Fifteen years ago, the first line of code was committed to build GitHub. Since then, our purpose has been to equip developers with everything they need to be their best. This mission has remained the same through every iteration of the GitHub platform. But as software continues to advance in all aspects of our work and life, running, maintaining, and building software for a global population creates immense complexity for developers.
We are at a turning point, and it’s time for a new developer experience.
GitHub has built the one, integrated platform that gives developers the tools to be creative, to be happier, and to build the best work of their lives. Let’s take a look at everything we announced this week at Universe across our entire platform to enable this new developer experience.
Redefine what’s possible
Every once in a while, a new technology comes along that changes everything. Just like the use of programming languages and open source revolutionized the industry, AI is transforming the future of software development. And GitHub is at the center of it all. GitHub Copilot is an AI pair programmer that uses OpenAI Codex to suggest code and entire functions in real time, right from your editor.
AI will soon be integrated into every aspect of the developer experience, and, therefore, we’re making GitHub Copilot even more accessible. Coming soon, businesses can purchase and manage seat licenses for GitHub Copilot for their employees.
Business over busy work: GitHub Copilot for business helps you increase developer productivity by 55% with AI-based coding suggestions.
Coming soon, businesses can purchase and manage seat licenses for GitHub Copilot for their employees. This will give businesses the proven benefits of core AI-assisted technologies, as well as added admin controls for various GitHub Copilot settings on behalf of your organization. We’ve measured the impact GitHub Copilot has on developer happiness since it launched for individuals. Because of how GitHub Copilot understands natural language and code, it gives you WAY more than just a productivity boost. It helps you focus on business logic-over-boilerplate, and discover ideas you might not have otherwise considered. All from the comfort of your editor.
Join the waitlist to see what doors AI can open for your business!
An experiment from GitHub Next: “Hey, GitHub!” enables voice-based interaction with GitHub Copilot, enabling the benefits of an AI pair programmer while reducing the need for a keyboard.
If GitHub Copilot is our pair programmer, why can’t we talk to it? That’s exactly what the GitHub Next team is working towards. “Hey, GitHub!” enables voice-based interaction with GitHub Copilot and more. With the power of your voice, we’re excited about the potential to bring the benefits of GitHub Copilot to even more developers, including developers who have difficulty typing using their hands. “Hey, GitHub!” only reduces the need for a keyboard when coding within VS Code for now, but we hope to expand its capabilities through further research and testing.
“Hey, GitHub!” is an experiment by the folks in GitHub Next, and they’d love to get your feedback. Join the waitlist and let us know what you think.
Collaborating on projects and tinkering with new technologies is how developers hone their crafts. But getting started in a new codebase or with a new tool can feel daunting. Getting all of the right dependencies downloaded, setting up your environment, and making sure your hardware is up to snuff is a project unto itself. We’re ready to make that easier. With GitHub Codespaces and new search and navigation functionality, you can easily find what you need to keep you in the flow.
Ready when you are: now, individual developers will get up to 60 hours of GitHub Codespaces for free every month to start building in seconds.
Today, we’ve made GitHub Codespaces available to individual users (Free and Pro) and we are including up to 60 hours of Codespaces for free every month. GitHub Codespaces provides an on-demand cloud development environment so developers can start building in seconds. Last year, when we made Codespaces available to GitHub Team and Enterprise Cloud customers, we saw how it reduced the time it takes to onboard new developers and improve the developer workflow. Yet this problem still exists for developers and maintainers of open source projects. By removing the complexity of managing a dev environment and having to own a powerful machine, we hope to increase the number of developers in the world, so that anyone can create, collaborate, and innovate from the cloud.
Through our partnership with JetBrains, developers can now use the IDE of their choice on GitHub Codespaces. We’ve also added JupyterLab in Codespaces, in public beta, so that machine learning and data scientists can get the full IDE experience. JupyterLab support is even more powerful when combined with GPU-powered codespaces. GPU access is in private preview; you can request early access here.
You can try GitHub Codespaces through LinkedIn Learning’s 50+ Codespaces-enabled courses that cover six programming languages and topics including data science and machine learning. Take these courses for free through February 2023.
Browsing made better: code search and code view enable you to rapidly search, navigate, and understand code, right from GitHub.com.
