The GitHub Blog

Today is the second Day of Action to Save Net Neutrality this year, and there’s never been a more important time to show your support. GitHub is joining a number of companies, digital rights groups, and nonprofits to continue the fight for net neutrality rules and the rights of internet users around the world. This coordinated effort comes just a couple of days before the Federal Communications Commission (FCC) is set to vote on Chairman Ajit Pai’s proposal that will likely end a free and open internet for all of us.

We began this week observing that just last year, the United Nation’s Human Rights Council recognized internet access as integral to promoting human rights and called on governments to promote digital literacy, facilitate access, and address digital divides.

Unfortunately, Pai’s proposal will reverse this progress—especially efforts to increase access and decrease divides—for developers and every internet user.

Why net neutrality matters

FCC Commissioner Mignon Clyburn put it best when she explained that the proposal “threatens innovation at the edge, by allowing broadband providers to charge tolls to access their customers.” While concerns may center on how this affects the sites we rely on daily for searching and streaming, these changes will likely have a much greater impact on software entrepreneurs who are rewriting the way we communicate and get work done right now. The FCC is not considering the developers and small startups that don’t have access to the resources that bigger companies have.

In addition to charging internet users extra fees, broadband providers would be able to use preferential treatment for their own content. Even if developers and startups manage to pay the fees, internet providers could limit or block those services in favor of their own—robbing internet users of newer, more innovative ones.

As EveryoneOn, a U.S. nonprofit committed to creating social and economic opportunity by getting people online, notes “Lack of access to digital opportunity is particularly harmful today because of the role that digital technology plays in everyday tasks.” Its CEO Chike Aguh goes on to explain how net neutrality will have a broader economic impact: “90 percent of people in the United States who have looked for a new job in the last two years used the internet to research jobs, and 84 percent have applied to a job online.” EveryoneOn estimates that the internet results in more than $2 million in additional lifetime earnings for individuals with access.

A U.S. vote with global impact

As the U.S. prepares for another round of net neutrality debates, governing bodies in regions like India and the European Union have come out in support of net neutrality regulations. For instance, the Telecom Regulatory Authority of India (TRAI) released its recommendations on net neutrality this past November. These recommendations stem from TRAI’s acceptance that strong principles of non-discriminatory access will promote future growth and innovation of “internet infrastructure and its applications, content, and services.”

Additionally, the European Union has continued to evangelize its position on net neutrality. Body of European Regulators for Electronic Communications Chair, Sebastien Soriano, explained in a recent speech that Europe’s position on net neutrality is established and drew a distinction between Europe and the U.S. by stating, “Even in the U.S., a pioneer country in this area, the issue remains unresolved.”

In jurisdictions that haven’t made a firm commitment to net neutrality, the change in U.S. policy could be used as justification for closed internet policy.

Make your voice heard

Net neutrality affects everyone, and we only have two more days to “Break the internet”, and let Congress know how we feel.

Call your U.S. congressperson today

If you’re not in the U.S., you can still help by spreading the word, and learning about open internet policies in your country.

GitHub Enterprise 2.12 has arrived with new organization tools to help your team stay focused and do their best work. Get project board enhancements, global webhooks, repository archiving, and more by upgrading to our latest release.

Ready to upgrade?
Download GitHub Enterprise 2.12

More accessible project management

Project boards help you keep track of what’s happening with a group of tasks. Now, with automation events, you can let your project boards update the status of your tasks for you. Whether you or a teammate add a new card to a project, close an issue, or merge a pull request, your cards will automatically move between columns in real time.

Learn more about project board automation

If you rely on assistive technology or prefer using the keyboard to manage project boards, you can now use our new keyboard shortcuts to quickly navigate between cards and columns. Simple keystrokes allow you to move cards and columns anywhere on the board, commit changes, or review the keyboard shortcuts in more detail.

Learn more about project navigation

Project boards are a great way to organize tasks, but often, those tasks have external dependencies. With our new Enterprise release, you can use notes to add links to those dependencies. When you reference an issue or pull request in a note, you’ll now see a preview of the cross-referenced link in a summary card, giving you more context.

Learn more about project note summary cards

Global webhooks that keep you in the know

Now you can configure webhooks for an entire enterprise instance instead of one repository or organization at a time. Admins will be notified about new users and organizations, deleted users and organizations, and membership changes.

Learn more about global webhooks

Better repository organization tools

You don’t have to delete repositories when they're inactive. Now you can archive older projects to make them read-only to owners and contributors. While no one will be able to add new issues, pull requests, or comments, you'll be clutter-free and still have access to the repositories if you decide to iterate on them later.

