Join us for Craftwork NYC on August 14

Greetings, New York City! Join us on August 14 for our latest Craftwork event. This workshop is open to developers of any skill level who want to learn how to use the GitHub API to build better developer workflows. We’ll have stickers for everyone, too!

GitHubbers will walk attendees through the process of creating their first GitHub App. This workshop will cover:

  • Introduction to the GitHub Apps flow
  • Probot, a great tool for getting started building GitHub Apps
  • Hosting code with Glitch

Beginners welcome

Craftwork is a hands-on workshop for learning how to build GitHub Apps—tools that can help make you and your team more productive with GitHub. The atmosphere is casual and informal; we’ll all be working together and helping each other out to build or first GitHub Apps. You will be able to work at your own pace with the help of a GitHubber nearby in case you run into any trouble.

You’ll leave with a working GitHub App, deployed and ready to use, and the confidence to continue building the tools you need to be more productive with your open source project, or at your work.

Details

For: Beginner and experienced developers alike who are looking to extend GitHub with apps\ When? August 14, 2018, 6-9pm EDT\ Where? 91 East 3rd Street, New York, NY 10003\ RSVP: RSVP as an attendee

If you do not yet have a GitHub account, be sure to create one before the event. It’s fast, easy, and free.

Food and refreshments will be provided. If you have any dietary restrictions, please let us know during registration.

Scholarships and accessibility at GitHub Universe 2018

We’re thrilled to announce our 2018 GitHub Universe Scholarship Program. This year, GitHub Universe is taking place on October 16-17 at the Palace of Fine Arts in San Francisco. As part of our ongoing commitment to make GitHub’s conferences accessible and inclusive to people from all walks of life, we’re excited to offer free tickets through our Community Partner and our Individual Scholarship Programs:

  • Community Partners: GitHub’s Social Impact Team is once again partnering with several local nonprofits and meetup groups in order bring even more diversity to Universe. We do this out of our dedication to ensuring a more rich, dynamic, and creative experience for everyone in attendance.
  • Individual Scholarship Program: For those interested in a free ticket to Universe, we do have a small number available for individuals. Fill out this form to apply for a scholarship. The deadline to apply is August 17 at 5pm PT.

Please note that individual scholarships only cover the cost of admission to Universe. Scholarships do not include any travel or lodging expenses. Scholarship recipients are responsible for arranging and paying for all their own travel and lodging expenses to, from, and within San Francisco.

Scholarships aren’t the only one way we’re making GitHub Universe more inclusive. This year, we’re proud to bring all of the following to the Universe experience:

  • Inclusive meals (vegetarian, vegan, dairy-free, and gluten-free offered. Additional dietary requirements can be arranged with 48 hours notice)
  • Gender neutral bathrooms
  • Quiet/meditation room
  • Nursing/baby care room (refrigeration provided upon request)
  • Closed captioning at all talks
  • ADA compliant venue spaces
  • Fresh water, treats, and an onsite relief area for service or therapy dogs

We’ll see you at San Francisco’s beautiful Palace of Fine Arts!

Apply for an individual scholarship

How the GitHub Student Developer Pack helped this student get a tech job

Jay Taslim Dosunmu, a computer science student at Perimeter College, Georgia State University, has landed gigs at Stanley Black & Decker, SurveyMonkey, and Georgia Tech.

In 2017, Jay served as tutor for students learning computer science at his school. He wondered to himself, “How can we make online tutoring more efficient, and work for everyone?”

He spent his Thanksgiving break building what would become the Athena Learning Platform. What started as an email system for tutoring sessions, evolved into a platform for students to request tutoring and submit feedback on the process.

Jay had access to premium developer tools through the GitHub Student Developer Pack, which he used to implement his idea. In this post, Jay tells the story of how he made Athena, and how it eventually led to his summer internships.

Athena: a tutoring platform for everyone

Jay says, “My goal was to create a student-centered platform to bridge the gaps between the different learning environments in a school. I found that the students experienced three different contexts, but that information didn’t move between them at all.”

The three different contexts he describes are:

  • Classroom settings where an instructor provides information and assesses students’ performance
  • Tutoring centers in which qualified people help students understand the material given by an instructor
  • Student circles where students work together to learn

“Academic performance would improve if teachers could effortlessly see where students are struggling, and if teachers, students, and tutors could all seamlessly get involved with the learning process together. I wanted to help students move away from just passing a test, and more towards a life-long process of constant learning.”

How it works

Athena works by asking students to sign up, ask questions, or open up a discussion that tutors, teachers, and other students can take part in.

After students submit tutoring requests by filling in some information—the course, their professor, and how they want to receive tutoring help, whether by discussion posts or by face-to-almost-face video tutoring—tutors are notified. From there, tutors and other users on Athena can respond and help.

From there, mentors have the ability to view reports on the interactions happening on the platform. This feature helped my Perimeter College tutoring team generate monthly reports in a few seconds rather than several days, and the insight we gained from the reports was more robust.

Athena tutor request; http://www.athenaoltc.com/

Athena tutor feedback; http://www.athenaoltc.com/

Athena tutor dashboard; http://www.athenaoltc.com/

Figures 1-3: Students can post an image of where they need help, and tutors can respond via their dashboard.

Jay says, “It’s amazing to think how Athena has grown from a side project to software that hundreds of Perimeter College students use each semester. I presented on Athena twice at the Georgia Tutoring Association conference and during semester prep sessions for my school’s tutoring center. I’ve received overwhelmingly positive feedback on Athena after every presentation. It’s very humbling.”

