In this week’s #TheLongView: The npm registry suffers spam infestation, and Microsoft makes Google sad.
How Bazel and GitHub Can Fix the Dependency Availability Problem
Recently, GitHub upgraded the internal version of Git they use to produce repository archives. You’ve probably used these archives before if you’ve downloaded a .zip or .tar.gz file from a repository at a particular version. GitHub produces those archives on demand using Git archive and caches them for a short time. Upgrading Git regularly is […]
GitHub Extends Scope and Reach of Repository
GitHub today at its GitHub Satellite virtual conference announced it has made it easier for developers to either launch a project or join an existing project on its repository and has added collaboration tools directly within the platform. GitHub is also moving to advance DevSecOps by adding code scanning tools and making secret scanning tools […]
200 Billion Downloads Can’t Be Wrong
Laurie Voss, COO and co-founder at npm (@seldo), tweeted recently that JavaScript packages downloaded from their repository has topped 4 billion. On an annual basis, that would be more than 200 billion downloads. Wow. Just as open source software turns 20 years old this year, these numbers are a testament to the incredible magic that happens when […]
GitHub Applies Data Science to Managing Code
Over the last several years GitHub has emerged as one of the primary repositories around which application development now revolves. At its recent GitHub Universe 2017 conference, the company revealed how it is extending that central role to provide DevOps teams with the addition of a dependency graph that can be employed to alert DevOps […]