in

Microsoft's GitHub: Now open-source developers get 'one linter to rule them all'

Having a tool that checks source code for programming blunders and other errors is useful for developers. Now Microsoft-owned GitHub has released the ‘Super Linter’ to help developers avoid the hassles of setting up code repositories with multiple linters. 

The new Super Linter is built on GitHub’s Actions tool for automating certain development workflows and aims to help developers contributing to projects built with multiple programming languages.  

GitHub describes it as a “simple combination of various linters, written in bash, to help validate your source code” for the purpose of preventing broken code from being uploaded to a ‘master’ branch, the key branch that other branches in a tree are merged to. 

Incidentally, GitHub has decided to drop the term ‘master’ (versus slave) and replace it with ‘main’ in light of the Black Lives Matter protests, but it hasn’t done so yet.  

The Super Linter Action lets developers ‘lint’ or check their code base using popular linters for Python, JavaScript, Go, XML, YAML, and more programming languages. As such, GitHub engineer Lucas Gravley describes the Super Linter as the “one linter to rule them all”. 

“The GitHub Super Linter was built out of necessity by the GitHub Services DevOps Engineering team to maintain consistency in our documentation and code while making communication and collaboration across the company a more productive experience,” says Gravley. 

The Action also helps developers build guidelines for code layout and format, streamline code reviews, and ultimately ship cleaner code to customers and partners. 

“When you’ve set your repository to start running this action, any time you open a pull request, it will start linting the code case and return via the Status API. It will let you know if any of your code changes passed successfully, or if any errors were detected, where they are, and what they are,” explains Gravley. 

The Super Linter doesn’t fix problems but does flag them, so developers can then go back and fix them before they reach the master branch. 

While GitHub is a site to host code, the company, which Microsoft bought for $7.5bn in 2018, has helped automate the process of distributing and deploying open-source software, based on Linus Torvalds’ git system for the Linux kernel. 

Torvalds built git to ensure different versions of software can be tracked as it evolves between distributed contributors.

Other GitHub automation services include Dependabot, its tool for automatically fixing bugs in software dependencies. 

It also delivers automatic security alerts to projects when it detects vulnerabilities in code written in several popular languages, such as PHP, JavaScript, Ruby, Python, Java and .NET.

Open Source


Source: Information Technologies - zdnet.com

Security surprise: Four zero-days spotted in attacks on researchers' fake networks

Microsoft Defender ATP now scans Windows 10 PC firmware for hardware rootkit attacks