The story behind the new GitHub Enterprise

Today we're releasing the fastest and most flexible version of GitHub Enterprise ever, including high availability and disaster recovery options, dramatically improved LDAP and SAML integration, major improvements to features like code review and project management, and support for deploying on Amazon Web Services.

jetpack

We're proud to share this release with you not just because it's our finest work yet, but because it represents a major milestone in our mission to change the way the world builds software together.

Over seven million people and hundreds of thousands of organizations are working together on over 17 million repositories on github.com, but that only begins to scratch the surface. With this release of GitHub Enterprise we're making social coding available to anyone who wants to host code in their AWS-powered cloud, while also shipping a better product experience for the thousands of administrators and developers already using GitHub Enterprise daily.

When GitHub launched in 2008, it was all about sharing. You could quickly sign up for an account and share your open source with the world, or, purchase private repositories and control precisely who has access to your source code. But our goal wasn't workflow or collaboration - it was making it easy to share your git repositories with others.

As GitHub grew we saw the power in working together. This led us to create Organizations in 2010: group accounts which allow open source projects, non-profits, schools, governments, companies, and teams of all kinds to create a presence on GitHub and more easily build software together. Our focus expanded from simply publishing git repositories to helping people build software together.

People quickly created thousands of Organization accounts, but the feedback from larger organizations was resounding: they loved features like Pull Requests, yet many wanted data isolation for their code and support for enterprise-level features such as integration with their authentication system. This led us to create GitHub Enterprise, a VM-based on-premises version of GitHub we released in November 2011.

In the three years since that release, we've seen GitHub Enterprise change the way entire companies build software together. We've witnessed cultures evolve, companies thrive, and developers rave about how GitHub has changed their workflow. But we've also spent countless hours talking to our customers about how we can improve, and we've taken that feedback seriously.

Today's release is the culmination of months of hard work to make GitHub Enterprise more accessible to more people and even better for our current customers. Whether you're hacking on open source on github.com or coding the next version of your company's Android app using GitHub Enterprise, our goal is to help you build better software.

We hope you love this release as much as we do.

A faster, more flexible GitHub Enterprise

jetpack octocat

Today, we’re releasing an all-new GitHub Enterprise designed to make it even easier for developers and businesses around the world to use GitHub at work.

Now available on Amazon Web Services (AWS)

Since GitHub Enterprise launched in 2011, AWS's popularity has grown. Many companies want to host code in their AWS-powered cloud and with good reason. Using AWS reduces hardware costs, provides immediate access to a highly scalable infrastructure, and addresses a wide variety of compliance standards, from healthcare's HIPAA standards to government's FedRAMP. And now you can run GitHub Enterprise on AWS too! We like to think it feels a little bit like this:

Infrastructure improvements, high availability, & backups

We've rewritten the infrastructure behind GitHub Enterprise, improving stability and redundancy regardless of how you choose to deploy it. Some highlights:

  • GitHub Enterprise now utilizes Ubuntu 12.04 LTS, taking advantage of long-term updates and security fixes for the base components provided by Ubuntu.
  • Online backup utilities give you a number of advanced capabilities for backing up and restoring your data. With these utilities your appliance doesn't need to be put in maintenance mode for the duration of the backup run, meaning there's no downtime for your development team.
  • Achieving redundancy with GitHub Enterprise is much easier. With replication mode enabled, you can configure a second, identical instance (failover with warm standby) to jump into action should anything happen to your primary instance.

HA/DR image

SAML support & security audit log

With our improved organization audit log, admins can now see a running list of events as they're generated across each organization and search for specific activities performed by users. This data provides your company with better security insights and gives you the ability to audit account, team, and repository access over time as needed.

audit-log

We've also added support for SAML, including OneLogin, PingIdentity, Okta, and Shibboleth. Single sign-on with these identity providers allows you to manage your organization's users from one place or manage app access for groups of users at a time, rather than individually.

...and more!

This release also includes a number of features to help your company build and ship high-quality software, including:

To see a full list of features, check out the release notes for GitHub Enterprise 2.0.0.

Give GitHub Enterprise a whirl

If you're an existing GitHub Enterprise customer, you can download the latest release from the Enterprise website. If you want to give GitHub Enterprise a try, you can start a 45-day free trial on AWS or VMware.

