Our initial impressions of GitHub’s recently announced package registry, what JS skills are trending in job listings, and shout outs!
More news out of today’s GitHub Satellite event, this time from a security angle. The implications of this acquisition from the horse’s mouth:
- We’re integrating Dependabot directly into GitHub, starting with security fix PRs 👮♂️
- You can still install Dependabot from the GitHub Marketplace whilst we integrate it into GitHub, but it’s now free of charge 🎁
- We’ve doubled the size of Dependabot’s team; expect lots of great improvements over the coming months 👩💻👨💻👩💻👨💻👩💻👨💻
Congrats to Grey, Harry and Philip!
The news about GitHub Sponsor is making the rounds. This post from Owen Williams highlights how GitHub is listening and putting their money where their mouth is, for the good of all of us.
GitHub, it seems, is thriving again. It just showed the fruits of that labor, and what it looks like when a company is participating in the discussion in the open, listening to the developers that know it best.
At an event called GitHub Satellite, the company unveiled the biggest set of new features in memory, all designed to address glaring problems the platform has faced for years. They’re designed to help make GitHub a better place to work, and contribute to the open source community as a whole.
HUGE news coming from GitHub today:
We’re thrilled to announce the beta of GitHub Sponsors, a new way to financially support the developers who build the open source software you use every day. Open source developers build tools for the rest of us. GitHub Sponsors is a new tool to help them succeed, too.
100% of sponsorship money goes to the developers and they’re even matching contributions up to $5k during a developer’s first year! Also, the whole thing is tightly integrated in to GitHub itself:
Open source projects can also express their funding models directly from their repositories. When
.github/FUNDING.ymlis added to a project’s master branch, a new “Sponsor” button will appear at the top of the repository. Clicking the button opens a natively rendered view of the funding models listed in that file.
There’s lots to digest here, but at first glance this looks like an amazing addition to the open source ecosystem. 🎉
There are two fun angles coming from this article.
- The team over at CHAOSSEARCH has built ElasticSearch-like functionality on top of a AWS S3 buckets. It looks compelling for anyone who’s managed a large ES cluster and is looking at other ways to get search functionally out of a lot of data.
- Explore GitHub data shows a ton of interesting insights around popular and unpopular licenses, programming languages, and the libraries available to explore them.
You can sign up for the beta here.
Just fork the repo, configure and customize, then push it back up for GitHub Pages.
A thoughtful, step-by-step redesign of the repo page we all know so well. I didn’t realize how many problems the current design has! Perhaps I’ve been inoculated to them by sheer volume of use.
His redesign takes a few left turns on me (I’ve always loved how code-centric the design is, for example), but overall there are many good ideas inside. I hope GitHub’s design teams read this and “steal” a few of the goodies.
Well, it depends. But the good news is Jason Etcovitch (Engineer at GitHub) examines the pros and cons of each and where they fit. He even shared a comparison table to help determine which to choose.
Should your next automation tool be built in GitHub Actions or as a separate service with Probot? Since GitHub announced the beta release of GitHub Actions in October 2018, there’s been a new excitement around building automation - and that’s awesome! But I wanted to take a look at the various pros and cons of GitHub Actions and Probot, where each excels and where each might not be the best tool for the job.
Click through and scroll to the bottom of the post if all you care about is the comparison.
From the GitHub blog:
With draft pull requests, you can clearly tag when you’re coding a work in progress. Now when you open a pull request, a dropdown arrow appears next to the “Create pull request” button. Toggle the dropdown arrow whenever you want to create a draft instead.
Finally. No more titling “[WIP]” and co-workers still asking you whether your pull request is ready to review. GitHub is killing it right now.
If you’re looking for a deep dive on GitHub Actions, check out The Changelog #331: GitHub Actions is the next big thing with Kyle Daigle. Patrick Reynolds, writing on the GitHub Engineering blog:
Since the beta release of GitHub Actions last October, thousands of users have added workflow files to their repositories. But until now, those files only work with the tools GitHub provided: the Actions editor, the Actions execution platform, and the syntax highlighting built into pull requests. To expand that universe, we need to release the parser and the specification for the Actions workflow language as open source. Today, we’re doing that.
