The GitHub Blog

Every year during Computer Science Education Week, we have the opportunity to give back for an hour to teach students how to code. We're following the example of Code.org, whose initiative is to break down the stereotype that only a certain kind of person can program. Collectively our goal is to deconstruct the barrier of "can't" and turn it into "can."

This global movement is introducing computer science across the globe, reaching tens of millions of students in more than 180 countries with a simple a challenge: code for just one hour.

Tutorial Announcements

Every year Hour of Code works with top developers and industry leaders to create fun programming tutorials for students with the hope that they will be inspired to keep learning. The videos introducing these tutorials made us excited about volunteering, so maybe they will motivate you too. Check them out:

Star Wars producer Kathleen Kennedy discusses how to use code to make BB-8 come to life. Watch what else Kathleen has to say about the Star Wars tutorial.

Are you or your kids Minecraft fans? Take a look at the introduction to the Minecraft Hour of Code tutorial featuring Mojang's Lead Developer, @jebox.

How to Volunteer for Hour of Code

You can get involved by donating an hour of your time to a classroom in your area. This donation can be your physical presence or a video chat with one of many classes around the world. More information can be found in the How-to-Guide for volunteers.

If you're unable to participate in Hour of Code, consider other opportunities to give back during Computer Science Education Week, December 7-13. You can advocate for computer science in the classroom or help your own kids walk through the tutorials.

Continuing the Movement after Computer Science Education Week

We're hosting another workshop on December 12th from 9:00am-4:00pm, teaching K-5 educators how to encourage kids to code. Additional details are available on the workshop page.

Swift, Apple's powerful new programming language, is now open source on GitHub. Developers can submit bug fixes and enhancements, and help bring the language to new platforms.

Open Source has been an important part of Apple's platform for a long time. The iOS and OS X operating systems are powered by the Darwin kernel and hundreds of UNIX utilities. Apple has also played a vital role in advancing open web standards with WebKit, made significant contributions to the LLVM compiler infrastructure, and released ResearchKit earlier this year.

We warmly welcome Swift to GitHub and can't wait to see what you build with it. Check out the showcase of projects built with Swift, and head over to the Swift repository to find out how you can get involved.

Let everyone around you know that your daily 1,3,7-Trimethylpurine-2,6-dione (C₈H₁₀N₄O₂) / 3,5 Dicaffeoylquinic acid (C₂₅H₂₄O₁₂) fix just might be radioactive with this new Atom mug. Only you will know the truth.

Stay positively charged in the GitHub Shop. Note that this mug color and style is limited edition. When they're gone, they're gone.

This Cyber Monday (November 30th), take advantage of free shipping on orders over $30 and use the code OCTOCYBER2015 to take 30% off the new Atom Mug, Octocat Figurine, and the rest of the GitHub Shop.

Don’t forget, the last day to order for delivery by Christmas for international shipping using Priority Mail International shipping rate is December 8th and domestic shipping is December 18th.

Repositories on GitHub are about to get a brand new look. The new design improves navigation and simplifies page layout, all while improving the code and performance under the hood. Over the course of the next two weeks, we'll be rolling out the option to opt-in to the new design from any of your repositories with the click of a button.

The collapsing side menu is now a single, always present navigation at the top of every page within a repository. This improves accessibility, makes navigating more coherent, and allows you to always see the labels for each tab without requiring tooltips.

The Code tab now more prominently emphasizes cloning. Clone with confidence using the redesigned protocol switcher, which now contains explicit menu items with explanatory text for each cloning method instead of simple text links.

With the navigation at the top, it's easier to focus on what matters most to you: your content on the page. For example, with the extra horizontal space, issues and pull requests are simpler with a wider and more legible sidebar.

Large changes like this one can be disruptive. To help make the transition as smooth as possible for you, the new design is opt-in for the next two weeks, and after that, you'll switch over automatically.

We're super excited to share the new design with you and can't wait to keep iterating on it moving forward. Enjoy, and happy collaborating!

From the makers of the 5" Octocat figurine comes the adorably small 3" Octocat figurine. Find yours in the GitHub Shop.

Can't wait for the next live course to get started with Git and GitHub? If so, we have an on-demand training option designed just for you.