Learn more about archiving repositories

With Enterprise 2.12, you can also search for repositories by their license using license family names or queries like “license:mit” and “license:gpl-3.0”. License searching gives you another way to find projects that fit your licensing requirements or repos you’d like to work on. We’ve even added a license filter on the “Advanced Search” page to help you craft the exact query you need.

Learn more about searching repositories by license

Automatic HTTPS deployment

GitHub Enterprise now supports Let’s Encrypt, a public Certificate Authority (CA), which automatically obtains and renews TLS and SSL certificates. Admins can get a secure “green HTTPS padlock” by running a simple CLI command or requesting a TLS certificate in the Management Console, with no fees or manual steps for certificate renewal.

Learn more about HTTPS deployment

Additional Updates

• Use hotpatching to schedule patch upgrades during a designated upgrade window
• Get geo-replication improvements like updated commands, archive generation, and support for GitHub Pages
• View edit history for comments, use Markdown for topic discussions, and support new contributors with a contribution guidelines sidebar
• Configure permissions around a repository fork
• User-level requests for moves from child teams to parent teams

Upgrade today

Download GitHub Enterprise 2.12 to start using these tools. You can also check out the release notes to see what else is new or enable update checks to automatically check for the latest GitHub Enterprise release.

Not using GitHub Enterprise yet?
Request a 45-day free trial

Before your 2018 calendar fills up, start planning your trip to Barcelona on March 8 for Git Merge—an event dedicated to the developer community's favorite version control tool. Whether you're new to Git or built a company around it, you'll walk away with connections and ideas that can help you get to the next step. Tickets are on sale now, and we're taking Git Merge speaker submissions until January 20!

Speak at Git Merge

If you have a 30-minute session idea, we'd love to hear it. While Git Merge sessions are usually technical, we're looking for a wide range of topics and presenters—don't let a lack of technical (or speaking) experience stop you from submitting a proposal. If selected, you'll receive tickets to Git Merge events, and we'll help pay for your travel and accommodations.

Send us a proposal

Secure your spot

General admission tickets are on sale now for €99, and all proceeds will benefit the Software Freedom Conservancy. You can also add a ticket for our workshop day on March 7 until they sell out.

Get tickets

See what Git Merge is about in our 2017 recap video.

This month, we’re introducing a few new apps to help you write, manage, and deploy code. To see what's new and find more ways to work better, head to GitHub Marketplace.

Testing
TestQuality provides modern and powerful test plan management that's seamlessly integrated with GitHub. Test Management workflows are extended, so you can create, update, delete, and link defects and requirements in your repository without ever leaving your testing workflows. Best of all, TestQuality is completely free for use with public repositories on GitHub.

Project management
Issue.sh integrates natively with GitHub to provide agile project management with fine-grained permissions. The app includes issue boards, story points, finish time estimation, burndown charts, and more. Developers don't have to switch contexts, and project managers can get total visibility into the development process.

Publishing
Pageclip is a simple way to save form data from your website. Collect leads for your new product, set up a contact form, capture emails for a newsletter, or create white-labeled survey forms—all from your static website and without a server.

Security
BackHub creates daily recurring backups of all your public and private repositories, keeping an up-to-date backup with up to three months of snapshots. Backups include the repository and all metadata including the wikis, issues, and pull requests associated with it.

Deployment
Take care of your application instead of focusing on Capistrano and the asset pipeline. Cloud 66 for Rails provides everything you need to run production-ready Rails and Rack apps on any cloud and under your cloud account.

Continuous integration
Cloud 66 Skycap is a container-native CI/CD solution that allows you to build your image from source code in a reliable and repeatable way by taking code from your Git repository and running your Docker build workflow step-by-step. Skycap can also produce more than one image and comes with an intuitive interface and private Docker repository.

Ready to try out these new additions? See how they can help your team work better or discover even more tools in GitHub Marketplace.

Github Regional Sales Director Clay Nelson and MapBox’s Vice President of Business Development, Alex Barth explored how software development is evolving in the automotive space in a recent webcast.

With high consumer expectations, advances in software development, and new open source principles in highly-regulated industries, Barth says automotive companies must evolve or fall behind. Here are a few highlights from the webcast and a link to watch the full recording.

Watch the webcast

Growing consumer expectations

It's never been easier for consumers to interact with each other and the brands they care about, especially with social media platforms at their fingertips. That means automotive brands need to focus more than ever on acknowledging and meeting consumer expectations—even when they ask for the next wave of vehicles to be "smartphones on wheels". Coupled with the pressures of maintaining safety, quality, and security within code, these demands call for the adoption of open source principles and faster development.

