GitHub will mandate 2FA to help secure the software supply chain

GitHub will require all users who contribute code on the platform to use 2FA as part of its latest security improvements.

Attacks on the software supply chain are on the increase. GitHub, which has over 83 million code-contributing users, is stepping up to the plate to protect developers and the software supply chain with this major policy change announcement.

“At GitHub, we believe that our unique position as the home for all developers grants us both an opportunity...

GitHub notifies victims of OAuth token theft

GitHub is notifying known victims of an ongoing attack using stolen third-party OAuth user tokens.

OAuth user tokens maintained by Heroku and Travis CI were stolen and abused by an unauthorised party to download data from dozens of organisations, including npm.

Mike Hanley, Chief Security Officer at GitHub, wrote in a blog post:

“We have high confidence that compromised OAuth user tokens from Heroku and Travis-CI-maintained OAuth applications were stolen and...

GitHub’s Mermaid support enables developers to quickly create diagrams

GitHub has added native support for Mermaid—enabling developers to quickly generate diagrams.

According to GitHub, both open-source and enterprise developers see a productivity boost of around 50 percent when provided with detailed documentation. Rich, visual formats often help to better present information.

Last month, GitHub added support for .svg files to comments in issues, PRs, discussions, and Markdown files like READMEs. However, GitHub says that it recognises...

GitHub incentivises open-source investments with sponsor-only repos

GitHub is launching private repositories that only sponsors have access to, helping to incentivise open-source investments.

Open-source mostly relies on developers voluntarily giving up their time to build and improve projects. Priority is naturally given to work that helps to keep a roof over their heads and food on the table—meaning that open-source projects can be underdeveloped at best or be left with devastating vulnerabilities at worst.

A growing number of...

Open-source can play a critical role in tackling the UK’s developer shortage

It is no secret that developers have never been more in demand. According to a recent analysis, the shortage of “programmers and software development professionals” only ranks behind HGV drivers and nurses as the occupation where worker shortages are most acute in the UK.

The sheer pace of digital transformation across every industry means the demand for developer talent continues to outstrip supply at a rapid rate – and the situation shows no sign of abating. Just about...

GitHub launches preview of improved code search

GitHub is making significant improvements to its code searching experience and has launched a technology preview for an early peek.

The current search index covers more than five million of the most popular public repositories. In addition, developers can also search any private repositories they have access to.

GitHub recommends trying five search functions to see how they could improve your workflow:

Try a simple search and see how the smart ranking and...

GitHub Octoverse 2021: Developer diversity is increasing, code is shipping faster than ever

The 2021 edition of GitHub’s annual Octoverse report highlights a welcome increase in the diversity of the developer community alongside many other interesting trends.

According to the report, almost 60 percent of active GitHub users are now distributed outside North America. The world’s largest repo service is seeing the fastest user growth in Indonesia, Brazil, India, Russia, Japan, Germany, Canada, the UK, and China.

Developers are both writing and shipping code...

Thomas Dohmke will be GitHub’s new CEO

Thomas Dohmke is taking over from Nat Friedman to become GitHub’s new CEO.

Dohmke co-founded HockeyApp – a service to help distribute beta versions of apps and get analytics and crash reports – in 2011, to solve some of his paint points as a developer.

He took this passion for solving pain points to GitHub in 2018 after leading Microsoft’s acquisition of GitHub alongside Friedman.

In a blog post, Dohmke wrote:

“Leading the home for all...

Linus Torvalds: GitHub creates ‘absolutely useless garbage’ merges

Linux and Git creator Linus Torvalds has criticised GitHub for creating “absolutely useless garbage merges”.

Torvalds’ comment can be viewed in an archive of a Linux development mailing list and was directed at Konstantin Komarov, Founder and CEO of Paragon Software, about the submission of its read-write NTFS driver for the upcoming 5.15 kernel.

“github creates absolutely useless garbage merges, and you should never ever use the github interfaces to merge...

GitHub Discussions exits beta to help boost developer communities

GitHub’s collaboration-driving feature Discussions is exiting beta to help developer communities thrive.

Discussions enable developers to make repos fun, collaborative, and engaging spaces with features like the ability to pin big announcements, label discussions, mark the most helpful answers, personalise categories, and respond on-the-go via mobile.

Later this year, GitHub will be adding two more features:

Ask your community with polls. With the new Polls...