GitHub for Developers is a self-paced course that distills best practices and documentation into a focused series of interactive lessons and covers the two most important things you need to know:

1. Using Git to confidently manage your source code
2. Using GitHub to collaborate with your team

GitHub for Developers is designed for command-line users who are new to Git and GitHub. This course will help you master the basics of both, from performing essential Git operations to dealing with merge conflicts in Pull Requests. You will even rewrite a bit of project history and learn how to undo almost anything with Git. The course will cover the following sections:

• Section 1: Introducing Git and GitHub
• Section 2: Getting Started with Collaboration
• Section 3: The GitHub Workflow: Branching and Committing
• Section 4: The GitHub Workflow: Pull Requests
• Section 5: Setting up Git
• Section 6: Using GitHub Locally
• Section 7: The Workflow End-to-End
• Section 8: Working with Local Files
• Section 9: Fixing Common Issues with Git
• Section 10: Creating Shortcuts

We've chosen the Wheelhouse education platform to deliver realistic, hands-on projects for an immersive learning experience. You will watch short videos from the GitHub training team, complete exercises to put your new knowledge to work, and receive immediate feedback on the tasks you complete. You will even be guided in practicing skills within your personal GitHub.com account.

For a limited time, we're teaming up with Wheelhouse to offer complimentary access to the GitHub for Developers self-paced course in exchange for your feedback.

To get started, go to training.github.com and click the On Demand tab.

We recently announced that Git Large File Storage, our open source project for managing large assets with Git, had reached a 1.0 milestone and would be available to all repositories on GitHub.com. If you use GitHub Enterprise, we are happy to share the news that support for Git LFS is now officially available in our version 2.4 release. In this post, we'll take a look at how Git LFS fits into your current workflow, whether you use GitHub's web interface, the command line, or even the GitHub Desktop application.

For more background or to learn the basics about Git LFS, click here.

Seamless integration with GitHub

If you work on a project with assets that you're using Git LFS to manage, one of the first things you may notice is that, despite residing in a separate environment, these large files still show up alongside your other files on GitHub. Rather than showing the text pointers that Git LFS stores in your repository, GitHub uses the pointers to retrieve the asset from the LFS server so you can view them just as you would if they lived in your repository. For renderable content, such as images, this means you have access to the same rich diffing tools available for other in-repository content.

First-class LFS support in GitHub Desktop

If you use GitHub Desktop to collaborate on projects configured for Git LFS, you can use the same flow you are used to. Git LFS support is baked in, so you can make changes, commit, and sync just as you normally would. To change the list of paths Git LFS is managing, use the Git LFS tab in your repository settings to add, edit, or delete tracking rules.

Git-centric command line flow

If most of your Git work takes place in a terminal window, integrating Git LFS into your workflow is as simple as adding a few extra commands to your proverbial tool belt. In addition to utilizing built-in Git functionality as part of its interface, Git LFS implements a Git-like syntax that helps it feel less like an add-on and more like a subset of topical commands.

Getting started

After you download and install Git LFS, you can start managing large files in a Git repository by running git lfs track <your-file>, where <your-file> is a command-line glob specifying a particular file, extension, directory, or any combination thereof. Git LFS writes these globs to a .gitattributes file in your repository that Git uses to pre-process files as they move back and forth from your working directory to your index and commit history.

Once you tell Git LFS which files and paths to manage, you can stage, commit, and push just like you normally would; Git LFS handles all of the details for you. When you run git push, you'll notice a progress indicator showing the transfer status of each file as Git LFS uploads it to the LFS server.

Keeping track of things

If you ever need to find out which paths Git LFS is managing, you can run git lfs track with no arguments. You'll get an output of all the tracking rules from the globs listed in the .gitattributes file. For a deeper view of which specific files these globs are catching, you can run git lfs ls-files to see a listing of all the files in your project that Git LFS is managing.

Other resources

• The 1.0 release of Git LFS includes a collection of new features and enhancements, such as batch uploading and selective asset fetching, that extend and optimize it to help your workflow.
• For a deeper dive into the internal workings of Git LFS, you can consult the Git LFS documentation.
• A guided video demonstration of the features outlined in this video is available on our YouTube channel.
• To learn more about the history of Git LFS or the latest features, take a look at this recording of a talk from GitHub Universe featuring the project's core contributors.