New workflow complexities

In order to achieve the “rolling smartphone” effect, computing within vehicles is changing rapidly, from isolated micro-controllers to more integrated systems—and teams can no longer work in isolation. They're racing to deliver consumer-requested features that have more complexity and dependencies, which is especially challenging in a highly-regulated industry.

Accelerated collaborative development

With more modern workflows, such as the GitHub Flow, organizations can develop collaborative processes that allow for more visibility. This enables developers to communicate through code in a more straightforward (but still secure) way, rather than getting stuck in the same developmental bottleneck that has choked the industry for years.

To learn more about how GitHub works within the automotive industry, watch the webcast.

Watch more of our webcasts

2017 has been the year of artificial intelligence and machine learning. The advancements here will continue for years to come—but what can we expect in 2018? Data is on the rise, placing an even greater emphasis on security, cloud, and open source. Jason Warner, SVP of Technology, shares his predictions on the major technology trends for 2018.

Data will rule all

Over the last several years, Cloud 1.0 has been about computing in big clouds, while Cloud 2.0 is all about data. This includes data movement and the tools and services that support it, like analytics and machine learning systems. Today all companies are data companies, whether they know it or not. In 2018, so long as teams know how to use it, data will become their greatest asset.

The workflow war will heat up—and so will mergers and acquisitions (M&A)

The pressure is on for businesses to capture developers’ attention and expand the cloud ecosystem. Mergers and acquisitions will heat up as big tech companies snatch up smaller ones focusing on the developer experience, solving infrastructure problems, and building better workflow tools. At GitHub, we'll have a crucial role in integrating development platforms between these companies.

Open source will keep climbing the stack

A decade ago, Linux was a big deal. Now it’s standard. Back in the day, companies like Amazon, Google, and Microsoft were forced to build their own, proprietary tools because no other software existed to meet their needs. Many of these frameworks have since been open sourced—and other open source technologies, like Kubernetes, are becoming integral to developers' workflows. This shift is changing what companies are investing in, making open source software traditional software's biggest competitor.

Infrastructure will have its Ruby on Rails moment

New tools will help developers get their ideas to production faster and save them time turning knobs under the hood. With applications taking some of the infrastructure burden off developers, they'll be free to focus on the stuff they care about most—building, growing, and evolving their projects and products.

Security will move into the spotlight, permanently

Security needs to be built into code development, not added in production. Many of the world’s critical systems still aren’t hardened enough—and their surface area is only getting bigger. The steady stream of malware attacks we saw this year will only become more frequent. As a result, we’ll start to see significantly more financial and development resources allocated to security. We’ll also see the rise of more intelligent systems, eventually culminating in a series of automatically secured layers.

Our free and open internet will be stress tested

The fragility of net neutrality and the rise of country-specific data localization laws will undoubtedly test the resilience not only of the internet—but also the fabric of global society and how businesses work together worldwide. 2018 will decide the future of net neutrality, and we'll feel the impact no matter the outcome. In the meantime, join us in the fight for net neutrality in the U.S. before the FCC votes on December 14.

Today’s software is increasingly interconnected and interdependent. There’s a good chance your project relies on someone else's, and if your project is public that others might rely on it, too. GitHub's new dependency graph gives you insight into the projects your code depends on and the projects that depend on your code.

Join GitHub Product Manager Miju Han and Trainer Matt Desmond to learn how to use your dependency graph to assess the security of your projects—and how to take action using suggested fixes. We’ll also discuss the future of security and the GitHub platform, including security alerts and additional language support. We'll also cover our approach to code security.

The webcast will take place December 19th at 12:30 pm PT. We hope to see you there!

Sign up

Home to over 80 million specimens from across the globe, the Natural History Museum is on a constant mission to make its collections more accessible by taking them from physical drawers to digital catalogs. To support their online collections, the Museum has developed specialized resources, like Inselect—a cross-platform, open source desktop application that automates how scientists digitize specimens. Using Inselect, researchers can crop images from whole-drawer scans, as well as similar images generated by digitizing museum collections.

Speeding up a creepy-crawly process

The museum initially developed Inselect for a simple purpose: to identify individual specimens from a drawer of samples in order to digitally categorize each. This isn’t a quick task—the Natural History Museum houses an estimated 33 million insect specimens in 130,000 drawers. Processed manually, it takes about an hour to categorize a drawer of specimens. Inselect, on the other hand, can do the same job in five to 10 minutes, depending on the complexity of the drawer.

