GitHub Introduces ‘Revolutionary’ Automation Features

GitHub has said that automation features introduced this week represent the biggest shift in the code repository site’s history, describing them as a way of creating flexible shortcuts that can speed up common development actions.

In the past, developers have had the option of hosting development actions themselves — such as deploying an app to multiple cloud service providers, publishing a JavaScript module to the NPM package manager or sending an SMS alert — but the new GitHub feature means developers can run the actions directly on the site.

They can also exchange actions with other developers amongst the 31 million who use GitHub, meaning a potentially vast change for the automation of development workflows.

Workflow automation

“By applying open source principles to workflow automation, GitHub Actions empowers you to pair the tools and integrations you use with your own custom actions or those shared by the GitHub community, no matter what languages or platforms you use,” the company said in a blog post.

The GitHub Actions feature, currently in limited public testing, is aimed at creating an “ecosystem of options”, the company said, while at  this week’s GitHub Universe 2018 event in San Francisco, Sam Lambert, head of platform for GitHub, said the feature would “revolutionise” software development.

Developers will be able to select from prebuilt Actions or create them themseves by building a container for the code they want to run.

There will also be a visual editor for those who want to build their workflows without creating a container.

GitHub said it plans to host and run Action code even for users on the free open source plan, and ultimately wants to allow developers to sell workflows and Actions on the GitHub marketplace.

New security features

Also at GitHub Universe, GitHub introduced an apprenticeship programme it said is aimed at lowering the barriers of entry for people with diverse background who want to enter careers in technology.

The programme is a six-month, paid career development programme aimed at supporting those with non-traditional work and educational backgrounds, supplementing GitHub’s similar scheme for full-time college students.

On the security front, the firm extended its security vulnerability alerts feature to support Java and .NET, in addition to existing support for JavaSript, Ruby and Python. The feature issues alerts when a project has a dependency that includes a known vulnerability.

The new GitHub Token Scanning feature, now in public beta testing, ensures tokens and keys are not accidentally committed and exposed in a public repository by scanning repositories for known token formats.

GitHub also introduced a Security Advisory programming interface as a building block for security features. The API gives developers a way to integrate security data into their tools and services.

Unified development

GitHub Connect is a way for developers to collaborate across organisational barriers by connecting the firm’s business and open source communities.

It brings in features such as unified search, which searches both the site’s open source code as well as a project’s own internal code, and a Unified Business Identity feature for linking multiple GitHub Business accounts.

Other announcements at the event included three new courses in GitHub’s Learning Lab to help developers get started with the service and a feature that displays the work of developers on GitHub Enterprise in their public profile, giving that work better public exposure.

GitHub is currently in the process of being acquired by Microsoft, with the deal expected to be concluded by the end of this year.