GitHub Enterprise is the on-premises version of GitHub, which you can deploy and manage in your own, secure environment. The GitHub Enterprise 2.4 release offers users and administrators greater control over their instance—and their workflows. From protected branches to simplified asset management, our latest release includes features and updates that make GitHub more flexible.

Protected branches and required statuses

With protected branches, administrators now have the ability to disable force pushes to specific branches. Required status checks on protected branches make integrations that use our Status API enforceable, and you can disable the merge button until they pass.

Improved organization permissions

Improved permissions give your organization the flexibility to work the way you want. New customizable member privileges, fine-grained team permissions, managed access, and transparent communication with team mentions make it even easier for your team to work together. Learn more about GitHub’s improved organization permissions.

Easier asset management with Git Large File Storage

With the inclusion of Git LFS you can integrate large binary files into your Git workflow. Large files are stored on your server and the custom API allows you to transfer any number of files with ease. Learn more about Git LFS.

More flexibility with GitHub Pages

Your GitHub Pages sites can be public even if your Enterprise instance is private. With the new jekyll-feed plugin, you can automatically generate an Atom (RSS-like) feed of your most recent posts, making it easier for people to subscribe. Learn more about easier feeds for GitHub Pages.

Keep your instance current

Ensure your GitHub Enterprise instance is up-to-date with new features, security patches, and bug fixes by opting in to automatic downloads of new releases, which you can then apply from the management console.

Render map data within GitHub Enterprise

With GeoJSON support, any GeoJSON file in a GitHub repository will now be automatically rendered as an interactive, browsable map, annotated with your geographic data. You can even customize the way your data is displayed, such as coloring and sizing individual markers, or specifying a more descriptive icon.

Merge with confidence

The area above the merge button now contains information on automated status checks, making it easier to see if your proposed changes are ready to go or need more work.

Universal 2nd Factor authentication

Earlier this month we announced that we expanded GitHub's authentication system to support FIDO Universal 2nd Factor (U2F), and this security feature is now available with the GitHub Enterprise 2.4 release. Read more about how U2F keys work or take a look at the documentation to learn how to associate a U2F key with your instance.

For the full list of features and updates, check out the release notes. If you're currently using GitHub Enterprise, you can download this release now. If you want to give GitHub Enterprise a try, request a 45-day free trial.

We want to free up your administrator's time by providing a tool that requires little maintenance and great out-of-the-box security. By following a few simple steps, GitHub Enterprise can be ready for your developers to test the same day it you install it.

Sometimes in the excitement to get up and running, it is easy to pass over simple solutions for security. This post will guide you through some of the settings GitHub Enterprise provides to ensure your company's installation is secure without inhibiting collaboration. We will also discuss monitoring and auditing tools that give greater insight into the health and security of your installation.

Initial instance setup

Instance password

The password for the Enterprise Management Console, as shown in step #8 of this guide, is the main gateway to administer GitHub Enterprise. This shared password gives a user unfettered access to the GitHub Enterprise environment, so we recommend that you only share it with a select few individuals and save it in an encrypted vault such as 1Password or a similar password management tool. Using this password, you can establish SSH keys through the /setup page in GitHub Enterprise. After setting up a key, an administrator can SSH into the GitHub Enterprise instance and gain access to all the ghe- command line utilities available.

Private Mode

In the /setup page of GitHub Enterprise you will find a setting that enables Private Mode. With this setting enabled, GitHub Enterprise hides all content from users who are not authenticated, including public repositories.

Enabling Private Mode is required for GitHub Enterprise instances that are accessible to users outside of the firewall without a VPN. This helps to ensure a user does not inadvertently make a repository public externally that should remain private within a company.

If your GitHub Enterprise install is only available from a VPN outside of your firewall Private Mode does not need to be turned on. This lets unauthenticated people within the firewall view public repositories and public GitHub Pages.

Subdomain isolation

We strongly recommend that everyone turn on subdomain isolation for their GitHub Enterprise instance. Subdomain isolation securely separates user-supplied content from other portions of your GitHub Enterprise appliance, which mitigates cross-site scripting and other related vulnerabilities. You can make these changes by creating a wildcard DNS entry or by whitelisting each subdomain individually. A full list of these subdomains is available in the link above.

