InfoQ Homepage github Content on InfoQ
-
GitHub Adds Dependabot Automated Security PRs and More Security-Related Features
GitHub has announced a number of new features aimed to help developers secure their code, including the ability to create PRs for any dependencies needing an update to include security fixes, integration with WhiteSource data for better vulnerability assessment, dependency insights, and more.
-
GitHub Package Registry Integrates Source Code and Packages
GitHub launched a limited beta of its new Package Registry, aiming to simplify publishing public or private packages under the same user interface as source code. GitHub Package Registry supports npm, Maven, RubyGems, NuGet, and Docker images, and support for more package management tools is already on its roadmap.
-
GitHub Draft Pull Requests Enable New Collaboration Workflows
GitHub has introduced draft pull requests to handle work-in-progress scenarios where you might want to open a PR or start a conversation with your teammates before your code is ready to be reviewed.
-
Dependabot Automatically Creates GitHub PRs to Fix Your Vulnerabilities
Leveraging GitHub Security Advisory API, Dependabot aims to help developers track their dependencies, monitoring the security of their programs, and making sure any potential vulnerabilities are removed as easily as possible by automatically creating PRs to resolve them.
-
GitHub Launches Free Private Repos with up to Three Collaborators
GitHub has just announced it will allow developers to create private repositories with up to three collaborators at no cost. Additionally, GitHub has introduced a new product for enterprise customers operating both in the cloud and on-premises. InfoQ has spoken with Kathy Simpson, senior director of product at GitHub, to learn more.
-
GitHub Desktop 1.5 Simplifies Merge Conflict Resolution
The lastest version of GitHub official client app for macOS and Windows, GitHub Desktop 1.5, makes it easier to resolve merge conflicts and to create, add, or clone a repository. InfoQ has spoken with Neha Batra, GitHub Desktop engineering manager.
-
GitHub Incident Analysis Shows How to Improve Service Reliability
On October 21, 2018, GitHub users experienced a degraded service during 24 hours due to an incident caused by routine maintenance work. This led to the display of outdated and inconsistent information and to the unavailability of webhooks and other internal services for 24 hours. GitHub post-incident report shows where things failed and suggests how to improve site reliability.
-
GitHub Octoverse 2018 Highlights
Octoverse is the annual survey that GitHub conducts among its developers to take the pulse of the community. Here the most significant highlights from this year’s edition.
-
GitHub Release Developer Workflow Tools: Actions, Suggested Changes & Security Alerts for .NET/Java
At GitHub Universe in San Francisco, GitHub announced a number of new tools to help developers make their workflows more effective, including Actions, Suggested Changes, Security Alerts for .NET and Java, and more.
-
New Git Submodule Vulnerability Patched
The Git community has disclosed a security vulnerability affecting the clone and submodule commands that could enable remote code execution when vulnerable machines access malicious repositories. The vulnerability, which has been assigned CVE–2018–17456 by Mitre, has been fixed in Git 2.19.1.
-
GitHub Expands Its Learning Offerings with Four New Online Courses
GitHub Learning Lab is an initiative launched earlier this year to help people of all skill levels use GitHub. GitHub has released four new courses, Uploading to GitHub, Migrating to GitHub, Community Starter Kit, and Introduction to HTML.
-
Instana Releases Sample Microservice Application
Instana, provider of AI powered monitoring solutions for dynamic containerised microservice applications, announced at QCon New York the release of Stan’s Robot Shop, a sample microservice application that can be used as a sandbox to test and learn about microservice architecture, containerised application orchestration and automatic monitoring techniques.
-
GitHub Engineering Adopts New Architecture for MySQL High Availability
Github.com uses MySQL as a backbone for many of its critical services like the API, authentication and the Github.com website itself. Github’s engineering team replaced its previous DNS and VIP based setup with one based on Orchestrator, Consul and the Github Load Balancer to get around split brain and DNS caching issues.
-
Microsoft to Acquire GitHub for $7.5 Billion
Microsoft has announced an agreement to acquire GitHub, the software development platform and web-based hosting service for version control using Git. The deal should close later in the year, and both parties have stated that GitHub will remain an open platform that is committed to supporting developers using any tools and deploying to any platform.
-
GitHub Checks API Enables Apps for Advanced Continuous Integration
GitHub Checks API aims to make it possible to integrate code checks into a continuous integration workflow. For example this could mean linting a source file and present the results directly in the pull request view. The feedback can be so detailed as desired, e.g., showing the line of code causing a problem, thus allowing the commit author to fix the issues and run a new check on the code.