It's that time of the year again when GitHub does its show'n'tell of features – some new and others kinda new

Universe event reveals iterative improvements but no big bang


Microsoft's GitHub social code motel begins its two-day Universe happening on Wednesday, bringing with it assorted enhancements to its developer-oriented products and services.

The renovation and refurbishment at GitHub is a constant state of affairs. Since last year's Universe show, said chief product officer Thomas Dohmke in a post provided to The Register earlier this week, there have been more than 20,000 enhancements to GitHub. Despite this constant drizzle of change, the company likes to hold periodic events to mark its introductions, fixes, and changes.

There are no new major announcements along the lines of 2018's GitHub Actions or Copilot from earlier this year. Rather, GitHub has made previously teased services available and has expanded the scope of existing ones.

GitHub Issues, a tracking-and-discussion system for posts related to a code repository, got a redesign in June but it was labelled as beta-grade software. Well, the software is still in beta, but now at least everyone using GitHub can try reworked Issues without signing up.

The result is a much more customizable interface that provides the ability: to switch project views from boards to spreadsheet-style tables; to filter, sort, and arrange group issues and pull requests; and to turn tasks into a hierarchy of issues.

Another beta service, GitHub Discussions – created to move pure chatter out of Issues (which is intended for dealing with code correction) – was introduced last year and has now incorporated the ability to trigger Actions workflows on the Discussion and DiscussionComment webhook events. Discussions also now support custom labels for filtering and categorizing board warrior gabbing. And the GitHub Mobile app now provides access to Discussions.

Coming soon, according to Dohmke, is the ability to create Polls in Discussions and a community insights dashboard.

Make space

Codespaces, introduced last year, provide Team and Enterprise account holders with a cloud-based development environment that can be accessed from a browser-based version of Microsoft's Visual Studio Code or a local code editing app.

Dohmke said GitHub earlier this year moved its engineering teams to Codespaces, which led to a reduction in time required to spin up a dev environment, from 45 minutes down to 10 minutes. The implication is that you too should try Codespaces.

And to help make that happen, GitHub has made environment creation easier with one-click setup, CLI support, a new beta REST API for managing machine types and secrets, access controls for forwarded ports, and automatic authentication to the GitHub Container Registry.

GitHub Copilot isn't yet publicly available – there's still a waitlist – but the invited beta test group continues to expand. Two of us at El Reg gained access a few days ago and we can confirm that the AI code assistant is impressive when it gets things right, which happens often but not even nearly always.

It's a bit like speech recognition in Google Assistant before it got good enough to avoid being the subject of jokes. It won't be long until Copilot becomes reliable enough that developers will be able to participate in pair programming without anyone else around.

Copilot, however, is becoming more diverse in the editors it supports – it should now work with Neovim and JetBrains IDEs like IntelliJ IDEA and PyCharm. The AI helper's understanding of Java has also been improved such that it can handle multiline completions in Java.

Meanwhile, GitHub Actions has seen a few recent updates. These include reusable workflows, an API for managing self-hosted infrastructure, and OpenID Connect (OIDC) support for rotating secrets per deployment at cloud providers like AWS, Azure, and GCP.

There's a new command palette public beta that can be invoked with a single shortcut command – command k on macOS or control k on Windows and Linux.

Also, GitHub's CodeQL, which analyzes repos for security issues, has been expanded to cover the Ruby programming language, alongside C/C++, C#, Go, Java, JavaScript/TypeScript, and Python.

And finally, GitHub Enterprise Cloud has received two security updates. It now supports Enterprise Managed Users, for administering enterprise identities, and custom repository roles, to provide people with custom permission levels when accessing repos.

That's GitHub's Universe in a nutshell. ®

Broader topics


Other stories you might like

  • Lonestar plans to put datacenters in the Moon's lava tubes
    How? Founder tells The Register 'Robots… lots of robots'

    Imagine a future where racks of computer servers hum quietly in darkness below the surface of the Moon.

    Here is where some of the most important data is stored, to be left untouched for as long as can be. The idea sounds like something from science-fiction, but one startup that recently emerged from stealth is trying to turn it into a reality. Lonestar Data Holdings has a unique mission unlike any other cloud provider: to build datacenters on the Moon backing up the world's data.