Improved monitoring

If you navigate to the /setup/monitor page in GitHub Enterprise you will notice GitHub Enterprise now ships (as of Enterprise version 2.3) with more graphs to monitor activity on the instance. This permits an administrator to spot suspicious activity and maintain stability in the environment.

Another feature that helps you keep GitHub Enterprise secure is the audit log, which is available at the /stafftools/audit_log endpoint. It records actions that are occurring and makes them visible to a site administrator. These audit logs reveal what action occurred (for instance, a user login), who performed the action, and the IP address of the request. This gives you great visibility into what is happening on an instance level.

Authentication

Certain authentication methods provide additional levels of security and control. Two we'll highlight here are restricted user groups and universal two-factor authentication.

Restricted user groups

Both LDAP Sync and SAML with Okta allow GitHub Enterprise administrators to segment users and fine-tune control of GitHub Enterprise. In addition to securing your instance, these tools let you control the number of licensed seats in use at any given time.

LDAP Sync permits an administrator to set up a Restricted Group (in Active Directory, for example) that limits access to GitHub Enterprise to only users found in that group.

SAML with Okta lets an administrator control access to GitHub Enterprise by setting it up as an "application" and assigning users to that application to give them access.

With fine tuned controls over who can access the instance, and great reporting from those tools about group membership, an administrator can feel confident in both controlling and monitoring access.

Universal second factor authentication

In partnership with Yubico, GitHub also supports Universal Second Factor Authentication (U2F). If you are not using GitHub's built in authentication in your instance, however, your identity management provider must provide U2F.

We strongly encourage companies and individuals to reach out to their identity providers and request support for U2F if it is not yet supported.

Organizational security options

GitHub's revamped organizations and teams are another way to secure your GitHub Enterprise installation. Administrators of GitHub Enterprise will now have the ability to set access levels for a team on a per repository basis. This granularity will reduce the number of teams that administrators must set up and maintain.

Any questions, don't hesitate to reach out

If you are administering GitHub Enterprise for your team, putting these best practices into play is a great step toward ensuring that your instance stays healthy, secure, and as easy to maintain as it was to install. For a deeper dive into securing your GitHub Enterprise installation, check out this recording from GitHub Universe.

If you have any questions about securing your GitHub Enterprise installation you can reach out to enterprise@github.com to get clarifications or help.

The GitHub Services team is happy to help get you up and running with GitHub Enterprise. We can help you get GitHub Enterprise deployed quickly while following the best practices for security, availability and redundancy. If you would like to learn more about how we can help, don't hesitate to reach out to services@github.com.

Last week we launched GitHub Universe, a two-day conference where developers from all over the world convened at Pier 70 to discuss how to build, collaborate on, and deploy great software.

As we gathered in front of the main stage, the octocat appeared in full, living color in an animated short created especially for Universe by the GitHub creative team

To open Universe with a bang, our CEO and co-founder Chris Wanstrath made several announcements about new developments that will make the GitHub experience better than ever.

Partnership with Yubico:

To help users better secure their accounts, GitHub's authentication system now supports FIDO Universal 2nd Factor (U2F)—a rapidly growing open authentication standard. Yubico's U2F compliant keys are ready to protect GitHub’s millions of users and their volumes of sensitive data. Thousands of GitHub users redeemed a discount to purchase a new key. The 20% discount on YubiKeys is still available to any GitHub user while supplies last.

Integrations Directory:

It's now easier than ever to use your favorite tools with GitHub. Check out these powerful integrations, including Travis-CI and Slack, and build better software, together.

Git Large File Storage (LFS):

Git LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server like GitHub.com or GitHub Enterprise. Check it out.

The general sessions from Universe are available to view on UStream. All of the talks from the Build, Collaborate and Deploy breakouts will be available to view soon, so keep your eye on Twitter.

GitHub Universe would not have been possible without the support of our 13 excellent sponsors, who provided delicious food and coffee and beautiful art installations for our enjoyment.

GitHub is how people build software. We will continue our voyage next year, so stay tuned for updates.

Serious business deserves a serious business shirt. We've created the Octopolo Shirt to help you get down to business in the most serious manner possible. Grab yours from the GitHub Shop.

After months of letting our early adopters kick the tires, Git Large File Storage (Git LFS) has reached a 1.0 milestone and is now available to all repositories on GitHub.com.

