Since last year’s GitHub Universe, we’ve shipped more than 20,000 improvements to GitHub for developers, open source communities, and enterprise teams. Here’s a comprehensive overview of what we’re announcing at Universe this week. Tune in live on October 27th and 28th 2021 or on demand and read on to see how we’re transforming the developer experience to help you focus on what’s important: creating great software.

TL;DR

✨ Improved daily flow

  • New GitHub Issues experience expands to public beta: Track workflows with project tables and boards that let you filter, sort, and group issues and pull requests. Switch between working in the open and in private with public projects.
  • Labels and automatic release notes for GitHub Discussions: Labels to help sort discussions and automatic release notes with shoutouts to contributors.
  • Improved CI/CD with GitHub Actions: Secure deployments with OpenID Connect, deployment environments to simplify approvals, improvements to reusable workflows, and new auto-scaling functionality for self-hosted runners.
  • Command palette: Just like keyboard shortcuts in an IDE, command palette lets you run commands and navigate across organizations, repositories, issues, pull requests, and more all within the GitHub UI.
  • Pull request merge queue: Merge pull requests efficiently, without updating your pull requests anytime another change lands, all while ensuring the branch remains green. Sign up for the private beta.

☁️ The developer cloud

  • Improvements to GitHub Codespaces: Try the new devcontainer feature composition, expanded access control for port forwards, GitHub CLI, and REST API. Codespaces is currently available to Team and Enterprise Cloud plans.
  • GitHub Copilot for Neovim & JetBrains: You can now use GitHub Copilot with Neovim and the latest versions of JetBrains IntelliJ IDEA and PyCharm.

🔒 Secure at every step

  • Code scanning adds support for Ruby: CodeQL analysis can now identify potential vulnerabilities in Ruby code (available in beta).
  • Custom repository roles: Enterprise Cloud customers can now create custom repository access roles, so you can give your teams exactly the permissions they need (available in beta).

Transforming the developer experience

Here are just a few new and improved tools you can use to improve your day-to-day.

New GitHub Issues experience in public beta

Starting today, we’re expanding the beta to everyone using GitHub.com for the new GitHub Issues experience. The new GitHub Issues includes features like project boards and dynamic tables, which give you the ability to filter, sort and group issues and pull requests. Other features include:

  • Iteration support: You can now create “iteration” field types in project tables to sort and group issues by sprint and cycles.
  • Custom fields: Plan and track your work using the information that’s important to your team.
  • Public projects: Make a project public (everyone can see them) or private (only select individuals can see them) and switch between the two as needed. Check out the GitHub public roadmap as one example of this in action.

Explore the new GitHub Issues beta, or join the conversation on Universe discussions.

Connecting communities with GitHub Discussions

Last year, we launched a beta version of GitHub Discussions to help developers, teams, and open source communities to gather ideas, collaborate, and communicate more effectively on GitHub. We learned a lot and your feedback helped us make GitHub Discussions a more powerful and feature-rich tool. Here’s just a sampling of what we heard:

“GitHub Discussions enabled us to make feature launches more community-centered as each feature and experiment got its own discussion in a dedicated space outside of the issue tracker. With its threading support, we were able to individually address comments without losing them in the larger discussion. A great side-effect of this is that our issue tracker is now separate from questions, feature requests, and general chit-chat.”

~ @LekoArts, maintainer of Gatsby

Today, you can try:

  • GitHub Actions integration support: Trigger Actions workflows on Discussion and DiscussionComment webhook events.
  • Discussion labels: Categorize and filter discussions using custom labels.
  • Discussions on GitHub Mobile: Continue the conversation while on the go, using the GitHub Mobile app.

We’re also shipping two net-new features in the coming months:

  • Polls: Create polls to gauge interest on anything from features to interests to roadmap planning.
  • Community insight dashboards: Monitor trends across issues, discussions, pull requests, and more with a new dashboard.

Screenshot of GitHub Discussions poll

If you haven’t already enabled GitHub Discussions on your repositories, check out our docs and quickstart guide.

Cloud development environments with GitHub Codespaces

If you aren’t already familiar with Codespaces, it allows you to spin-up fresh dev environments directly from your browser or through Visual Studio Code. Earlier this year, we migrated all of our engineering teams to Codespaces, making it the default developer environment for all of GitHub. Before Codespaces, it could take up to 45 minutes for us to create a new developer environment from scratch. With Codespaces, a GitHub developer can create a new, preconfigured developer environment in 10 seconds. That means we’re spending way more time building GitHub, and way less time troubleshooting and waiting for dev environments.

