Day 81 of #100DaysOfLearning

I know that many of you use GitHub. It is now the de facto standard tool when it comes to source code management.

However, not many people are consciously setting up and using GitHub repositories.

Of course, I think that projects that manage professional code, such as enterprise system development, are well configured. (I believe...)

Today, I'd like to share my thoughts on setting up a GitHub repository.

The following is a transcription of what I have set up in my GitHub repository, organized as a README.

General

General

• Template repository: On
• Require contributors to sign off on web-based commits: On"Require contributors to sign off on web-based commits" adds an additional layer of acknowledgment to commits made through the GitHub web interface. When contributors sign off on commits, they are essentially agreeing to certify that they have the right to submit the code and are licensing it under the project's open-source license.

Features

• Discussions: On"Discussions" is a feature that allows community members to engage in threaded conversations directly within a repository. It's particularly useful for fostering collaboration, gathering feedback, and building a sense of community around your project.

Pull Request

• Allow rebase merging: Off"Allow rebase merging" is a feature in GitHub that allows users to merge pull requests using the "Rebase and merge" option. Rebase merging is a technique where the changes in the pull request are applied on top of the latest changes in the target branch, resulting in a cleaner and linear commit history.By disabling rebase merging, GitHub will only allow traditional merge commits when merging pull requests. This can help maintain a more straightforward history and avoid any unintended consequences associated with rebase operations.

• Always suggest updating pull request branches: OnEnabling the "Always suggest updating pull request branches" setting in GitHub can be beneficial for keeping pull request branches up to date with changes in the base branch. When this setting is enabled, GitHub will automatically suggest updating the pull request branch when it becomes out of date with the base branch, typically due to new commits being added to the base branch.

• Automatically delete head branches: OffBy enabling this setting, GitHub will automatically delete head branches after pull requests are successfully merged, helping to keep your repository clean and organized.

Pushes

• Limit how many branches and tags can be updated in a single push: OnBy enabling this setting, you can add an extra layer of protection to your repository and reduce the likelihood of accidental or unauthorized changes to multiple branches or tags in a single push operation.

Moderation options

Code review limits

• Limit to users explicitly granted read or higher access: OnBy enabling this setting, you ensure that access to your repository is tightly controlled and restricted to only those users who have been explicitly granted read or higher access permissions. This helps protect sensitive information, maintain compliance with security standards, and reduce the risk of unauthorized access or data breaches.

Branches

• Branch name pattern: main

• Dismiss stale pull request approvals when new commits are pushed: OnEnabling the "Dismiss stale pull request approvals when new commits are pushed" option in the "Require a pull request before merging" setting can be beneficial for maintaining the integrity and quality of your codebase. When this option is enabled, GitHub automatically dismisses stale pull request approvals whenever new commits are pushed to the branch associated with the pull request. This helps ensure that pull requests are reviewed against the latest changes and prevents outdated approvals from misleading the merge process.

• Require branches to be up to date before merging: OnEnabling the "Require branches to be up to date before merging" option in the "Require status checks to pass before merging" setting is generally a good practice, especially in collaborative development environments. When this option is enabled, GitHub ensures that the target branch of a pull request is up to date with the latest changes from the base branch before allowing the pull request to be merged. This helps maintain code consistency and prevents merging of outdated branches that may conflict with the latest changes in the base branch.

Tags

• Tag name pattern: [0-9].[0-9].[0-9]Setting a "Tag name pattern" in GitHub can be helpful for enforcing a specific naming convention for tags, such as those used in semantic versioning. Semantic versioning typically follows the pattern major.minor.patch, where each component represents a different level of change in the software.

Actions

• Actions permissions: Allow OWNER, and select non-OWNER, actions and reusable workflows
• Allow actions created by GitHub: On
• Allow actions by Marketplace verified creators: OnThis setting allows repository owners to run actions and reusable workflows, as well as selected non-owners who are explicitly granted permission. It provides flexibility by allowing non-owners to access specified actions and workflows, which can be useful for collaborative projects where contributors need to execute certain tasks.

Codespaces

Access and cost contro;

• Prebuild triggers: Configuration changeBy selecting "Configuration change" as the prebuild trigger, you ensure that Codespaces automatically triggers a prebuild process whenever there is a change in the configuration files of your repository.Selecting "Configuration change" ensures that your Codespace environment is automatically updated whenever there is a change in configuration files such as Dockerfile, .devcontainer, or .codespace. This helps to keep your development environment consistent with the latest configuration settings, dependencies, and tooling specified in these files.Codespaces prebuilds your development environment based on the configuration files before you actually start using it. By triggering a prebuild on configuration changes, Codespaces ensures that any updates or modifications to the development environment are applied proactively, saving time and ensuring a smoother development experience.

Code security and analysis

Dependabot

• Dependabot alerts: OnDependabot alerts notify you when there are known security vulnerabilities in your project's dependencies, allowing you to promptly address them by updating to patched versions.
• Dependabot security updates: OnDependabot security updates automatically open pull requests to update vulnerable dependencies to their latest secure versions whenever security vulnerabilities are detected.
• Dependabot version updates: OnDependabot version updates automatically open pull requests to update your project's dependencies to their latest versions whenever new versions are available.

Code scanning

Code scanning, powered by CodeQL, automatically analyzes your code for security vulnerabilities, coding errors, and other potential issues, providing actionable insights to help improve the overall security and quality of your software.

• CodeQL analysis: DefaultEnabling "Code scanning" with "CodeQL analysis" set to "Default" is a proactive approach to identifying and addressing potential security vulnerabilities and code quality issues in your codebase.

Secret and variables

Repository secrets

• ACTIONS_RUNNER_DEBUG: true"ACTIONS_RUNNER_DEBUG" is an environment variable that, when set to "true," enables debug logging for the self-hosted GitHub Actions runner. This can be useful for troubleshooting issues related to the execution of GitHub Actions workflows on self-hosted runners.
• ACTIONS_STEP_DEBUG: true"ACTIONS_STEP_DEBUG" is an environment variable that, when set to "true," enables debug logging for individual steps within GitHub Actions workflows. This can help you diagnose problems with specific workflow steps and identify issues with commands or scripts being executed.

Was this helpful? Of course, the settings here are just some of the items that can be configured on GitHub.

Please set up your repository according to your needs.