Open source, open access

Despite its name, Inselect isn't just for insect specimens. Researchers and archivists can use the application for all sorts of projects that require cataloguing and categorizing for digital collections. In addition to working across a range of digital collections, Inselect operates on Windows and macOS under an open source license, allowing scientists and research institutes anywhere instant access rare specimens and providing a significant boost to the Natural History Museum’s digitization plans.

The Natural History Museum is by no means short of material to digitize. Researchers have adapted Inselect to look at slide digitization and have used to catalogue around 100,000 microscopic slides. The Digital Collections Programme at the museum is looking into digitizing more than just insects; they plan to make much larger artifacts such as fossils and skeletons available online, too. The scale of these artifacts, however, presents an entirely different challenge—but one that future open source software may well be able to solve.

By open sourcing Inselect, the Museum has provided a tool for other organizations to use, too. They've endorsed the Science International Open Data Accord and operate an open-by-default policy on their scientific collections. One result is the University of Sheffield’s project ‘Mark my bird’—a research project on the diversity of bird bills based on birds from their collection.

See Inselect in action

Two years ago, we breathed a collective sigh of relief when the Federal Communications Commission (FCC) passed the Open Internet Order—regulations allowing people to freely access and interact with information online, and protecting them from potential discriminatory practices by internet service providers.

In 2016, the Court of Appeals for the District of Columbia, also known as the D.C. Circuit, gave us additional comfort when it upheld the regulations despite a challenge from the telecommunications industry.

Unfortunately, things change. Now an effort to repeal the order is underway, and we’re asking our community to once again help us protect net neutrality and rally behind a free and open internet.

Join us in the fight for net neutrality

The latest challenge

Earlier this year, FCC chairperson Ajit Pai expressed his intentions to get rid of the 2015 order. We wrote about this in July and joined more than one thousand companies urging the commissioner to reconsider. Despite widespread outcry from individuals and organizations alike, last week Pai made good on his intentions and released his proposal.

In response, Pai’s colleague Commissioner Mignon Clyburn released a fact sheet explaining the proposal while Commissioner Jessica Rosenworcel penned an op-ed urging the public to “make a ruckus” and essentially save the FCC from itself.

Net neutrality is an issue that transcends party lines. A recent Morning Consult and Politico Poll indicated that Republican and Democratic support for net neutrality rules is essentially the same, differing only by a couple of percentage points.

Why it matters

Net neutrality gives developers the freedom to build and ship software without being potentially blocked, throttled, or tolled by internet service providers. The result has been vast opportunity for developers. It's crucial that public policy support expands the opportunity to participate in the software revolution. Undermining net neutrality at a time of concern about consolidation and inequality is precisely the wrong move—directly harmful to developers’ ability to launch new products and eroding trust that the internet is a force for innovation and opportunity.

What you can do

On December 14, the FCC will vote on Pai’s proposal—and it’s expected to pass. Supporters of net neutrality are already gearing up for another court battle. In the meantime, the U.S. Congress could attempt a legislative fix.

As this discussion evolves and net neutrality is continuously challenged, it’s important that your congressperson knows where you stand. Let them know that you’re energized and that you continue to stand in solidarity with the majority of people who support robust, net neutrality protection.

Call your U.S. congressperson today and urge them to oppose efforts to roll back net neutrality.

Another Hacktoberfest has come and gone, and we couldn't be more proud of your contributions. With over 200,000 merged pull requests in almost 65,000 repositories, you made this our biggest Hacktoberfest yet. You worked hard, and with those special edition shirts—you looked good doing it. Congratulations!

From Berlin to Bangalore, almost 32,000 people worked on Hacktoberfest projects in more than 100 community-organized Hacktoberfest events.

Thank you

Thanks to all of the open source maintainers who prepared and merged issues for participants. You kept the projects flowing, and you were a big part of this event's success.

We also want to thank our friends at DigitalOcean for their support of the open source community, and for sponsoring this year's Hacktoberfest. This event wouldn't be possible without you.

What's next

You don’t have to wait until Hacktoberfest 2018 to work on your next open source project!

Searching for something to work on? Check out our redesigned Explore or "help wanted" projects.

Looking for your Hacktoberfest shirt? If you registered and completed four pull requests but haven't received an email about your shirt, reach out to hacktoberfest@digitalocean.com.

Just over a year ago Jekyll, the open source project that powers GitHub Pages, introduced shared themes. Since then, you've been able to use about a dozen themes to change the look and feel of your GitHub Pages site.

Starting today, you can use any of the hundreds of community-curated themes on GitHub.com. To build your site with any public, GitHub-hosted theme, add the following to your site's _config.yml file:

remote_theme: owner/name

Replacing owner and name with the repository's owner and name.

And if you're interested in making your Jekyll theme available to other users, simply follow the instructions for creating a Gem-based theme, and ensure the repository is public.