Code search has a powerful new interface that allows developers to construct queries with suggestions, offers completions, and provides the ability to slice and dice results, bringing you relevant results with incredible speed. 🔎
Code view also has an entirely new redesign, which tightly integrates search, browsing, and code navigation, allowing developers to rapidly traverse their code to find answers. It puts code in context, showing where it fits into the rest of the repository, and enables developers to easily browse files across their repository.
These two features will change the way you navigate on GitHub.com by helping you find the right code faster and organizing work to improve your collaboration within and across repos.
Join the waitlist to get set up.
Plan and track your work, in the same place you build
We’ve made over 100 new features and updates since we launched the new GitHub Projects last Universe.
Planning and tracking are at the heart of how great development teams operate. We believe that developers deserve a planning tool that’s centered around them. One that seamlessly integrates with their existing workflows, and, more importantly, one they actually enjoy using! That’s why we built GitHub Projects to be developer-first and truly flexible. GitHub Projects not only adapts to your current planning processes, it encourages you and empowers you to evolve and iterate as you go.
Your organizational buddy: roadmap empowers you to keep an eye on the timing and progress of your work and share it with anyone.
Roadmap provides the next level visualization of your projects. 👀 Alongside tables and boards, you can create a roadmap view to visualize your work items across a timespan, plan and track a body of work over time, or watch the progress towards a deadline. With the full picture of timing and progress, you can easily communicate with all stakeholders to keep them up to date. 🖼️
Markdown reimagined: Tasklists decomposes issues into tasks, converts tasks to issues, visualizes your relationships in GitHub Projects, and more—all in a polished, new UI.
We love a good checklist, but sometimes you just need to break it down a little more. The new Tasklists UI shows meta-data-like assignees and labels, and allows you to quickly decompose work into sub-tasks, then convert them to GitHub Issues with a click.
Tasklists are deeply integrated with GitHub Projects, and you can use new fields like “tracked by” and “tracks” to get a birds-eye view across your parent and child issues.
And, under the hood, it’s all just Markdown. 😎
Roadmap and Tasklists will be available soon. Join the waitlist to try them out when they are ready.
Projects in your pocket: Projects on GitHub Mobile brings the power of GitHub to the palm of your hand, enabling you to contribute and collaborate from anywhere.
Keep things moving. ▶️ GitHub Mobile now has more features to let you do what you need from your phone, including accessing GitHub Projects, running GitHub Actions for your workflows, and editing files in pull requests. 📱
Quickly get into your recent projects to edit custom fields and switch views so you can find what you need with easy‐to‐read metadata tags—available today from Google Play (Beta) or iOS TestFlight.
Power your business at scale
GitHub is the foundation for building software securely with increased observability across your organization, whether you host GitHub Enterprise Server or use GitHub Enterprise Cloud. Here’s what’s new for GitHub Enterprise.
Enterprise in the cloud: with GitHub Enterprise Cloud, you get access to our newest features as soon as they’re released.
With GitHub Enterprise Cloud, you get access to our newest features as soon as they’re released. Features like our new fine-grained personal access tokens that massively reduce the surface area of credential leaks from integrations, by empowering developers with fine-grained permissions and individual repository targeting, and administrators with full control over what access, is approved. Or the ability to track all of those tokens now in your enterprise audit log.
Run with the best: GitHub-hosted runners give you access to more powerful compute resources, fixed IP ranges, and increased concurrency for your workflows.
Over the last few years, GitHub Actions has become a mature CI/CD platform, and is more powerful than ever. In fact, over 10 million builds a day are happening with GitHub Actions, across Linux, Windows, and macOS. If you’re running a lot of builds, or have some time-consuming workflows, you can take advantage of GitHub Actions larger GitHub-hosted runners. These runners, the machines that execute jobs in a GitHub Actions workflow, let you build in Linux and Windows, and provide compute with up to 64 cores, and 256 GB of RAM. This ensures that no matter how enormous your codebase is, you can build, test, and deploy it in a matter of minutes.
CI/CD migration made easy: GitHub Actions Importer gets you up and running faster by planning and executing migrations from your former CI/CD tool to GitHub Actions.
