May 11, 2020 Github Satellite 2020: How Did it Happen? Must Watch Sessions, Codespaces, Discussions, and Code Scanning

GitHub Satellite, the annual Github Conference that would have happened in Paris took place virtually this year. We all know why. On the positive side, this gave everyone a chance to attend and experience an event of such magnitude.

Every year there are important features and tools announced to improve the experience and enhance the usability of Github for software product development. In 2019, the biggest news highlights were Github Sponsorship, GitHub for mobile, npm in GitHub family, through dependency insights, automated security vulnerability fixes via Dependabot and security advisory.

Last year I spent quite some time looking around post-event blogs on how Github hosts their sessions and hands-on play breakout sessions. However, this year with the event going virtual I was able to actually experience various Work and Play sessions live, sitting on my couch at home.

It all started with a keynote which had all-important feature announcements (scroll down to learn more). Then the Work and Play sessions took center stage; there were paid workshops scheduled for the next day. You can take a look at some of the Lightning Talks, I really liked the Protips inside the Lightning Talks. 

Both Work and Play were 12-hour sessions on Youtube Live, now also available as on-demand videos. Work was more focused toward Github, it’s features and best practices to use them. Play was more fun hands-on programming which included programming music and creative visuals. 

Here are some of the must-watch, important Work Sessions that I think will really quickly make a difference to your daily project management on Github:

• Top 10 tips for project maintainers
  A quick session to make life easier as a project maintainer. 

• What every GitHub user should know about VS Code
  A session on VS Code Integration. From viewing diffs and commit history, to managing PRs and conducting code reviews to creating issues.

• Putting GitHub at your fingertips
  Improved experiences on GitHub Mobile, GitHub CLI Beta and improved experiences via GitHub Desktop.

• Save precious time with GitHub Actions
  The session is about workflows Arduino has implemented with GitHub Actions and shows attendees ways that they can take the first steps into bringing GitHub Actions into their development cycle.

• The JavaScript coders guide to getting more from GitHub and npm
  Mainly focused toward the implications of NPM joining the GitHub family for JavaScript developers.

• Stopping vulnerabilities at the source
  Learn about CodeQL queries that help find vulnerabilities across the source code, and how to create a query once you’re aware of a new exploit, attack vector, or CVE.

If you are a developer, here’s my must check out list from the Play Section. They are now available on-demand, linked below:

• Ponicode AI Rap Battle 
  Ponicode’s AI-driven rap lyric generator went up against a human rapper in this epic battle of man vs. machine, the winner was determined by popular vote.

• Coding Augmented Reality Live
  They use CARL to code a 3D shader from scratch, which you can use your phone to see in augmented reality.

• The Weird Algorithm
  Imagine  “I Want It That Way” with replacement lines from Mean Girls, or “Mr. Brightside” with lines from Craigslist ads. Yes, they did it live! 

• Creative Machine Learning with RunwayML
  Focused on training and building models using RunwayML.

• Live DJ set with Sam Aaron – 
  An improvised DJ session live coded with Sonic Pi

FEATURE ANNOUNCEMENTS

Now moving to the important features announced in the keynote that will entirely change the professional development ecosystem. 

Github divided feature announcements into four core categories:

DISCUSSIONS

Communities

A project needs discussion, and sometimes important conversations that happen inside of an issue or a feature should have been discussed elsewhere as a larger topic or require group brainstorming. For the purpose of allowing better collaboration Github introduced Discussions.

See the keynote announcement here: https://www.youtube.com/watch?v=FhZTPM9ysWk&t=3190s
Try Now: http://githubsatellite.com/discussions

CODESPACES

Code

A week back Microsoft made some news with the rebranding of Visual Studio Code Online to Visual Studio Codespaces. But integration was something one might have imagined so early in the scene. Take a look at VS Online/Codespaces, it is very similar to VS Codespaces.

Working on many projects and apps and trying to set up the whole dev environment every time for each of them can be cumbersome and confusing. Solving conflicts and setting things up will actually take a lot of time. Codespaces is the appropriate solution to all these worries. Why not? You can work from anywhere and any device. Having the same set up for everyone and trying to run a particular app on local and complaining about it doesn’t work for me and is not going to be a trend anymore 😀

It’s still in Beta, however, I am not sure how they will price it. I did read or hear somewhere it might be very similar to Github Actions. The pricing scheme of VS Codespaces is per hour.

Earlier attempts to automate the dev environment, for example with Docker, missed IDE features. Other than VS, in this space, we have Eclipse Theia.

Theia is already out there creating some buzz with early adoption by Google, RedHat and many more. Here is a blog that lists the differences between Theia and VS Code.

You can sign up for early access here: https://github.com/features/codespaces
See the keynote announcement here: https://www.youtube.com/watch?v=FhZTPM9ysWk&t=3430s

CODE SCANNING

Security

Code scanning powered by CodeQL looks at the code for security vulnerabilities. The feature is based on the CodeQL code that came with Semmle acquisition. This will allow automated checks on the code to find security vulnerabilities whenever a push is done to the repo. The results will be available in pull requests. It tells you which line of code has a problem, why it may harm you and all that you need to do to fix it. See below:

As of now, Code Scanning is free for open source repositories.
See the keynote announcement here: https://www.youtube.com/watch?v=FhZTPM9ysWk&t=4304s

PRIVATE INSTANCES

Enterprises

Github announced Private Instances, a new fully managed service for enterprise customers. “Private Instances provides enhanced security, compliance, and policy features including bring-your-own-key encryption, backup archiving, and compliance with regional data sovereignty requirements,” GitHub mentioned.

See the keynote announcement here: https://www.youtube.com/watch?v=FhZTPM9ysWk&t=4052s

Most of the features are still under the “coming soon” tag, let’s wait to see what improvements they bring to software development on Github.