Environmental sustainability at GitHub

At GitHub, we believe in the extraordinary potential and power of a diverse, collaborative developer community to accelerate human progress. Just look at the first-ever powered  flight on another planet as one amazing example of what developers can achieve together! Through the power of this community, we have an opportunity to make a positive, lasting impact on our planet, too.

In honor of  Earth Day, I am excited to share GitHub’s commitment to building the environmentally sustainable home for all developers, so you can continue to write the software that the world depends on, knowing that we’re working to ensure that the platform you build on is contributing to the health of our planet.

Our approach

Our parent company, Microsoft, has made a  sweeping set of commitments to combat climate change across carbon, water, waste and ecosystems. As a starting point, we have taken inspiration from their leadership and are making the following commitments of our own:

Carbon-free software

We envision a future where carbon-free software is standard—where software development, deployment, and use contribute to the global climate solution without every developer having to be an expert. Here’s how we are laying the groundwork for a carbon-free software future:

• Carbon neutral since 2019: GitHub has been operating at net-zero carbon since July 2019, and all development on and use of  GitHub.com since then has been carbon neutral.
• 100% renewable energy by 2025: We’re on pace to power our current and projected energy needs with clean renewable energy by 2025.
• Carbon negative by 2030: We are continually working to reduce our operational carbon intensity and will invest in carbon removal solutions to remove more carbon emissions than we create.
• Remote workforce accountability: At GitHub, we have a remote-first culture, with the majority of our global team working remote part- or full-time (and, of course, we’re all remote right now). In addition to accounting for emissions related to work by Hubbers when they work from a GitHub office, we also account for the carbon footprint of Hubbers working remotely in our carbon reporting and renewable energy procurement efforts. We offset all emissions related to operating GitHub, including remote work.

#updates #github

What is GEEK

Buddha Community

How to Compare Multiple GitHub Projects with Our GitHub Stats tool

If you have project code hosted on GitHub, chances are you might be interested in checking some numbers and stats such as stars, commits and pull requests.

You might also want to compare some similar projects in terms of the above mentioned stats, for whatever reasons that interest you.

We have the right tool for you: the simple and easy-to-use little tool called GitHub Stats.

Let’s dive right in to what we can get out of it.

Getting started

This interactive tool is really easy to use. Follow the three steps below and you’ll get what you want in real-time:

1. Head to the GitHub repo of the tool

2. Enter as many projects as you need to check on

3. Hit the Update button beside each metric

In this article we are going to compare three most popular machine learning projects for you.

#github #tools #github-statistics-react #github-stats-tool #compare-github-projects #github-projects #software-development #programming

Stay Safe on GitHub: Security Practices to Follow

GitHub is undoubtedly the largest and most popular social development platform in the world. According to its 2019 State of the Octoverse Report, GitHub is home to over 40 million, and the community keeps expanding every day.

As developers in this deeply interconnected community use open source code to build software, Github security should be a top priority. This is because extensive code re-use increases the risk of distributing vulnerabilities from one dependency or repository to another. As such, every contributor should focus on creating a secure development environment.

Here are eight security practices that GitHub users can follow to stay safe and protect their code:

Strengthen Access Controls

Implementing proper access control is one of the best practices for enhancing security, not only on GitHub but in every other environment where code security is imperative.

GitHub offers several options that users can employ to reduce the risk of improper exposure. But to start with, it is important to employ the least privilege model where users are only granted necessary permissions.

Here are some basic access control guidelines that you should follow:

• Restrict the creation of repositories to prevent users from exposing organization information in public repositories.
• Enable branch protection and status checks to ensure users can merge commits or manipulate branches safely.
• Allow or disallow forking private repositories to ensure users do not expose or share organizational code with unauthorized parties.
• Revoke access for all inactive users who are no longer part of the contributors.
• Review access rights to your GitHub projects periodically.
• Ensure users do not share GitHub accounts or passwords.
• Ensure every contributor uses two-factor authentication on their account.
• Rotate personal access tokens and SSH keys

#tutorial #github #access control #software security #repository management #github issues #source code analysis #github apps #github enterprise #git best practices

Stay Safe on GitHub: Security Practices to Follow

gthen Access Controls

Implementing proper access control is one of the best practices for enhancing security, not only on GitHub but in every other environment where code security is imperative.

GitHub offers several options that users can employ to reduce the risk of improper exposure. But to start with, it is important to employ the least privilege model where users are only granted necessary permissions.

Here are some basic access control guidelines that you should follow:

• Restrict the creation of repositories to prevent users from exposing organization information in public repositories.
• Enable branch protection and status checks to ensure users can merge commits or manipulate branches safely.
• Allow or disallow forking private repositories to ensure users do not expose or share organizational code with unauthorized parties.
• Revoke access for all inactive users who are no longer part of the contributors.
• Review access rights to your GitHub projects periodically.
• Ensure users do not share GitHub accounts or passwords.
• Ensure every contributor uses two-factor authentication on their account.
• Rotate personal access tokens and SSH keys

Never Store Credentials in Your GitHub Files

Leaking secrets to your GitHub repositories, either through code, configuration files, or commit messages, provides a gateway for attacks.

#tutorial #github #access control #software security #repository management #github issues #source code analysis #github apps #github enterprise #git best practices

Stay Safe on GitHub: Security Practices to Follow

GitHub is undoubtedly the largest and most popular social development platform in the world. According to its 2019 State of the Octoverse Report, GitHub is home to over 40 million, and the community keeps expanding every day.

As developers in this deeply interconnected community use open source code to build software, Github security should be a top priority. This is because extensive code re-use increases the risk of distributing vulnerabilities from one dependency or repository to another. As such, every contributor should focus on creating a secure development environment.

Here are eight security practices that GitHub users can follow to stay safe and protect their code:

Strengthen Access Controls

Implementing proper access control is one of the best practices for enhancing security, not only on GitHub but in every other environment where code security is imperative.

GitHub offers several options that users can employ to reduce the risk of improper exposure. But to start with, it is important to employ the least privilege model where users are only granted necessary permissions.

Here are some basic access control guidelines that you should follow:

• Restrict the creation of repositories to prevent users from exposing organization information in public repositories.
• Enable branch protection and status checks to ensure users can merge commits or manipulate branches safely.
• Allow or disallow forking private repositories to ensure users do not expose or share organizational code with unauthorized parties.
• Revoke access for all inactive users who are no longer part of the contributors.

#tutorial #github #access control #software security #repository management #github issues #source code analysis #github apps #github enterprise #git best practices

How to Create a Custom GitHub Actions Using JavaScript — Beginner Level

In this blog, we are going to learn how to create our own custom GitHub action using javaScript.

Prerequisite

• Basic JavaScript Knowledge
• Basic Git & GitHub Knowledge

About GitHub Actions

Automate, customize, and execute your software development workflows right in your repository with GitHub Actions. You can discover, create, and share actions to perform any job you’d like, including CI/CD, and combine actions in a completely customized workflow.

Types of Actions

There are three types of actions: Docker container actions, JavaScript actions, and composite run steps actions.

JavaScript Custom Action

Let’s create a Custom GitHub Action using JavaScript by creating a public repo, once the repo is created, we can clone it to our local machine using VS Code or GitPod. You need to have Node.js 12.x or higher and npm installed on your machine to perform the steps described here. You can verify the node and npm versions with the following commands in a VS Code or GitPod terminal.

node --version 
npm --version

#github #github-tutorial #github-actions #github-trend