We want to make sure that everyone can take advantage of GitHub Actions, even if you’ve already invested in another CI/CD platform. GitHub Actions Importer helps ease the toil of CI/CD workflow migration. With GitHub Actions Importer, users can plan and execute migrations from their former CI/CD tool to GitHub Actions so you can get up and running faster. It’s distributed as a Docker container, and an extension to the official GitHub CLI used to interact with the container automates a large portion of the migration process for even a large CI/CD footprint, saving you from tedious and error-prone manual labor.
GitHub Actions Importer will be free to any GitHub customer, no professional services contract required. Try it out today.
Fine-grained goodness: organization admins now have personal access tokens (PATs), along with developers, enabling granular control over permissions and repository access.
Fine-grained personal access tokens give developers granular control over the permissions and repository access they grant to a PAT. With this update, organization administrators are in control, too, with approval policies and full visibility for tokens that access organization resources, keeping your account secure.
Read more about fine-grained PATs on our blog.
Tap your tokens: enable authentication token data in your enterprise audit log to display for audit log events.
As a GitHub Enterprise owner, you can now enable authentication token data to display for audit log events. In doing so, you’ll be able to query your audit logs for activity associated with specific authentication tokens. This feature will better equip you to detect and trace activity associated with corrupt authentication tokens, which have the potential to provide threat actors access to sensitive private assets.
Learn more about identifying audit log events performed by an access token.
Revolutionize Internet of Things (IoT) software development: Arm Development tools are natively available inside GitHub Actions.
We’re excited to share that we have partnered with Arm to revolutionize IoT software development by making the Arm Development tools (Arm cross-compiler and Arm Virtual Hardware) natively available inside GitHub Actions cloud hosted runners to create an efficient CI workflow. Learn more.
Keep building: GitHub Enterprise Server 3.7, with 70 new features, is generally available for those who want to self-host the power of GitHub.
Today, GitHub Enterprise Server 3.7 is generally available for our customers who want the power of GitHub from inside their data center. This release includes over 70 new features, like the security overview dashboard, which is now available to all enterprise customers, and support for nesting reusable GitHub Actions workflows. New enterprise innersource policies also make it easier to collaborate across teams in any company, including the ability to restrict repositories to organizations only, and allow multiple forks of a repository within a single organization.
Read more about the latest version or sign up for your free trial.
Secure your software development lifecycle
The world runs on open source, and the software supply chain is one of the largest attack vectors today. Without insights into your code you may never know that you have vulnerabilities in your dependencies. But getting started with security can feel like a lot. GitHub makes it easy with tooling, techniques, and best practices for securing your software development lifecycle end-to-end. Here are a few new ways to put GitHub to work for you.
Shhh! Maintainers of open source repositories can now receive private vulnerability reports from the community and collaborate on a solution.
Someone has found a vulnerability in your public repository—wouldn’t you like to be the first (and only) person to know? Private vulnerability reporting is a collaborative solution for security researchers and open source maintainers to report and fix vulnerabilities in open source repositories. It provides a convenient, standardized, and secret way to report, assess, and address vulnerabilities. No more wasting time hunting down email addresses or submitting vulnerability reports via social media! Private vulnerability reporting makes it easy for community members to privately submit a report within GitHub to public repository owners, who can then take appropriate action within their GitHub workflow.
Maintainers, try it out today to bring standardization, efficiency, and discretion to your vulnerability reporting workflow.
Stay secure in Ruby: CodeQL support for Ruby is now generally available by default in GitHub.com code scanning, CodeQL CLI, and the CodeQL extension for VS Code.
CodeQL support for Ruby is now generally available. We’ve made significant improvements to CodeQL support for Ruby over the course of the beta, including doubling the amount of default queries, providing coverage for all Ruby related OWASP categories out of the box, and optimizing performance to deliver tests in less than five minutes for 90% of beta users who on average run almost 5,000 tests per day. This means that CodeQL users can easily find, identify, and fix vulnerabilities in their Ruby codebases, all within GitHub.
Ruby support for CodeQL is available by default in GitHub.com code scanning, CodeQL CLI, and the CodeQL extension for VS Code.
To celebrate, the GitHub Security Lab Bug Bounty Program will give a $2,000 bonus for the first 10 CodeQL queries to test open source projects written in Ruby that score High or Critical. Submissions will be accepted until March 31, 2023. Learn more about how to participate here.