We’re continuing to learn from organizations that have already adopted Codespaces to improve the developer experience. Some of these improvements include:

  • Easier dev environment creation: You can now create and update the devcontainer.json development environment as code definitions with a one-click setup.
  • CLI support: We’ve added Codespaces support into the GitHub CLI to help developers who prefer the command line and direct SSH access to their development environments.
  • REST API support in beta: A new REST API makes it easier to programmatically manage your Codespaces, including machine types and secrets.
  • Access control for forward ports: Share forwarded ports to your Codespace and mark them as public, private, or shared with members of your organization.
  • Seamless access to GitHub Container Registry: Automatic authentication to dev containers stored in GHCR without having to provide a Personal Access Token (PAT).

Codespaces is currently available for GitHub Team and Enterprise accounts. Check out our on-demand sessions at Universe to find out how Codespaces is changing how we make software.

Learn more about the new features or about Codespaces, or jump in with the Quickstart guide.

Neovim and Jetbrains support for GitHub Copilot

GitHub Copilot can convert comments to code, reduce the time spent drudging through API docs, and help you write tests.

We are expanding editor support to include Neovim and JetBrains IDEs, especially focused on the latest versions of IntelliJ IDEA and PyCharm. Support for multiline completions in Java has also been added, with support for more languages over the coming months.

We’re continuously inviting additional developers to try out our technical preview. Sign up for the waitlist on GitHub Copilot.

GitHub Actions updates for improved CI/CD and automation

Over the past year, we shipped a number of updates to GitHub Actions including environments, required approvers for deployments with GitHub Mobile support, deployment branch protection, environment secrets, rerun workflows, improved runner management experience, GitHub CLI support for Actions, and much more. We’ve also reached over 10k actions in the Marketplace from the open source community and our partners. These updates are designed to make GitHub Actions the best CI/CD and automation experience.

Our recently released features include:

  • Reusable workflows: Reduce workflow duplication so your teams can move faster and be more secure with standardized deployment workflows to enforce best practices. Reusable workflows can be maintained in a single repository and shared with your entire enterprise.
  • API for auto-scaling self-hosted runners: Manage yourself-hosted infrastructure costs by scaling fleets up—or down—in response to a given workload. We recommend and partner with two open source projects that leverage these APIs to provide a complete solution for auto-scaling self-hosted runners on VMs or Kubernetes.
  • Open ID Connect (OIDC) based authentication support: Automatically rotate secrets for each deployment using any cloud provider with OIDC support (including AWS, Azure, GCP).

Stay up to date with the latest improvements to GitHub Actions or explore over 10,000 actions to automate workflows.

GitHub navigation made simple with a new command palette

GIF: Navigating between organizations and using the theme switcher command with the command palette

The new command palette public beta will help you navigate more seamlessly around GitHub and optimize your workflow with a new host of commands starting with a single shortcut—command k on macOS and control k on Windows and Linux—from anywhere on GitHub. From there, you can quickly navigate to any project, repo, pull request, or issue and run commands.

Try using the new command palette and let us know what you think.

Expanding code scanning to support Ruby and improving Enterprise Cloud access controls

From the shortest scripts to monorepos, we’re working to bring you better security tools. We have several new additions for Universe to make it easier to build and ship secure code.

Code scanning support for Ruby

Ruby is the 10th* most popular language within the open source community. To help more open source maintainers and organizations find potential vulnerabilities in their code, we’ve added Ruby support (beta) to the CodeQL engine that powers GitHub code scanning.

Our CodeQL analysis identifies security issues in your code, along with the flow of data to the vulnerable location. To help secure services and tools created with Ruby, the CodeQL beta release spots many of the most common security issues including SQL injection, regular expression denial-of-service (ReDoS), multiple cross-site scripting attack vectors, command-line injection, and more.

CodeQL for Ruby is available by default in GitHub.com code scanning, the CodeQL CLI, and the CodeQL extension for Visual Studio Code starting today. It will also be included in GitHub Enterprise Server 3.4. Ruby joins the list of supported CodeQL languages, which also includes C/C++, C#, Java, JavaScript/TypeScript, Python, and Go.

To start using the new Ruby analysis in code scanning, simply update your existing workflow file. Or if you’re new to code scanning, set up an analysis workflow from the Security tab in your repository.

GitHub Enterprise Cloud updates

GitHub Enterprise Cloud is the complete cloud DevOps platform for our enterprise users, and we’re continuing to build out its capabilities to meet the evolving demands companies face in today’s environment. A big part of that means shipping more security and permission features.

Here are two of the recent security updates for Enterprise Cloud:

  • Enterprise managed users (EMU): Enterprise managed users offers a new option to manage enterprise identities where enterprise administrators can own and manage the entire lifecycle of identities, while improving provisioning and deprovisioning capabilities. Contact your account manager to get started.
  • Custom repository roles: GitHub admins can now create custom permission levels for teams, organization members, and outside collaborators (available as public beta).

Learn more about GitHub Enterprise Cloud.

Join us now at Universe

Want even more? Be sure to tune into Universe live on October 27th and 28th 2021 (PDT)—or take advantage of our on demand sessions to learn more about what’s new on GitHub and hear from the community.

Tags: