GitHub throws open doors on 'app' souk
Online store will try to make developer tools work better for businesses
Social code repository GitHub is making it easier for developers to fetch data and spend money.
In conjunction with the company's Satellite 2017 conference in London on Monday, GitHub is rolling out GitHub Marketplace, a store for development tools that assist with tasks like continuous integration, code reviews, and project management.
Kyle Daigle, senior engineering manager for GitHub's API group, in a phone interview with The Register, said that some 60 per cent of GitHub's business customers use an integration of some sort. An example might be crash reporting and error logging software Sentry.
Marketplace, Daigle said, removes a barrier to using other software with GitHub by allowing payments to flow through GitHub accounts and by providing a single point to manage these integrations.
GitHub has produced an inexplicably folksy video that suggests some sort of parallel between a weaver's effort to obtain loom tools and a developer's effort to deploy coding tools. It's unclear what the producers of the video were thinking.
GitHub also plans to announce that its GraphQL API is ready for production usage. Introduced last year as a preview release, the GraphQL API provides an alternative to requesting GitHub data via REST APIs.
GraphQL was released in 2012 by Facebook and has since been adopted by a handful of companies including GitHub, Intuit, and Pinterest. It's a query language for APIs and a server-side runtime for requesting data through a user-defined type system.
It's useful in situations where the client software benefits from being able to customize data requests for the sake of efficiency.
For example, a single GraphQL request can often be tailored to take the place of multiple REST requests. This turns out to be useful for maintaining app responsiveness on slower networks.
"GraphQL is built with product engineers in mind," said Daigle. "With GraphQL, it's just a graph of data. The power is we just define relationships and engineers can write a query."
As an example, he suggested he might want to see all the open issues and comments for a specific code repository. "In REST, that could take 25 or 30 calls, or more," he said. "With GraphQL, it's a single call to the API."
GitHub has also rebranded its Integrations as GitHub Apps and made some adjustments to provide development teams with more control over permissions.
"GitHub Apps are in a way a replacement for OAuth," said Daigle, referring to the authentication scheme by which developers traditionally have been able to connect other applications to GitHub.
OAuth's user-centric model wasn't meeting customer needs, said Daigle. Describing a scenario in which a customer wanted continuous integration for a single repository, configured for read-only access, he said that would be impossible with OAuth.
So GitHub Apps incorporate a more granular permission model that isn't tied to a specific person.
"With GraphQL and GitHub Apps together, we're really making a big change to our platform," said Daigle. "We're changing the way we build software to provide a platform that's the same as our engineers use."
Sponsored: Becoming a Pragmatic Security Leader