Protection unlimited: security overview’s new risk and coverage views provide greater security visibility for GitHub Enterprise users.
Managing the security of hundreds or thousands of repositories? Security overview’s new risk and coverage views provide greater visibility for GitHub Enterprise users into their security posture and risk analysis. The coverage view gives visibility into enablement across all repositories and is complemented by the risk view that gives visibility into all alerts across these repositories. Dynamic filtering–across teams, alert types, severity and and more–means you can easily prioritize where to focus your remediation efforts.
Security coverage view
Security risk view
For more comprehensive insights into your security risk, check out the security tab of your repository.
You’re not doing all of this work alone (even though it might sometimes feel like you are), and neither are we. Open source is the backbone of the world’s software. We want to make sure that, no matter where you are in your coding journey, it’s possible to get involved with open source. We can all learn from open ways of working to break down silos in our organizations and create successful open source and innersource teams.
Open source developers build tools for the rest of us, so our job is to build the tools they need to succeed, too. One of our latest fun contributions? We’ve open sourced our signature fonts, Mona Sans and Hubot Sans, two variable fonts that you can use in your own projects. Over the last year, we’ve been hard at work to make a developer’s daily community experience truly excellent.
Celebrating 10 years of Octoverse: what does the world of open source development look like in 2022? Explore how communities, organizations, and companies are collaborating and investing in open source.
As we do every year, we’ve undertaken extensive research to gather data on open source. In this year’s Octoverse report, we wanted to answer a singular question: What impact is open source having on business? And for that matter, what impact is business having on open source? We found both groups are far more connected in 2022 than at any point previously, with 90% of the top open source projects by contributors being commercially backed—and first-time contributors favoring commercially backed projects.
GitHub is creating a number of initiatives to build open source norms, educate developers to take on open source work, and pay open source developers to work on open source projects. These initiatives show our commitment to continue to invest in the vibrant open source community that calls us home.
Committing to the future: GitHub Accelerator will provide stipends and mentorship for 20 maintainers and teams to launch full-time open source careers.
We are booting up a new way for us at GitHub to directly support, mentor, and grow the maintainers of projects we depend on. Our GitHub Accelerator will fund 20 maintainers and teams that want to commit to open source careers with a full stipend and mentorship, allowing them to turn their current open source side gig into a full-time career or company. This work will include a specific focus on building enterprise founders through GitHub Sponsors.
Apply now, before the December 31, 2022, deadline.
Open source forever: the new $10 million M12 GitHub Fund will ensure that open source continues to get the funding it needs.
We want to fund the open source companies of the future, too. Today we announced a $10 million GitHub Fund in partnership with M12 to ensure that open source continues to get the funding they need. Because if we want open source to be vibrant tomorrow, we need to invest in the developers and maintainers of today.
All for one: GitHub Sponsors will let you support your dependencies all at once, by uploading a list of maintainers you want to support plus the amounts of the sponsorships.
GitHub Sponsors lets you invest in the open source projects you depend on. This past summer, we contributed half a million dollars to 900 of the dependencies that GitHub needs to run our own software, impacting developers across the world and allowing them to spend more time on open source: fixing lingering bugs, onboarding new contributors, patching security flaws, or sketching out the next iteration of their project. This would have been quite tedious in the past, but we took advantage of a new bulk sponsorship feature, which is coming soon for all users.
Instead of checking out one by one for each sponsorship you make, you’ll be able to upload a list of maintainers and dollar amounts and checkout with them all in one go. This will make it possible for you to support more of your dependencies all at once.
Our goal for these three programs–GitHub Accelerator, GitHub Fund, and GitHub Sponsors–is to continue to enable a thriving open source economy for projects that can be both a developer’s livelihood AND their passion project.
From picking up your next task in GitHub Issues and GitHub Projects, to booting up your dev environment in the cloud with Codespaces, then pair programming with GitHub Copilot and using your voice through “Hey, GitHub!,” along with securing your code, submitting your pull request, and automating with GitHub Actions, GitHub is there along every step of the development lifecycle.
Today is just the start, both of our Universe conference and the innovation to come. You can still register to attend Day 2 of Universe, or catch up on all of these announcements, and more, on-demand later.
Software development is a collective effort, and we’re all in it together. Let’s build from here.