GitHub isn’t content with being the storage locker for your code: it thinks it has come up with a better way to let software developers collaborate and improve their efficiency.
The company, soon to be part of Microsoft, plans to introduce GitHub Actions later on Tuesday at GitHub Universe, its annual developer conference in San Francisco. GitHub Actions will allow GitHub users — which these days is pretty much anyone writing code — to automate the process of moving code between the different steps in their software workflows.
“This is the most significant thing we’ve done since creating the pull request,” said Kyle Daigle, director of ecosystem engineering, referring to perhaps the most fundamental action in GitHub, used to alert maintainers of code bases that you’ve come up with something new for review.
Like most big projects, software development is usually broken down in dozens, hundreds, or thousands of small steps depending on the scope of the project. Teams need to coordinate on the progress of those steps, such as whether they are ready for review or still need some work, as well as coordinating the merging of that code into existing software without breaking anything. At a lot of companies, this is a manual process spread across several different development tools, and it can be a real pain, Daigle said.
An Action, as defined in GitHub’s new feature, uses code packaged in a Docker container running on GitHub’s servers. Users can set up triggers for events, such as introducing new code to a testing channel, that set off Actions to take further steps involving that code defined by criteria set by administrators.
It will support any programming language and work across on-premises servers as well as public cloud providers, Daigle said. Actions will be available as an invite-only preview to start, but companies such as HashiCorp and Pulumi have been testing in against their development tools.
GitHub also plans to introduce several security and collaboration features during its event this week.
The company will introduce the GitHub Security Advisory API, which will collect data about software vulnerabilities and make that available in a machine-readable format so companies can get information about bugs and patches for projects that are part of their code base. It will also extend a similar service called vulnerability alerts to users of the Java and .NET programming languages, after introducing it for widely used programming languages like JavaScript Python, and Ruby.
And it will allow developers who have worked on GitHub projects in private repositories, which account for a huge amount of corporate development projects, to list contributions to some of those projects without giving away all the secrets.
“Twenty years of my development history is locked up behind the firewall,” said Cory Wilkerson, senior director of product engineering at GitHub. “Now that we’ve established this channel, I might call on former CTOs or VPEs and ask them to connect back to Github.com and maybe I can port some of my identity back.”
Microsoft’s $7.5 billion acquisition of GitHub is expected to be reviewed by European regulators later this week, and pending anything weird in the U.S. regulatory process, it is expected to close by the end of the year.
