GitHub announced a handful of new features and updates at its online Satellite 2020 event today, covering the cloud, collaboration, security, and more.
As with other technology companies, the Microsoft-owned code-hosting platform has chosen to move its annual developer event online due to the COVID-19 crisis, with Satellite 2020 representing GitHub’s first ever virtual conference. In an accompanying blog post, GitHub’s senior VP of product Shanku Niyogi said that this year’s event was all about “giving communities tools to come together to solve the problems that matter to them and removing barriers that stand in their way.”
The biggest facet of today’s news is a new product called GitHub Codespaces, which is designed to make it easier for developers to join a project, launch a developer environment, and start coding with minimal configuration — all from a browser. Available in “limited public beta” from this week, Codespaces is a cloud-hosted development environment with all the GitHub features, and it can be set up to load a developer’s code and dependencies, extensions, and dotfiles, and includes a built-in debugger.
It’s worth noting here that Microsoft last year launched an online version of Visual Studio called (unsurprisingly) Visual Studio Online, and recently rebranded it as Visual Studio Codespaces. And this gives a strong hint as to the building blocks of the new GitHub Codespaces — this is Microsoft bringing Visual Code’s branding and browser-based functionality to GitHub.
Code-editing functionality in Codespaces will always be free, according to GitHub, and for the duration of the beta the whole product will be free — though at some point it will ship under a pay-as-you-go pricing model.
GitHub is also gearing up to launch a new community-centric portal where developers can ask questions and converse around specific problems or topics inside a project repository. Before now, such discussions could only really take place through issues and pull requests, while there was a separate discussions tool for teams to plan and share information.
With GitHub Discussions, GitHub is now looking to build a community knowledge base outside the main codebase, and in truth it seems like it’s setting out to achieve something similar to Stack Overflow. Discussions are built around threads, and questions can be marked as “answered” for future reference.
GitHub Discussions has been available in limited private beta for a while already in several open source communities, and the company said that it will be opening it up to all open source communities this summer.
Elsewhere, GitHub also announced two new beta cloud security features as part of its advanced security offering. Code scanning is a new native GitHub tool that automatically scans every git push for vulnerabilities, with results shown inside the pull request. According to GitHub, code scanning uses CodeQl, an advanced semantic analysis engine it procured via its Semmle acquisition last year.
And then there’s secret scanning, formerly known as token scanning, which helps companies identify cryptographic secrets inside code so that they can be revoked before it’s intercepted by bad actors. Secret scanning was made available for public repositories back in 2018, and now it will be made available for private repositories too.
Finally, GitHub also announced that “private instances” would be available soon for enterprises that operate in highly regulated industries, which will bring a handful of security and policy features such as bring-your-own-key encryption, backup archiving, and tools to help companies comply with local data sovereignty regulations.