Africa Studio - stock.adobe.com

GitHub Universe announcements hint at a bigger plan

Stronger automation and new corporate partnerships with open source developers are major additions to GitHub's strategy announced at the GitHub Universe virtual event.

GitHub made a series of product announcements this week that promise more visual comfort, greater communications, improved automation, enterprise support, and even a channel for corporate investments in open source development.

But beyond a collection of features, the announcements out of the GitHub Universe virtual event suggest fundamental strategic directions the company seems to be taking.

On the surface, a strategically minor improvement might be the immediate biggest hit for developers. GitHub now offers dark mode for tired eyes, which has become increasingly popular among computer users.

"After trying many unorthodox solutions, like installing Chrome or Firefox addons, our eyes are now relieved with the dark mode officially coming to GitHub," said Burak Özdemir, a web developer in Turkey, in an email. Dark mode "was the biggest [announcement] for me," he added.

Other new features quickly move beyond a coder's desk and out to a larger context. The Universe keynote presentation demonstrated how the company could take a user suggestion from GitHub Discussions, initially announced in May, move it through development and integration with existing code, then to deployment.

All public repositories now sport Discussions. Probably more important for development teams is increased automation, with auto-merge pull requests when using protected branches.

"If I have a coded set of checks and balances, then when all the coded checks and balances have passed, the system goes, 'Everything has been done, so it can be merged,'" said Gartner senior director analyst Thomas Murphy.

Continuous delivery support

Automation was a focus of last year's addition of CI/CD support to GitHub Actions. So is the new dependency review beta version expected in the next few weeks. Developers will be able to see what dependencies change in a pull request, better managing both production and security.

Actions now let developers better protect their work -- whether an app, package, or website -- with rules and environment-specific secrets. It's possible to require reviewers before a company deploys software, creating more automatically controlled workflows.

Stephen O'GradyStephen O'Grady

"The big things for me are essentially for continuing integration and focus on CI/CD," said RedMonk principal analyst Stephen O'Grady. "GitHub is becoming more and more of a credible platform beyond its base version control and issue tracking."

Workflow visualization now enables a summary of Actions in graphical form, rather than solely reviewing text logs. The visual form should make grasping interconnections and flow in complex interactions more easily.

Enterprise love

The process, automation and communication tools carry into the forthcoming release candidate of GitHub Enterprise Server 3.0. The mid-December release will include automated development workflows for CI/CD, CodeQL security analysis with each push of code into a repository, a mobile support beta allowing sign-in from phone or tablet, and a beta of secret scanning, to find sensitive material in repositories.

The improvements in Enterprise Server 3.0 are important for corporate development. "Most corporations are running GitHub Enterprise [and not public GitHub]," Murphy said.

Meanwhile, the introduction of GitHub Sponsors gives corporations a procurement mechanism for financially supporting open source developers and projects they depend on. Some of the corporations planning to invest in open source projects through the Sponsors mechanism include American Express, Daimler, Stripe, Indeed, Substack and Cognitect, according to GitHub. 

There is a synergistic relationship between [Microsoft and GitHub]. I think they've made good progress in the two years since the acquisition.
Melinda-Carol BallouResearch director, IDC

"Sponsors is interesting -- allowing businesses to contribute to maintainers," O'Grady said. "I'll be very curious how that impacts that economy of being an open source maintainer."

GitHub's future

The more subtle aspects the announcements hold strategic implications for GitHub, Microsoft, which acquired it two years ago, and the development tools landscape.

Microsoft had promised that GitHub would continue to operate independently, and that seems to be the case.

Melinda-Carol BallouMelinda-Carol Ballou

"They're retained their independence and it's more the tail wagging the dog," said Melinda-Carol Ballou, research director for lifecycle management at IDC. "There is a synergistic relationship between them. I think they've made good progress in the two years since the acquisition."

The two are bringing together Microsoft's deep experience and capabilities with development tools as well as cloud implementation, as Microsoft Visual Studio and Azure DevOps bookend GitHub's capabilities.

"It seems like you've got a pendulum swinging back and forth from best-of-breed point solutions to platforms that are integrated for enterprise," said Andrew Fife, vice president of marketing at Cycode, which provides security across multiple software configuration management platforms. "What you could potentially be seeing now is where the innovation is becoming a little more incremental and the pendulum is swinging back to platforms."

Next Steps

GitHub hires first-ever chief security officer

Dig Deeper on Agile, DevOps and software development methodologies