You may see security alerts on your repositories as dependency graph support rolls out. When there’s a published vulnerability on any of the Composer dependencies that your project lists in composer.json and composer.lock files, GitHub will send you an alert including email or web notifications, depending on your preferences.
These now work for both public and private repositories, and repository admins can enable or disable the features as needed.
The name 996.ICU refers to “Work by ‘996’, sick in ICU”, an ironic saying among Chinese developers, which means that by following the “996” work schedule, you are risking yourself getting into the ICU (Intensive Care Unit).
What is 996? A “996” work schedule refers to an unofficial work schedule (9 a.m.–9 p.m., 6 days per week) that has been gaining popularity. Serving a company that encourages the “996” work schedule usually means working for at least 60 hours per week. Visit 996 working hour system on Wikipedia for more details.
GitHub and Microsoft works support the 996.ICU initiative, as well as many other companies and teams.
At work, we’ve been using a work around to solve the problem – a [WIP] prefix in the title of the pull request, which means that this is “Work In Progress” and the PR shouldn’t be merged.
While the prefix does help, it’s not as good as the new Draft Pull Requests. Somebody can still merge a [WIP] pull request by mistake. But with Draft Pull Requests, merging is blocked, until the developer indicates otherwise.
Awesome git addons is yet another one of those curated awesome lists. This time it’s for git version control tool. And once again, it’s mind blowing.
Git itself is a very flexible and powerful tool. But it truly amazing how far some people take it. In the list you can find anything from aliases for complex commands, to full-featured integrations with GitHub, git flow process, deployment tools, and much more.