Build an application with tools from the Student Developer Pack

Jay walks through how he built Athena with tools from the Pack:

  • Athena uses SendGrid to send emails to users. Django-sendgrid-v5 makes this pretty straightforward.
  • I set up a static and media server supported by AWS Simple Storage Service (S3). The credits I got from the AWS Educate offering in the Student Developer Pack are still enough to cover the costs I’ve had so far.
  • Most recently, I added Travis CI to Athena’s continuous integration workflow to properly test code changes before making them live.

“The application uses Docker to containerize, or capture, the architectural dependencies of the project to build and run Athena on any computer, allowing the development and production environments to mirror each other,” he says. “I am working on building a ReactJS frontend supported by a REST API. Soon I will ship an improved analytics system to incorporate cutting-edge data science methods.”

Knowledge that prepares you for industry

The Student Developer Pack made it easy for Jay to start experimenting with industry-standard tools while working on projects.

“I found that as I progress through my academic and professional career, the Student Developer Pack is growing with me. After learning about analytics during my data science internship, I feel more comfortable using the analytics tools. And now, having learned about continuous integration and continuous deployment during my co-op at Georgia Tech Research Institute, I feel confident in using TravisCI.”

He has taken that knowledge with him to work; Jay completed his spring Co-op with Georgia Tech’s Research Institute, and is currently a Summer Machine Learning Intern at SurveyMonkey.

Get the Student Developer Pack

New improvements and best practices for account security and recoverability

Strong authentication credentials are critical to preventing malicious access to your account. Everyone on GitHub has a password, so a strong password is an excellent starting point. And, for even stronger assurances, we highly encourage users to enable two-factor authentication (2FA). We’re introducing two new features to help you balance the security, usability, and recoverability of your accounts.

Enforcing stronger passwords

Common password advice is to use a long and unique password for each website you have an account with. It’s challenging to remember a strong and unique password for each website without either using a password manager or using a trivially discovered theme. As a result, password reuse is extremely prevalent. Regardless of the strength of a password, a single breach can nullify its security when used elsewhere.

Several years ago, security researcher Troy Hunt sought to tackle the compromised passwords problem with his HaveIBeenPwned.com project. While Troy hosts a service that people and services can use to check for compromised passwords, he also generously made the approximately 517 million record dataset available for download. Using this data, GitHub created an internal version of this service so that we can validate whether a user’s password has been found in any publicly available sets of breach data.

compromised password banner

Starting today, people using compromised passwords will be prompted to select a different password during login, registration, or when updating their password. Don’t worry, your password is protected by the password hashing function bcrypt in our database. We only verify whether your password has been compromised when you provide it to us.

Two-factor authentication checkup

Using two-factor authentication is a best practice and can help protect you even when low quality or compromised passwords are used. However, two-factor authentication can be a double-edged sword. Two-factor authentication ensures that access to a single factor, such as your password or email address where a password reset can be sent, is not sufficient to access an account. But, if you lose access to your two-factor credentials, it can lead to losing access to your account.

compromised password banner

If you have two-factor authentication enabled, GitHub will now periodically remind you to review your 2FA setup and recovery options. We highly recommend using a 2FA authenticator application that supports cloud backups in the event your phone is lost, stolen, or falls in the ocean.

These new account security enhancements will help improve the security of your account. We hope you will take this opportunity to review the security of your account. Balancing security, usability, and recoverability is a personal decision.

  1. Update your password to a long, unique value that is generated by a password manager. Consider a cloud-synchronized password manager.
  2. Use two-factor authentication. Using a TOTP application is more secure than using SMS to deliver codes, but has a higher chance of irrecoverable loss leading to account lockout. Consider a cloud-synchronized application that supports securely backing up your two-factor credentials.
  3. Ensure you have a method of recovering your account if you lose access to your two-factor device. Having a hardware U2F key is a secure option. Also, be sure to store your two-factor backup codes somewhere secure like a password manager or a secure physical location. Consider linking your account to Facebook via Recover Accounts Elsewhere.
  4. Update your primary email address if necessary and determine if a backup email address is desirable. These settings will determine which email address(es) are allowed to perform a password reset.
  5. Review other GitHub credentials. While we remove SSH keys, deploy keys, OAuth authorizations, and personal access tokens that have not been used in a year, it’s always a good idea to manually review them periodically.
  6. Consider signing up for HaveIBeenPwned notifications. You do not need to provide a password.

If you haven’t already set up two-factor authentication on your GitHub account, visit your account settings and click on the “Security” tab.

Announcing GitHub Desktop 1.3

The latest version of our Electron-based GitHub Desktop app has just launched. With the GitHub Desktop 1.3 release, you’ll be notified when your branch diverges from your repository’s default branch.

We’ve found that one of the easiest ways to prevent really complicated merge conflicts is to merge early and often. But if you’re working on a branch, you shouldn’t have to lose your focus just to periodically check if there are updates on the master branch. You’ll now be notified about changes on your default branch that are not in your current branch, and hopefully prevent merge conflicts from getting unwieldy:

Notification screenshot

This release also enables you to more easily keep up with changes across your repositories. You’ll now be able to see which repositories have had recent activity, uncommitted changes, and unpushed changes without having to click into each one:

Repository list screenshot


Try GitHub Desktop

Newer

Changelog

Subscribe

Discover new ways to build better

Try Marketplace apps free for 14 days

Learn more