BACKGROUND IMAGE: stock.adobe.com
GitHub has stepped up its game, with direct appeals to both developers and enterprises in late 2018 and the first half of 2019. The hosting and version control service reworked its free plans, enterprise products and community initiatives, introducing a number of tools, features and betas.
GitHub's recent flurry of activity is not surprising, after Microsoft completed its acquisition of the company in October 2018. Each new stroke paints a clearer picture: GitHub is in the midst of a big push to expand its user base in the source code repository and version control market.
Catch up with the most notable GitHub news stories from the past year and examine how the hosting service's strategy has zeroed in on developers and enterprise users alike.
GitHub Actions advances automation efforts
With GitHub Actions, the company aims to create a tool that enables developers to customize and automate their workflows. Compatible with any language, GitHub Action purports to build, package, release, update and deploy projects, and it can work with both the GitHub API and external APIs.
GitHub Actions uses Docker containers, which enables it to combine and integrate with other platforms.
As of July, the tool is still in public beta and GitHub notes that users should not put Actions to work for any high-value workflows.
GitHub unifies Enterprise service, offers free repos
GitHub provides unlimited free private repositories, though it only extends to projects with three or fewer collaborators. Enterprises can only make use of the free plan for small-scoped endeavors, such as a pilot or exploratory project. However, developers on smaller projects no longer need to turn to a second version control tool, like Atlassian Bitbucket, if they want unlimited private repos.
GitHub also unified the on-premises and cloud deployment options for its service into a product labeled GitHub Enterprise. Customers can make use of either option, for one price.
The company has since released a number of Enterprise versions. Significantly, version 2.16 brought a number of developer-centric upgrades. Among the changes in GitHub Enterprise features were:
- timeline events that show when you force a push to a branch;
- maintainers that add more template automation; and
- refined administrative abilities.
GitHub frequently posts new releases for the product, often on a weekly basis.
GitHub enhances security bug bounty program
In an effort to buttress its source code and supplement its internal security resources, GitHub expanded its bug bounty program in February.
The company increased both the scope and rewards of the bounty program for its fifth year. It includes all first-party services hosted at GitHub.com, even the cloud-hosted configuration for GitHub Enterprise. GitHub also lifted all caps on rewards researchers can earn when they discover critical vulnerabilities, as well as raised payouts.
Additionally, the company disclosed that it had invited 150 researchers -- including those who made a name for themselves in the public bug bounty program -- to participate in a private program for GitHub Actions.
GitHub ponies up for open source developers
GitHub took a stand for open source developers in May with its GitHub Sponsors program. GitHub Sponsors enables user to set up a recurring monthly payment to support the developers behind open source projects on the platform. Via the GitHub Sponsors Matching Fund, the company will equal contributions up to $5,000 to sponsored developers, at least for the first year.
In the long term, the program could come to inform the relationship between open source consumers and developers. Some worry about the influence GitHub -- and, by extension, Microsoft -- will exert over open source projects through such a program; they fret that compensation could sway developers to contribute to one project over another, leaving behind equally qualified projects. Others, however, are simply happy that open source developers have a way to make money for their efforts.
The program is still in a limited beta. Developers can put their names in a waitlist for the program.
Security, monitoring tools get a boost
At its Satellite conference in Berlin, GitHub sought to woo organizations with GitHub Enterprise features for security. In May, GitHub acquired Dependabot, an automated dependency management tool, and revealed plans for other features geared toward helping enterprises address vulnerabilities.
Features like maintainer security advisories, automated security policies, fine-grained permissions and internal repos give enterprises greater control over how they implement security. Some of those GitHub Enterprise features are still in beta, as is Organization Insights, a service that helps admins understand how their team uses GitHub and track open source use.