Come visit us at AWS re:Invent

We’ll be demoing the all-new GitHub Enterprise this week at AWS re:Invent in Las Vegas. Stop by booth #1229 to say hi, check out this release in action, and grab some stickers and other great stuff. If you're attending re:Invent and would like a more in depth look at how this release of GitHub Enterprise might help your company, sign up for a meeting with our GitHub Enterprise sales team.

GitHub Pages Legacy IP Deprecation

Update: We've extended the deprecation deadline to February 2, 2015 to give Pages users more time to update their DNS records.


If you use a custom domain with GitHub Pages, please verify that your domain's DNS settings are properly configured to point to the most up-to-date GitHub IP addresses. This will ensure that your site remains available after December 1st, 2014.

GitHub Pages allows you to set up a custom domain by adding the domain to a CNAME file, and pointing your domain's DNS record to GitHub's servers. If you don't use this feature, for example, if your GitHub Pages site is published as username.github.io, you don't need to take any action at this time. Please enjoy this animated GIF for being awesome.

Why the change?

Nearly a year ago, we announced improvements to how we serve GitHub Pages sites. Today we're making that change permanent by deprecating our old GitHub Pages infrastructure. If your custom domain is pointed at these legacy IPs, you'll need to update your DNS configuration immediately to keep things running smoothly.

How long do I have to make the switch?

Starting the week of November 10th, pushing to a misconfigured site will result in a build error and you will receive an email stating that your site's DNS is misconfigured. Your site will remain available to the public, but changes to your site will not be published until the DNS misconfiguration is resolved.

For the week of November 17th, there will be a week-long brownout for improperly configured GitHub Pages sites. If your site is pointed to a legacy IP address, you will receive a warning message that week, in place of your site's content. Normal operation will resume at the conclusion of the brownout.

Starting December 1st, custom domains pointed to the deprecated IP addresses will no longer be served via GitHub Pages. No repository or Git data will be affected by the change.

How do I know if I'm affected?

If you have a GitHub Pages site pointed at one of the old IP addresses, you will receive an email from us this week letting you know that you need to make the change (and should have been receiving an email on each push for the past several months). If the suspense is killing you, there's a few ways to check yourself:

  1. If you're using the GitHub Pages Gem, update to the latest version, and run github-pages health-check from your site's root directory. That'll make sure your site's DNS is in ship-shape.
  2. Don't have the GitHub Pages Gem?
    • If you're on a Mac or Linux machine, simply paste this command into a terminal window, replacing your-domain.com with, your site's domain. dig your-domain.com | grep -E '(207.97.227.245|204.232.175.78|199.27.73.133)' || echo "OK". If you see the word "OK", you're all set.
    • On a Windows machine, you'll want to run nslookup your-domain.com and ensure that the output does not include any of the deprecated IP addresses (207.97.227.XXX, 204.232.175.XX, or 199.27.73.XXX).
  3. From your domain registrar's web interface, head on over to your domain's DNS settings. Your domain should either be a CNAME record to username.github.io, an ALIAS record, or an A record pointing to an IP address that begins 192.30.252.XXX.

Okay, I'm sold. What do I need to do?

If one of the methods above indicate that your DNS is misconfigured, or if you just want to be sure, please follow the instructions for setting up a custom domain with GitHub Pages.

Questions? We're here to help.

Happy publishing!

New in the shop: 5" Octocat Figurine

For years, the Octocat has been stuck in the realm of two dimensions—but no more! Now she’s crawling off your laptop and onto your desk as a 5" vinyl figurine.

Check out the Octocat in the GitHub shop.

A Better DMCA Process

To bring more transparency and clarity to the processes surrounding the DMCA, we are rolling out three improvements to the way we process copyright takedowns:

  • First, whenever possible, users will have a chance to fix problems before we take content down.
  • Second, we will not automatically disable forks in a network based on the takedown of a parent repository unless the takedown notice explicitly includes them.
  • Last but not least, we've published a completely revamped DMCA policy as well as a pair of how-to guides for takedown and counter notices to make our process more transparent and easier to understand.

Some Background

The Digital Millennium Copyright Act (DMCA) is a United States law that establishes how copyright holders must file complaints with internet service providers (ISPs) like GitHub, and what the ISPs must do in response.

