GitHub adds PHP and Composer dependency graphs

Here are some great news from GitHub: Dependency graph support is now available for PHP repositories with Composer dependencies.

You may see security alerts on your repositories as dependency graph support rolls out. When there’s a published vulnerability on any of the Composer dependencies that your project lists in composer.json and composer.lock files, GitHub will send you an alert including email or web notifications, depending on your preferences.

These now work for both public and private repositories, and repository admins can enable or disable the features as needed.

996.ICU

There has been some noise in the mass media about the 996.ICU (official website) recently. That’s good, but I think we can do better. So, spread the word!

Here are a few bits to get you started:

The name 996.ICU refers to “Work by ‘996’, sick in ICU”, an ironic saying among Chinese developers, which means that by following the “996” work schedule, you are risking yourself getting into the ICU (Intensive Care Unit).

What is 996?
A “996” work schedule refers to an unofficial work schedule (9 a.m.–9 p.m., 6 days per week) that has been gaining popularity. Serving a company that encourages the “996” work schedule usually means working for at least 60 hours per week. Visit 996 working hour system on Wikipedia for more details.

GitHub and Microsoft works support the 996.ICU initiative, as well as many other companies and teams.

GitHub : Draft Pull Requests

Here are some exciting news from GitHub – an introduction of the Draft Pull Requests. I think this is a very welcome addition to GitHub features.

At work, we’ve been using a work around to solve the problem – a [WIP] prefix in the title of the pull request, which means that this is “Work In Progress” and the PR shouldn’t be merged.

While the prefix does help, it’s not as good as the new Draft Pull Requests. Somebody can still merge a [WIP] pull request by mistake. But with Draft Pull Requests, merging is blocked, until the developer indicates otherwise.

Great stuff!

DevHub: TweetDeck for GitHub

If you are spending a lot of time on GitHub, following people, teams, and projects, then checkout DevHub – a TweetDeck-like application for GitHub that works on Android, iOS, and as a web application.

It conveniently brings together your repositories, notifications, and all the other goodies, helping you to significantly cut down the time and mouse clicks.

Awesome git addons

Awesome git addons is yet another one of those curated awesome lists.  This time it’s for git version control tool.  And once again, it’s mind blowing.

Git itself is a very flexible and powerful tool.  But it truly amazing how far some people take it.  In the list you can find anything from aliases for complex commands, to full-featured integrations with GitHub, git flow process, deployment tools, and much more.