    "It's inconceivable to me that we are keeping our most precious assets, our knowledge and our data, on Earth, where we're setting off bombs and burning things," Christopher Stott, founder and CEO of Lonestar, told The Register. "We need to put our assets in place off our planet, where we can keep it safe."

    Continue reading
  • Conti: Russian-backed rulers of Costa Rican hacktocracy?
    Also, Chinese IT admin jailed for deleting database, and the NSA promises no more backdoors

    In brief The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn't pay a $20 million ransom. 

    Costa Rican president Rodrigo Chaves said that the country is effectively at war with the gang, who in April infiltrated the government's computer systems, gaining a foothold in 27 agencies at various government levels. The US State Department has offered a $15 million reward leading to the capture of Conti's leaders, who it said have made more than $150 million from 1,000+ victims.

    Conti claimed this week that it has insiders in the Costa Rican government, the AP reported, warning that "We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power, you have introduced an emergency." 

    Continue reading
  • China-linked Twisted Panda caught spying on Russian defense R&D
    Because Beijing isn't above covert ops to accomplish its five-year goals

    Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research.

    The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, if not nearly a year, according to the security shop.

    In a technical analysis, the researchers detail the various malicious stages and payloads of the campaign that used sanctions-related phishing emails to attack Russian entities, which are part of the state-owned defense conglomerate Rostec Corporation.

    Continue reading
  • FTC signals crackdown on ed-tech harvesting kid's data
    Trade watchdog, and President, reminds that COPPA can ban ya

    The US Federal Trade Commission on Thursday said it intends to take action against educational technology companies that unlawfully collect data from children using online educational services.

    In a policy statement, the agency said, "Children should not have to needlessly hand over their data and forfeit their privacy in order to do their schoolwork or participate in remote learning, especially given the wide and increasing adoption of ed tech tools."

    The agency says it will scrutinize educational service providers to ensure that they are meeting their legal obligations under COPPA, the Children's Online Privacy Protection Act.

    Continue reading
  • Mysterious firm seeks to buy majority stake in Arm China
    Chinese joint venture's ousted CEO tries to hang on - who will get control?

    The saga surrounding Arm's joint venture in China just took another intriguing turn: a mysterious firm named Lotcap Group claims it has signed a letter of intent to buy a 51 percent stake in Arm China from existing investors in the country.

    In a Chinese-language press release posted Wednesday, Lotcap said it has formed a subsidiary, Lotcap Fund, to buy a majority stake in the joint venture. However, reporting by one newspaper suggested that the investment firm still needs the approval of one significant investor to gain 51 percent control of Arm China.

    The development comes a couple of weeks after Arm China said that its former CEO, Allen Wu, was refusing once again to step down from his position, despite the company's board voting in late April to replace Wu with two co-chief executives. SoftBank Group, which owns 49 percent of the Chinese venture, has been trying to unentangle Arm China from Wu as the Japanese tech investment giant plans for an initial public offering of the British parent company.

    Continue reading
  • SmartNICs power the cloud, are enterprise datacenters next?
    High pricing, lack of software make smartNICs a tough sell, despite offload potential

    SmartNICs have the potential to accelerate enterprise workloads, but don't expect to see them bring hyperscale-class efficiency to most datacenters anytime soon, ZK Research's Zeus Kerravala told The Register.

    SmartNICs are widely deployed in cloud and hyperscale datacenters as a means to offload input/output (I/O) intensive network, security, and storage operations from the CPU, freeing it up to run revenue generating tenant workloads. Some more advanced chips even offload the hypervisor to further separate the infrastructure management layer from the rest of the server.

    Despite relative success in the cloud and a flurry of innovation from the still-limited vendor SmartNIC ecosystem, including Mellanox (Nvidia), Intel, Marvell, and Xilinx (AMD), Kerravala argues that the use cases for enterprise datacenters are unlikely to resemble those of the major hyperscalers, at least in the near term.

    Continue reading

Biting the hand that feeds IT © 1998–2022