The DMCA takedown process usually takes place behind closed doors, with little visibility for impacted users, let alone the opportunity for those users to modify the allegedly infringing content.
The average DMCA policy is also usually written in dense legalese that can be difficult to understand.

Our users deserve better.
GitHub already promotes transparency by posting DMCA takedown notices in a public repository.
And our Support Team works hard to help our users navigate the process.

Like most other ISPs, we have been disabling content whenever we receive a complete and seemingly legally adequate DMCA notice.
We have learned, however, that the conventional process is not a perfect fit for Git-versioned software projects.
So we decided to make some changes.

GitHub's New Policy

The first change is that from now on we will give you an opportunity, whenever possible, to modify your code before we take it down.
Previously, when we blocked access to a Git repository, we had to disable the entire repository.
This doesn't make sense when the complaint is only directed at one file (or a few lines of code) in the repository, and the repository owner is perfectly happy to fix the problem.

In practice, our support team would often shuttle messages between the parties to work out a way for them to fix it.
That usually worked out well and everyone ended up happier at the end of the day.
So we are making it a formal part of our policy, and we are going to do it before we disable the rest of the repository.

The second change is that if we receive a takedown notice for a parent repository, we will not disable forks in the network unless they are specifically identified in the notice.
In our system, parent and fork repositories are linked so that if one is disabled, they are all automatically disabled.
In many cases, however, forked repositories may be different in significant ways from the parent.
Accordingly, from now on we will require copyright owners to investigate and report each fork explicitly in a DMCA takedown notice.
If some forks are not identified, we will split up the network to avoid needlessly disabling unnamed fork repositories.

Finally, we've also taken this opportunity to completely revamp our DMCA policy itself so that it is easier to understand, provides more background information, additional resources and outlines the process in detail.
We want you to understand clearly what a takedown means, how to submit a takedown notice to GitHub, and how to respond to one if you believe there has been a mistake and want your content restored.
We hope you find our revised policy easier to use.

Please feel free to email us with questions or comments at copyright@github.com.

Linking merged pull requests from commits

We've been including the containing branches and tags on commit pages to give you more context around changes. Now, commits in a repository's default branch will also show you the pull request that introduced them.

no touching

In the pull request, you can see the discussion around why the commit was introduced, and get a clearer picture of the reason for the change.

As always, if you know the commit SHA, you can skip the commit page and search for the pull request directly.

For more information, check out our Help docs.

The best developer tools, now free for students

There's no substitute for hands-on experience, but for most students, real world tools can be cost prohibitive. That's why we created the GitHub Student Developer Pack with some of our partners and friends: to give students free access to the best developer tools in one place so they can learn by doing.

GitHub Student Developer Pack Logo

More than 100,000 students have already taken advantage of free access to GitHub, collectively pushing code more than 50,000 times per day. With the GitHub Student Developer Pack, students now have free access to an entire suite of useful developer tools, including:

Atomatom.io
A hackable text editor for the 21st Century
Open Source by GitHub, free for everyone

Bitnamibitnami.com
Install cloud applications in a single click
Business 3 plan (normally $49/month) for one year

Crowdflowercrowdflower.com
Crowdsourcing and data enrichment platform
Access to the Crowdflower platform (normally $2,500/month) and $50 in worker credit

DigitalOceandigitalocean.com
Simple cloud hosting, built for developers
$100 in platform credit for new users

DNSimplednsimple.com
Simple DNS management with one-click services and a robust API
Bronze hosted DNS plan (normally $3/month) for two years

GitHubgithub.com
Powerful collaboration, code review, and code management
Micro account (normally $7/month) with five private repositories while you're a student

HackHandshackhands.com
Live programming help available 24/7
$25 in platform credit

Namecheapnamecheap.com
Domain name registration and SSL certificates
One year free domain name registration on the .me TLD (normally 8.99/year) and one year free SSL certificate (normally $9/year)

Orchestrateorchestrate.io
Database API that includes search, time-series events, geolocation and graph queries
Developer account (normally $49/month) while you're a student

Screenheroscreenhero.com
Screen sharing for collaboration in teams
Individual account (normally $9.99/month) while you're a student

SendGridsendgrid.com
Email infrastructure as a service
Student plan (normally $4.95/month) for one year

Stripestripe.com
Web and mobile payments, built for developers
Waived transaction fees on first $1,000 in revenue processed

