GitHub Satellite 2020: Gone Remote, but Not Forgotten
Another remote event for 2020, but GitHub Satellite still managed to pack some impressive feature announcements, and a good dose of humor in these trying times.
Join the DZone community and get the full member experience.Join For Free
Like so many events this year, GitHub's annual state of the union and feature announcement event went online. However, as I typically watch the keynotes from a satellite meetup in Berlin anyway, it wasn't that different for me this year. As this period of online-first events progresses, organizers and presenters are finding new ways to make the format work, and Satellite was no different. It kicked off with a live-coded DJ set from Sam Aaron, followed by a slightly awkward staged entrance from CEO Nat Friedman where he pretended to be eating his breakfast and to have forgotten about the keynote. Still, humor helps us through these dark times, and it wasn't too awkward.
Anyway, on to the announcements; there were a lot, and a handful were significant.
In beta for a few months, discussions bring features to repositories for people to discuss ideas that don't suit pull requests or issues.
You can search across discussions, and there are filters for "answered" and "unanswered," a variety of sorting options, the ability to "bump" a discussion, and mark answers as "the answer," discussions are even (joy oh joy), threaded.
For someone like me who often wants to propose ideas to a project, such as documentation or marketing that don't always suit issues or pull requests because they are literally "discussions". It's a long-overdue feature.
Just don't mention it to the makers of Stack Overflow or Discourse, as they may not be quite so happy about it.
Code and Secret Scanning
Building upon a suite of features, GitHub has announced over the past years to help identify problems with code. After acquiring Semmle last year, this feature set expands into semantic code analysis for every code push. The feature uses CodeQL that lets you query code as if it were data to find patterns and variant of a potential issue, and fix them.
Secret scanning is now available for private repositories. It was available for public repositories since 2018 and now builds upon learnings and partnerships with AWS, Azure, Google Cloud, npm, Stripe, and Twilio to help stop common keys and tokens leaking around the internet.
Any public project can use the features, so let's hope this helps more open-source projects become more secure and stable.
Easily the standout announcement was Codespaces, Visual Studio Code (VSC) in the browser, plus instant environments. After switching from Atom a year or two ago, I have been a big fan and heavy user of VSC (I am writing this article in it), and also maintain a couple of extensions for it. Thanks to one of those extensions, I hade a vague awareness that it was increasingly possible to run VSC in the browser, as someone had reported using one of my extensions in a browser-based version on a Chromebook. I am not a big fan of the trend of "everything-in-the-browser," but I understand it's power and appeal.
Beyond offering VSC in the browser, Codespaces adds a compelling feature for frequent contributors to multiple projects, what I call "instant environments". When you launch an instance of Codespaces from a project, it loads all project dependencies and recommended extensions. While GitHub didn't announce it, I think it's likely there will be a way to declare additional VSC extensions to load too.
If you'd rather use your desktop version of VSC, you can also start a codespace in GitHub and connect to it from your desktop using the remote development feature.
I am signing up for beta access, at the least to test if my various extensions work with it.
GitHub has not finalized pricing for Codespaces. Code-editing functionality in GitHub will always be free, but if you use Codespaces cloud environments, they plan to offer pay-as-you-go pricing. Codespaces is free to use during the limited beta.
Sneaking in almost as an afterthought, but bringing GitHub more inline with GitLab, was the announcement of plans for fully-managed, completely isolated instances of GitHub. Private Instances provides enhanced security, compliance, and policy features, including bring-your-own-key encryption, backup archiving, and compliance with regional data sovereignty requirements.
Opinions expressed by DZone contributors are their own.