Rules to Better GitHub - 22 Rules
Pull requests make others know about changes you've pushed to a repository. Once a pull request is sent, people can review changes, discuss potential alterations, and even push follow-up commits, if necessary.
Consistent naming is important so that users of your GitHub account can easily find what they are looking for and so that you appear professional.
It is important to add a description to your repositories so they do not appear blank in the preview on your GitHub profile.
It is important when working in multiple projects to ensure consistent practices.
Structuring your repositories consistently makes your project feel professional, and makes it easier to work with as it is predictable.
It is important that you, especially a developer, knows how to use labels for GitHub issues when using an open source project on GitHub, as it would help compact issues and make the issue management workflow more efficient. Essentially, having such a predictable workflow will let the community feel professional.
Every new repository comes in with some default labels out of the box that you could use to label your issues to help create a standard workflow in a repository. A list of the default labels and their general uses can be found here: GitHub - Managing Labels
Depend on projects, there often need to be new labels created on top of the default labels. For instance, when you are using an internal project management solution (such as Azure DevOps) for an open source project, a new label "added to backlog" is created and applied to applicable issues specifically for demonstrating that an issue has been added to the Azure DevOps backlog and is being worked on for the community. This way you can give the community an understanding of the current goals of the project and a higher feeling of interactivity with your development team.
Bad Example: It is hard to understand what issues are being worked on
Good Example: It is very simple to understand if an issue has received attention
Topics are a great way to classify your repositories on GitHub.
Topics are free text tags that help identify the technologies, purpose, and intent of your project.
Adding topics can increase the discoverability of your repos for both bots and human searchers.
GitHub introduced topics in 2017, and you can use topics to search for repositories. For example, if you are looking for Blazor examples or libraries, you can enter Blazor as a search term, and then refine the search to repositories that have been tagged with the ‘Blazor’ topic.
Topics also help others to find your repository and increase the visibility and discoverability of your work.
When you have a public project in GitHub you have some graphs available that give you some statistics helping you to understand who is using your project and why they are using it. These graphs can be found under the Insights tab.
Read more about the project’s graphs: https://help.github.com/en/github/visualizing-repository-data-with-graphs/about-repository-graphs
Some project graphs available:
Read more about Pulse Graph : https://help.github.com/en/github/visualizing-repository-data-with-graphs/viewing-a-summary-of-repository-activity
Read more about Contributors Graph : https://help.github.com/en/github/visualizing-repository-data-with-graphs/viewing-a-projects-contributors
Read more about Traffic Graph : https://help.github.com/en/github/visualizing-repository-data-with-graphs/viewing-traffic-to-a-repository
As a software developer, it is very common to see a pull request. The quality of a pull request can vary - sometimes we have to deal with a cryptic pull request and sometimes we find a very well written pull request.
Having a great pull request message can help your peers to understand your pull request quickly so they can review your pull request faster and also give you better suggestions.
While the pull request itself is valid and may offer a high value, you need to spend a bit of time to understand what is the context of this pull request and what does it change. Doing this step can take your time easily from 1 minute (if you just recently touched the code) to more than 10 minutes (if it has been a long time since you worked on it - or even if you have never touched the code).
Writing a great pull request can help your peers to understand your code better and therefore, they can give you better insights (or faster review turnaround time, that's great!).
There are a couple of things that you can do to improve your pull request:
- Write a concise and self-explanatory title
- Write a concise and descriptive body
- Link the pull request to the associated issues / PBIs
The key to writing a concise pull request is to base the pull request itself on a PBI / issue.
Example PBI title: Product Backlog Item 100359: "Desktop App | Exporting occasionally failed"
Pull request title: "Fix exporting"
Bad example - Pull request title does not tell what issues have been fixed and how
Pull request title: "Fix desktop app exporting - prevent database concurrent access while exporting"
Good example - Pull request title briefly describe the fix that it has
The important information in the title are:
- What the pull request will do
- How the pull request achieved it
Having the "What" information allows the reviewers to quickly understand what this is about while having the "How" can help the reviewer to quickly understand how your pull request solved the problem. Sometimes we might want to put the "How" in the pull request body if it is too long or hard to explain in one sentence.