Travis CItravis-ci.com
Continuous integration platform for open source and private projects
Private builds (normally $69/month) while you're a student

Unreal Engineunrealengine.com
A complete suite of game development tools made by game developers, for game developers
Unreal Engine (normally $19/month) while you're a student

Get your pack

If you're a student aged 13+ and enrolled in degree or diploma granting course of study, the GitHub Student Developer Pack is for you. All you need is a one of the following:

  • School-issued email address
  • Valid student identification card
  • Other official proof of enrollment (enrollment letter, transcript, etc)

Get your GitHub Student Developer Pack

If you're already using GitHub with a student account, you've automatically been given access to the developer pack. You can access all the offers at https://education.github.com/pack.

Join the pack

If your company produces developer tools and wants to be included in the pack, pass us a note.

SVG Viewing & Diffing

In the spirit of making diffs of rich information easier to parse, SVG images are now viewable and diffable on GitHub!

SVG diff demo

As always, you can find more details in our help documentation.

Managing Issues and Pull Requests Across Repositories

Keep track of all of your issues and pull requests with the new Issues Dashboard and the new Pull Requests Dashboard.

Dashboards

When we rebuilt GitHub Issues earlier this summer, we made it easier to search and filter issues and pull requests in a repository. Now it's time to think bigger: these new dashboards let you manage your work across all of your repositories at once. You can find links to them at the top of your News Feed.

Use them to quickly find issues you've created. Or pull requests that mention your username. Or issues that have been assigned to you. Or go ahead and use any of our custom advanced search filters and create your own often-used search... the sky's the limit.

Security vulnerability in bash addressed

Update: 2014-09-29 23:10 UTC

We have published an update to the Git Shell tools for GitHub for Windows, which resolves the bash vulnerabilities CVE-2014-6271, CVE-2014-7169, CVE-2014-7186 and CVE-2014-7187. If you are running GitHub for Windows, we strongly encourage you to upgrade. You can check if you are on the latest version, and upgrade if needed, by opening "Tools" -> "About GitHub for Windows..."


Update: 2014-09-28 17:30 UTC

Two new bash vulnerabilities, CVE-2014-7186 and CVE-2014-7187, have been discovered. We have now released special patches of GitHub Enterprise using the latest upstream bash fix for CVE-2014-7186 and CVE-2014-7187. Upgrade instructions have been sent to all GitHub Enterprise customers, and we strongly encourage all customers to upgrade their instance using this latest release. GitHub.com remains unaffected by this vulnerability.


Update: 2014-09-26 00:22 UTC

Security patches released yesterday for the bash command vulnerability identified in CVE-2014-6271 turned out to be incomplete, and a new vulnerability, CVE-2014-7169, was identified. We have now released special patches of GitHub Enterprise using the latest upstream bash fix for CVE-2014-7169. Upgrade instructions have been sent to all GitHub Enterprise customers, and we strongly encourage all customers to upgrade their instance using this latest release. GitHub.com remains unaffected by this vulnerability.


Update: 2014-09-25 15:45 UTC

GitHub is closely monitoring new developments that indicate the existing bash patch for CVE-2014-6271 is incomplete. The fix for this new bash vulnerability is still in progress, but we will be releasing a new patch for GitHub Enterprise once it has been resolved. At this time, we still strongly encourage all GitHub Enterprise customers to update their instances using the patch made available yesterday.


This morning it was disclosed that Stephane Chazelas discovered a critical vulnerability in the GNU bash utility present on the vast majority of Unix and Linux systems. Using this vulnerability, an attacker can force the execution of arbitrary commands on an affected server. While these commands may not run with root privileges, they provide a significant vector for further exploitation of a system.

We have released special patches of GitHub Enterprise to fix this vulnerability, and have provided detailed instructions to all our Enterprise customers on how to upgrade their instance. An immediate upgrade is required.

None of the extensive penetration testing we've performed today has uncovered any vulnerability on GitHub.com, including git over SSH. As an added precaution, however, we have patched all systems to ensure the vulnerability is addressed.

Third Annual Data Challenge Winners

The entries are in, the votes are tallied, and we've chosen the winners for our third annual Data Challenge!