For more information, see the Jekyll theme documentation or get in touch.

24 Pull Requests is an annual community-organized event encouraging developers to give back to open source projects over the holiday season. Be part of this year's giving by submitting 24 pull requests between December 1 and December 24.

Last year, almost 3,000 developers gave the gift of code to over 6,000 different open source projects. And now, with the 24 Pull Requests web app, you can get information about the event, find projects that need your help, and even visualize your contributions in a calendar.

Whether it's fixing a bug or adding documentation, there are plenty of projects that could use your help! To give back, just sign in with your GitHub account on the 24 Pull Requests site and they'll help you track your contributions.

Give the gift of code

We welcome our robot overlords—or at least ones that fit conveniently on human-sized desks! Hubot, your friendly robot sidekick, is now in the GitHub Shop and ready to help you deploy into the future. Hubot may be made of metal (or vinyl in figurine form), but this six-inch robot is here to warm up the workspaces of developers everywhere this holiday season. And with the start of our Cyber Sale, you can get yours for less.

Find a Hubot for your home

Get 30% off all GitHub gear

This year, we’re extending our Cyber Sale to make sure you’ve got plenty of time to save on hoodies, stickers, and robots. Just use code GHSALE2017 at checkout to get 30% off your order, and free shipping on orders over $75, November 24-29.

Shop the Sale

Working together on software is so much more than writing code. Processes like planning, analysis, design, user research, documentation, and general project decision-making all play a part in the build process. Now there's a new way to talk through projects with your team.

Give every conversation a home (and a URL)

Team discussions provide your team and organization members a place to share information with each other. Gone are the days of having your issues cluttered with discussions or your pull requests flooded with lengthy conversations that aren’t related to your code changes. Team discussions give those conversations a home and a URL on GitHub, so they can be shared easily across the platform or saved to reference later.

Start discussions from your dashboard

To get started with team discussions, navigate to your dashboard while logged in and choose a team from the new "Your teams" section on the right sidebar. Then click on your team to go to the discussion view. From there you can start a new discussion or join in on an existing one.

Chat with your team in public or private

All organization members can see your discussion posts by default. Mark your post as private if you have something more sensitive to share. Only direct team members will have access to the private post and its replies.

Building on top of the nested teams functionality, notifications cascade from parent to children teams making it even easier to share important information throughout your organization.

Get updates on conversations you care about

Having trouble staying in the know about what other teams within your organization are working on? Watch a team that you're not a member of to stay up to date on their public discussion activity. If you’re worried about getting too many notifications, that's okay, too! You can always subscribe or unsubscribe to individual posts or decide to un-watch an entire team if the flow of information is too much.

Support for team discussions in the GitHub API v3 and v4 and GitHub Enterprise is coming soon—and stay tuned for even more features, and functionality. Our goal is to provide you with a place to organize your thoughts, discuss ideas, and work through your team's toughest problems on GitHub.

To learn more, check out the documentation!

Last month, we made it easier for you to keep track of the projects your code depends on with the dependency graph, currently supported in Javascript and Ruby. Today, for the over 75 percent of GitHub projects that have dependencies, we’re helping you do more than see those important projects. With your dependency graph enabled, we’ll now notify you when we detect a vulnerability in one of your dependencies and suggest known fixes from the GitHub community.

How to start using security alerts

Whether your projects are private or public, security alerts get vital vulnerability information to the right people on your team.

Enable your dependency graph

Public repositories will automatically have your dependency graph and security alerts enabled. For private repositories, you’ll need to opt in to security alerts in your repository settings or by allowing access in the Dependency graph section of your repository’s Insights tab.

Set notification preferences

When your dependency graph is enabled, admins will receive security alerts by default. Admins can also add teams or individuals as recipients for security alerts in the dependency graph settings.

Respond to alerts

When we notify you about a potential vulnerability, we’ll highlight any dependencies that we recommend updating. If a known safe version exists, we’ll select one using machine learning and publicly available data, and include it in our suggestion.

Vulnerability coverage

Vulnerabilities that have CVE IDs (publicly disclosed vulnerabilities from the National Vulnerability Database) will be included in security alerts. However, not all vulnerabilities have CVE IDs—even many publicly disclosed vulnerabilities don't have them. We'll continue to get better at identifying vulnerabilities as our security data grows. For more help managing security issues, check out our security partners in the GitHub Marketplace.

This is the next step in using the world’s largest collection of open source data to help you keep code safer and do your best work. The dependency graph and security alerts currently support Javascript and Ruby—with Python support coming in 2018.

Learn more about security alerts