- Codespaces can be configured by developers to load their code and dependencies, developer tools, extensions, and dotfiles
- GitHub said that it has not finalised the pricing for Codespaces but also mentioned that code-editing functionality in the codespaces IDE will always be free
GitHub has announced various new features and updates in its online Satellite 2020 event. These include GitHub Codespaces, GitHub Discussions, Code scanning, and secret scanning and GitHub Private Instances.
Github said that GitHub Codespaces is a complete dev environment within GitHub that lets developers contribute immediately. It said that every repository has its own way of configuring a dev environment, which often requires dozens of steps before developers can write any code. Sometimes, the environment of two projects they are working on, conflict with one another.
Browser-based version of the full VS Code editor
GitHub Codespaces will give developers a fully-featured cloud-hosted dev environment that spins up in seconds directly within GitHub as per the company. Codespaces can be configured by developers to load their code and dependencies, developer tools, extensions, and dotfiles. The company said that switching between the environment has also been made simple and can be navigated away any time and when switched back, the codespace is automatically reopened.
Codespaces in GitHub include a browser-based version of the full VS Code editor. It has support for code completion and navigation, extensions, terminal access. If a developer prefers to use his/her desktop IDE, he/she will be able to start a codespace in GitHub and connect to it from his/her desktop.
GitHub said that it has not finalised the pricing for Codespaces but also mentioned that code-editing functionality in the codespaces IDE will always be free. GitHub plans to offer simple pay-as-you-go pricing similar to GitHub Actions for computationally intensive tasks such as builds. During the beta, Codespaces is free.
Maneesh Sharma, general manager, GitHub India said, “Thousands of communities live on GitHub and today’s announcements reaffirm our commitment to foster them, help remove barriers, and connect new communities. By introducing GitHub Codespaces, GitHub Discussions and GitHub Advanced Security features, we are making the entire software development supply chain more collaborative and secure, and bringing the development environment to wherever developers want to work.”
Community’s knowledge base grows naturally
GitHub said that software communities brainstorm feature ideas, help new users get their bearings, and collaborate on the best ways to use the software. Till now, GitHub only offered issues and pull requests as places to have these conversations. The company said, “But issues and pull requests both have a linear format—well suited for merging code, but not for creating a community knowledge base. Conversations need their own place—that’s what GitHub Discussions is for. “
It said that discussions live in the project repository which makes them accessible where the community is already working together. The threaded format makes it easy to start, respond to, and organize unstructured conversations. Questions can be marked as answered. This ensures that over time, a community’s knowledge base grows naturally. It added that because discussions are not closed the way issues are, they can serve as a place for maintaining FAQs and other collaborative documentation. GitHub is in beta with a few open source communities and will be making Discussions available to other projects soon.
Collaborating in software communities requires tools to help consume and produce code safely and keep each other secure from own mistakes. GitHub had announced the acquisition of Semmle last year and introduced code security in developer workflows on GitHub.
Code scanning
Github said that it is expanding its products with two new cloud betas. Code scanning will be available as a GitHub native experience. The company said, “With code scanning enabled, every `git push` is scanned for new potential security vulnerabilities, and results are displayed directly in the pull request. Code scanning uses the world’s most advanced semantic analysis engine, CodeQL, which has an unmatched record finding real vulnerabilities. GitHub is making code scanning free for open source to help keep the world’s most important software secure. Any public project can sign up.”
It added that secret scanning will be available for private repositories. This feature (formerly named token scanning) has been available for public repositories since 2018. The company said that it has worked with many partners to expand coverage. This includes AWS, Azure, Google Cloud, npm, Stripe, and Twilio. It said that no secret scanning also watches private repositories for known secret formats and immediately notifies developers when they are found. Code scanning and secret scanning are available for free for all public repositories, and available as part of GitHub Advanced Security
Backup archiving
GitHub said that enterprises rely on communities on GitHub to build and use the software. It wants every enterprise to do so with confidence, no matter how strict their requirements are for security and compliance. GitHub Private Instances is a fully-managed option for enterprise customers. The company said, “Private Instances provides enhanced security, compliance, and policy features including bring-your-own-key encryption, backup archiving, and compliance with regional data sovereignty requirements.”