I also want to point out this “we believe” section of the post to key in on their intentions and willingness to provide the community with the necessary tools to make GitHub Actions all that it can be for the community.
We believe that tools beyond GitHub should be able to run workflows. We believe there should be programs to check, format, compose, and visualize workflow files. We believe that text editors can provide syntax highlighting and autocompletion for Actions workflows. And we believe all that can only happen if the Actions community is empowered to build these tools along with us. That can happen better and faster if there is a single language specification and a free parser implementation.
GitHub needs to Sherlock this feature ASAP.
This is useful for making sure things look right before pushing your content up to GitHub for serving. It’s better than
python -m http.server and the like because it handles lack of file extensions and absolute paths better.
It doesn’t support Jekyll-based GitHub pages, but it will take your Markdown files and send them off to api.github.com/markdown for character-perfect rendering.
Until now, the best way to add a contributor to the list was via the CLI tool. That works great when you’re at your computer in “code mode”, but not when you’re mobile or just browsing the web.
In this post, I’m going to demonstrate how to use GitHub Actions in an Elixir project. By the end of it, we’ll have a simple workflow that tests and checks formatting of our code.
I have a feeling we’ll be seeing a lot more “GitHub Actions for $X” posts in the coming months…
Follow along as our friends at Phusion walk us through the process of creating a GitHub Actions workflow to build and publish a Ruby gem to the RubyGems registry.
One of the actions featured in the version that’s currently exclusively available to GitHub employees and a selected and undisclosed group of Beta testers, is the ‘GitHub Action for npm’, which wraps the npm CLI to enable common npm commands.
We set out to instead make an example workflow to build and publish a Ruby library (or: gem) to the default public registry, and created a GitHub repository, with a Docker container for a ‘Rubygems’ action: github.com/scarhand/actions-ruby
By utilizing a simple and minimal usage syntax
relsenables you to easily view various analytics & stats regarding the releases of any GitHub repository, displayed in a clean & concise manner, right from within your terminal.
Adam and Jerod talk to Kyle Daigle, the Director of Ecosystem Engineering at GitHub. They talk about GitHub Actions, the new automation platform announced at GitHub Universe this past October 2018. GitHub Actions is the next big thing coming out of GitHub with the promise of powerful workflows to supercharge your repos and GitHub experience. Build your container apps, publish packages to registries, or automate welcoming new users to your open source projects — with access to interact with the full GitHub API and any other public APIs, Actions seem to have limitless possibilities.
Why might you want to do this? Two reasons:
- Fast Feedback - Rather than having to commit/push every time you want test out the changes you are making to your
main.workflowfile (or for any changes to embedded GitHub actions), you can use act to run the actions locally.
- Local Task Runner - I love make. However, I also hate repeating myself. With
act, you can use the GitHub Actions defined in your
main.workflowfile to replace your
If you’ve been looking for a list of awesome GitHub Actions, you’ve found it — thanks to Sarah Drasner.
Actions are triggered by GitHub platform events directly in a repo and run on-demand workflows as autoscaled containers in response. With GitHub Actions you can automate your workflow from idea to production.
When you go through orientation at Google they walk you through “The Life of a Query” and it was one of my favorite things. So I am re-applying the same for a GitHub Action.
In a post accidentally published a day early, we learn that GitHub will offer unlimited private repositories for free to users, effectively eliminating their smallest personal plan. However, the private repositories are limited to three collaborators. The article suggests the feature will roll out on January 8th. It will be interesting to see how the current pay subscriptions will change.
DevHub helps you take back control of your GitHub workflow and stay on top of everything important going on.
Available on the web, iOS, and Android (thanks to React Native).
Jerod is joined by Andrew Nesbitt and Ben Nickolls to talk Octobox, their open source web app that helps you manage your GitHub notifications. They discuss how Octobox came to be, why open source maintainers love it, the experiments they’re doing with pricing and business models, and how Octobox can continue to thrive despite GitHub’s renewed interest in improving notifications.
I’m really interested to see how this changes GitHub Issues (if at all). Really dig this sentiment shared by Bryn Jackson, CEO of Spectrum, in their announcement post:
We love you all for taking a chance on Spectrum. We couldn’t be the best platform for communities without having the best communities, so we’re incredibly grateful that you’ve trusted us to take good care of you.