Pull request body is a medium for the developer to tell the reviewers what the pull request is about. Things that need to be kept in mind before writing a pull request body:
- What the pull request is about and why did you raise a pull request
- How did the pull request will achieve the feature/fix the bug/other goals it may have
- (Optional) Put a screenshot if it will help the reviewer to understand the changes (e.g. front-end cosmetic change)
- (Optional) What do you want the reviewers to do - this can be approvals (most of the case) or looking to get more feedback on a piece of code in the pull request.
There is also a well-known pull request semantic like Conventional Commits on how to write a pull request body, but we can still have a great pull request without using such semantic.
Since we already have a great title and body, the last thing to do is to associate this pull request to the related PBIs or issues.
Linking an issue to a pull request can serve as documentation on which development work that was done on a specific PBI/issue. It may help the team in the future to debug when and which changes were introduced and what was the original specification of that piece of work.
Some websites use GitHub to manage their content (e.g. SSW Rules). GitHub makes reviewing changes easy through "Pull Requests".
A Pull Request is a request to make changes to 1 or more files. GitHub provides out of the box functionality for reviewing changes in a pull request. This process is as follows:
- Open the Pull Request
Examine the changes using the tabs:
- Conversations: Comments people have made about the change
- Commits: Summary of the changes the requester has made
- Checks: You can ignore this if you are not a developer
- Important - Files changed: See the difference between the old and new files being changed. Red highlighting indicates deleted parts and green highlighting indicates added parts.
This visual preview of the changes to a markdown file is accessed via Files changed | Display the rich diff
Approve OR ask for changes
a. Go to Files changed | Review changes
b. Select an option:
- Choose "Approve" to mark it as ready to go live
Add a comment with feedback (if necessary)
- Choose "Comment" for general feedback when PR it's not ready for approval
- Choose "Request changes" for mandatory changes to the PR
c. Press "Submit review" so that the requester can see it
- Choose "Approve" to mark it as ready to go live
- Done - your review has been submitted ⭐
Written communication can easily cause misunderstandings. Help the reader understand your message better by:
- Using “>” and indentation when quoting the text from others, like the original email you are replying to, or a web page, etc.
- Your new text should be kept to the left
- Add numbers if the sender didn't and it is appropriate
This way you won't forget any questions in the original email.
To: Adam Subject: RE: Change on Northwind app
Figure: Bad Example - there's too much information here
To: Adam Subject: RE: Change on Northwind app
Figure: Good Example - You can clearly see the context of each part of the reply
- When using Outlook, the raw “>” character may be automatically formatted to a “>” bullet point. This change is a problem because it may change to a normal bullet point after being sent. To prevent this issue, press Control+Z to turn it back into the raw “>” character.
- For those using mobile devices the indentation function is not available, try instead using 3 spaces to indent manually.
When using GitHub, you can use 4 spaces to indent a task and get clear separation between task and response. You can also use a ">" symbol to achieve a similar result.
You can find more info about GitHub syntax at Basic writing and formatting syntax.
Video: Top 10+ Rules to Better Email Communication with Ulysses Maclaren
Note: Some people also use a different text color in their reply, but this is generally overkill
It is important when creating a new repository, to set it up correctly. Repositories without Descriptions, ReadMe files or licenses do not appear professionally built.
Reading ugly commits is not very pleasant and makes it very confusing when you have to check the commit history.
Ways to improve your commit log:
- "Fixed bug with emoji engine"
- "Added new emoji filter"
- "Updated Architecture Diagram to have emojis"
Even better is to add a helpful prefix to categorize your commits.
- "Fix: Fixed bug with emoji engine"
- "Feature: Added new emoji filter"
- "Doc: Updated Architecture Diagram to have emojis"
In a text message, emojis helps to add emotion and context to plain text. Why not use them in commit messages too 😃?
