words in the original blog post.
Major League Hacking's annual Local Hack Day: Build offers a global opportunity from December 1-8 to engage in a 12-hour hackathon focused on learning and creating with technology, suitable for both newcomers and experienced developers. Hosted in over 120 locations worldwide, the event fosters community engagement and provides access to the GitHub Education Pack, offering over $100,000 worth of tools and training to student developers. Participants can attend workshops on various topics, such as collaborating on code projects with GitHub and building a node.js app with Azure, gaining skills applicable to academic, internship, and career pursuits. GitHub Campus Experts will be available at select locations to provide mentorship, and attendees are encouraged to share their experiences on social media using the hashtag #LocalHackDay and tagging @GitHubEducation.
Nov 08, 2019 294 words in the original blog post.
GitHub Marketplace recently reached a milestone of 1,000 actions available for GitHub Actions, a tool that enhances workflows for tasks such as application building, cloud deployment, and repository automation. Notable actions include Setup JFrog CLI, which simplifies managing build dependencies by using Artifactory as a package registry; Close Stale Issues, which helps manage repository issues by filtering and closing inactive ones; and image-actions by Calibre, which optimizes images in pull requests to improve website load times. These actions demonstrate the flexibility of GitHub Actions beyond continuous integration, offering a range of tools to streamline and optimize development processes.
Nov 06, 2019 523 words in the original blog post.
GitHub's annual Octoverse report highlights the dynamic growth and interconnectedness of the global software development community, now comprising over 40 million developers, the majority of whom are outside the United States. The report reveals significant contributions to open-source projects from developers worldwide, including notable participation from organizations such as 35 of the Global Fortune 50. Over 44 million repositories were created in the past year, showcasing a trend towards increased reliance on shared open-source infrastructure, with each repository depending on an average of more than 200 packages. Security also emerged as a collaborative effort, with the GitHub community remediating over 7.6 million vulnerability alerts through a combined effort of maintainers, developers, and automated tools like Dependabot. Noteworthy trends include Python surpassing Java as the second-most popular language, the rapid growth of Dart and Rust, and the significant rise in the use of Jupyter Notebooks. These developments underscore the collaborative nature of modern software development, driven by a diverse and expansive global community.
Nov 06, 2019 723 words in the original blog post.
GitHub has introduced self-hosted runners in beta for its Actions CI/CD platform, offering users more flexibility and control over their workflow environments. These runners allow users to employ their own hardware and software configurations, accommodating specific needs such as proprietary tools or different operating systems and architectures like ARM-based CPUs. They provide enhanced security and networking options, making it easier to connect with on-premises resources. Self-hosted runners also support large workloads by enabling persistent configurations and overcoming the six-hour time-out limitation of hosted virtual environments. Users can configure and manage their self-hosted runners through the Actions tab in their repository settings, using labels to specify the environment setup. Although custom labels are not currently supported, GitHub plans to introduce this feature in future updates, aiming to enhance user experience and meet diverse CI/CD requirements.
Nov 05, 2019 610 words in the original blog post.
GitHub has officially launched the internal repository visibility feature, which allows any member of an enterprise account to read repositories owned by the enterprise, following a successful public beta and valuable user feedback. Throughout the beta phase, over 100 enterprise customers and numerous individual developers provided input, which significantly shaped the feature's development. Initially, users were confused about the scope of visibility, mistaking repositories as organization-wide rather than enterprise-wide due to limited guidance and the novelty of enterprise accounts. In response, GitHub made several changes, such as updating the repository creation dialog to clarify visibility distinctions, adding documentation for "enterprise members," and enhancing API endpoints and search filters. These adjustments aimed to improve user understanding and experience, emphasizing the importance of customer feedback in the process. GitHub also plans to extend this feature in the upcoming release of GitHub Enterprise Server 2.20, ensuring a consistent experience across its Cloud and Server platforms.
Nov 05, 2019 692 words in the original blog post.
GitHub Sponsors has transitioned from beta to general availability, now accessible to developers with bank accounts in 30 countries, with plans to expand further. The program has experienced significant growth since its beta launch, engaging tens of thousands of developers within the GitHub community. Open source developers have made remarkable strides using sponsorships, and GitHub has incorporated numerous features requested by beta users. Efforts are ongoing to enhance sponsorship experiences globally, and developers in countries not yet supported can join a waitlist for updates. GitHub plans to broaden availability, gather user feedback, and refine tools to better connect developers with their communities.
Nov 04, 2019 243 words in the original blog post.
Git 2.24 introduces several new features and improvements, including feature macros that allow users to easily opt into multiple configuration changes with a single setting, enhancing usability for various repository characteristics. Commit graphs are now enabled by default, improving performance in loading commits, and a new configuration for automatic updates during fetch operations is available. The release also marks the adoption of the Contributor Covenant code of conduct to promote an inclusive community. Additionally, Git 2.24 recommends the new git filter-repo tool over the older git filter-branch for history rewriting tasks, offering improved speed and usability. The update includes a new command-line option, --end-of-options, to prevent option injection attacks, and supports greater flexibility with partial clones through multiple promisor remotes. The command-line completion engine has been enhanced to complete configuration variables in per-command configurations, and a new pre-merge-commit hook has been added.
Nov 03, 2019 2,327 words in the original blog post.
Game Off is an annual month-long game jam organized by GitHub, where participants are encouraged to create games based on the theme "LEAPS AND BOUNDS." This event, running from November 1 to December 1, invites individuals or teams to develop games using any preferred game engines, libraries, or languages, and to share their work on GitHub and itch.io. Participants are required to sign up on these platforms, create a new public GitHub repository for their game's source code and assets, and submit their entries by the deadline. After the jam concludes, submitted games are open for voting, and some will be featured on the GitHub Blog. To support newcomers, resources and community forums on GitHub and itch.io are available, offering guidance on version control, game development, and choosing suitable development tools like Phaser, Unity, Unreal Engine, Godot, and more. The event encourages creativity, collaboration, and learning in a supportive environment, with the official Twitter hashtag #GitHubGameOff fostering community engagement.
Nov 01, 2019 645 words in the original blog post.