First Place

Our first place winner is Issue Stats (repository), by @hstove.

rails_rails_-_issue_stats

Issue Stats tracks the time it takes for your project to close issues or merge pull requests. You can then display this data through a convenient badge in your project's README file or elsewhere. Issue Stats are easy to get started with, easy to understand, and simple to incorporate into your project — be sure to also check out the other analyses and visualization too.

Second Place

In second place is GitHut (repository), by @littleark.

githut_-_programming_languages_and_github

Moving through the quarters of the calendar year, GitHut compares programming languages by development activity (via active repositories and push volume), collaboration (via forks and issues), social activity (new watchers on GitHub), and the language's age. GitHut makes it easy to compare and contrast languages over many metrics without overwhelming the viewer.

Third Place

The third place winner is Eigenfaces, by @c-w.

c-w_github-data-challenge-2014

The Eigenfaces project sampled about 8,000 user avatars, after filtering for automatically generated pictures (like Identicons) and other outliers, then used a machine learning technique called principal component analysis to reduce these avatars to the 20 most significant "features". Each "feature" is interpretable as a shape that contributes significant amounts of variance to the entire body of avatars that were sampled.

Congratulations and Thanks!

Congratulations to our three winners! The first place winner receives travel, lodging, and attendance to Presenting Data and Information, a one-day course offered by Edward Tufte this December in San Francisco. Our second and third place winners will receive cash prizes.

Each year we receive entries that raise the bar for quality and exceed our expectations — this year was no exception. In fact, this year we received a record 79 entries from all over the world! We want to extend our sincere thanks to every individual and team that submitted an entry this year. We're extremely gratified by the level of craftsmanship and creativity exhibited by your entries, and humbled by the obvious amount of work involved. Thank you!

We hope you enjoyed checking out this year's winning entries. We can't wait for next year.

View Issue/Pull Request buttons for Gmail

If you're a Gmail user who gets GitHub notifications via email, you'll notice
that we've added subject-line links to issues and pull requests on notification
messages.

View Issue/Pull Request buttons

You can use these links to more quickly access content on GitHub -- all without
having to open your email notifications.

This feature is brought to you using Gmail's Actions in the Inbox.

Introducing TODO for companies that are committed to open source

TODO

GitHub has always been about making open source software better, and today we're launching TODO with a number of partners to help large organizations better support the open source community. If your company has an open source program–or is looking to initiate one–we hope you'll join us.

With TODO, we want to talk openly and develop openly to solve the unique challenges of using and building open source technologies within companies of all sizes. We plan to explore topics like what it looks like to release open source projects, how to shift ownership of projects from companies to the community, and how to make sure that open source projects remain healthy and active.

The inaugural members of TODO include Box, Dropbox, Facebook, GitHub, Google, Khan Academy, Square, Stripe, Twitter, and Walmart Labs. You can visit todogroup.org to sign up and learn more.

Join GitHub in support of the open Internet

Our open and free Internet fuels some of the most incredible innovation in history. It provides new opportunities for billions of people to communicate and collaborate, contributes to economic growth across the world, supports a flourishing open source community, and changes the way we live our lives for the better.

GitHub stands in solidarity with our Internet peers in urging all our US-based users, customers, and fans to call, write, or tweet at your local Senator or Congressperson to let them know you oppose the FCC's proposed changes to the net neutrality landscape.

We believe a new Internet "fast lane" that only privileged businesses can buy into threatens freedom of choice for users, and could ultimately harm the efforts of developers building and shipping both open source and commercial software. Without net neutrality, your users could have a very different experience of your software depending on how much Internet providers are paid.

Congress has the power to take real action to ensure the Internet remains an open platform for speech and commerce. For example, when cable television called into question the traditional conflict between physical point-to-point telephone communication and airwave television broadcasts, Congress responded by adding Title VI to the Communications Act.

GitHub believes that with encouragement and education from the broader Internet community, Congress can be motivated to take action once again. In May of this year, we indicated our support of net neutrality by co-signing a letter to the FCC, but we're not there yet.

We think an open and free Internet is a better Internet, and today we’re asking you to join us by telling Congress you agree.

Better Word Highlighting in Diffs

Commits, compare views, and pull requests now highlight individual changed words instead of the entire changed section, making it easier for you to see exactly what’s been added or removed.

Old and new highlighting behaviors

And, of course, it works great with split diffs, too:

New highlighting in split diff