Git LFS is an open source Git extension that we released in April for integrating large binary files into your Git workflow. Distributed version control systems like Git have enabled new and powerful workflows, but they haven’t always been practical for versioning large files. Git LFS solves this problem by replacing large files with text pointers inside Git, while storing the file contents on a remote server like GitHub.com.

We’re hugely appreciative of the community that’s sprung up around Git LFS. This milestone contains features and fixes that came directly from your feedback and pull requests. Some notable changes include:

• A fully rewritten HTTP client and API specification that improves concurrency and reduces overhead when transferring thousands of files
• New git lfs fetch and git lfs pull commands that download objects much faster than the standard Git smudge filter
• Options for customizing what files are automatically downloaded on checkout
  • Selectively ignore a directory of large files that you don’t need for daily work
  • Download recent files from other branches
• Improvements to git lfs push that filter the number of commits to scan for eligible LFS objects to upload. This greatly reduces the time to push new feature branches
• A Windows installer and Linux packages for more convenient installation
• An experimental extension system for teams that want to customize how objects are stored on the server

Git LFS is now available to all users on GitHub.com, just install the client to get started.

Our new Integrations Directory showcases a variety of developer tools that extend GitHub and your development workflow. Quickly find tools that work with GitHub to help you and your team build software together. Connect those tools to GitHub to manage all aspects of your software projects—from idea to running application in the hands of customers. Browse new integrations to customize your workflow with functionality provided by our partners.

GitHub integrates with text editors and IDEs, project management and customer support systems, CI and CD services. Developer tools that integrate with GitHub let you build sophisticated chatops workflows, allow you to deploy software directly from your GitHub repositories, and make it easy to track analytics, customer feedback, performance issues, and runtime errors back to a line of code and the context for code changes.

The Integrations Directory shows off some of our favorite tools and allows you to quickly connect them with your GitHub account. Don't see your favorite developer tool or want to get your integration listed? Let us know!

To help users better secure their accounts, we are expanding GitHub's authentication system to support FIDO Universal 2nd Factor (U2F)—a rapidly growing open authentication standard.

GitHub encourages developers to build U2F support into their own applications as well, enabling authentication with simple user experience and strong security using public key cryptography. U2F is built to protect against phishing and man-in-the-middle attacks, allowing one U2F authenticator to access any number of services without any shared secrets. Since U2F has native support in platforms and browsers, there’s no need for drivers or client software. Read more about how U2F keys work or take a look at the GitHub U2F documentation to learn how to associate a U2F key with your GitHub account.

In order to take advantage of the security improvements provided by U2F, you'll need to purchase a hardware key. You can purchase the U2F key of your choice from a range of vendors. We are partnering with Yubico, inventor of the YubiKey, co-creator of the U2F protocol, and a leading provider of U2F authenticators. Together with Yubico we are offering discounts to GitHub users for a limited time through a special offer page where you will verify your GitHub account and place your order:

• While supplies last, GitHub users can purchase special edition U2F Security Keys for $5 plus shipping and handling (regular price $18; 5,000 special edition keys available).
• After the special keys are gone, all GitHub users are eligible for a 20% discount on U2F-certified YubiKeys, for a limited time.
• In addition, all students who are eligible for the Student Developer Pack will receive a 20% discount on any U2F-certified YubiKey.

We hope you'll take this step to keep your information secure.

Are you at Pier 70 today for GitHub Universe? Want to earn some sweet patches to iron onto your newly acquired tote bag, and enter to win some prizes (generously provided by Twilio) while you're at it?

Complete the steps below before 3pm on Friday to earn merit badges. Each merit badge can be retrieved and ironed on to your tote at the iron-on station near the entrance upon proof of task completion.

To earn the Build badge: Introduce yourself to a stranger and tweet a photo of yourselves using #exploreuniverse.

To earn the Collaborate Badge: Head to the obliteration room – get someone to take a picture of you contributing a sticker to the chaos and share via twitter using #exploreuniverse.

To earn the Deploy badge: Tweet @twilio using #exploreuniverse: If you had unlimited time and resources to build anything with Twilio and GitHub, what would it be?

If you complete these steps, you're entered to win an iPad Mini 4, a Sphero and an Amazon gift card. Winners will be announced at 3:30pm on Day 2 of the conference on Twitter, so make sure to follow @githubuniverse.

We hope you'll join us in exploring!