- "🐛 Fixed emoji engine in language component"
- "🚀 Added emoji filter on Snapchat"
- "📄 Added emoji’s to changelog"
There are a bunch more options to choose from - carloscuesta/gitmoji: An emoji guide for your commit messages. 😜 (github.com)
You can even go 🤘 hardcore and use the gitmoji cli - carloscuesta/gitmoji-cli: A gitmoji interactive command line tool for using emojis on commits. 💻 (github.com)
See what emojis work best with each topic here: https://gitmoji.dev/
If a Product Owner sends an email to the development team with a request, that email should be turned into a Github Issue before any work is started or the work is prioritized on the backlog.
Power Automate has a connector to do this automatically when an email arrives in Outlook. It can create a new Github Issue by parsing the From, To, Subject and body of the email.
However, at the moment there is a limitation that it doesn't read inline attachments in emails and therefore you have to create your issues manually in Github.
🔥 Warning: This Flow connector does not suport inline images.
If all members use 2FA in your organisation, the risk of unauthorised access to your repositories is lower. GitHub organisations can be configured to require all members to use 2FA to join.
- Go to your organisation | Settings | Organization security
- Under 'Two-factor authentication', select 'Require two-factor authentication for everyone in your organization'
Enforcing 2FA in an existing organisation will remove members that are not using 2FA.
See the GitHub docs Requiring two-factor authentication in your organization
When deleting GitHub repositories, it can be hard to tell if you are on a fork or the base repository as the interface is very similar. This can lead to accidental deletions of base repositories.
To avoid this, the organisation owners should be the only members allowed to delete repositories. Follow these instructions:
- Go to your organisation | Settings | Member privileges.
- Under 'Repository deletion and transfer', ensure 'Allow members to delete or transfer repositories for this organization' is deselected
See GitHub docs Setting permissions for deleting or transferring repositories
This will ensure that even Admin users cannot accidentally delete or transfer repositories
Disabling the 'Allow force pushes' and 'Allow Deletions' settings on your main branch will protect the branch from being accidentally deleted and the history from being rewritten.
Using force push is dangerous and should be used with extreme caution, as it will override other contributor's changes with your own — and it won't stop to check if it will override any changes pushed up to remote in the process.
- Go to your repo | Settings | Branches
- If it doesn't already exist, create a branch protection rule on the 'main' or 'master' branch
- Ensure 'Allow force pushes' and 'Allow Deletions' are disabled
- Save changes
See the GitHub docs Managing a branch protection rule
If you need to check that your code changes will build, you can use required status checks. Status checks are GitHub Actions that are required to succeed before the PR can be merged, so developers wont be able to merge failing code. You can enable required status checks in the same location as 'Allow force pushes' and 'Allow Deletions'.
See the GitHub docs Require status checks before merging
You can use teams within a repository to manage a whole group's permissions instead of setting permissions for each new member of the organisation.
Correctly configuring your organisation's teams structure will make it easy to give members the permissions level that they need. You can add teams to repositories to manage their roles.
Another benifit of using teams is that you can metion a whole team in a discussion instead of individual members. See Mentioning people and teams
See docs for here.
Increasing a member's permissions also increases the amount of damage they can do. As a good rule of thumb, only give members the access that they need to complete their work.e.g. You do not want developers to have force-push permissions on the main branch, as they might accidentally delete branches and code by mistake!Note: If you are still using Azure DevOps, force-push permissions into a repo is only allowed for Project Administrators, so pick your administrators well.
See GitHub docs Repository permission levels for an organization
Using GitHub Webhooks, you can set some default permissions for every new repository inside an organisation.
You can use the repository event to trigger a GitHub action to set the permissions.
See the GitHub docs Permissions API
Add example of a GitHub action that sets the permissions
By adding this to your organisation,every new repo will already have the optimal permissions and privileges.
GitHub notifications can be frustrating if they are not setup for your personal preferences. For example, you may not want to receive an email everytime an automated GitHub action runs against the repo. To configure how many and how you receive your GitHub notifications follow this process.
- From GitHub Profile Dropdown | Settings | Notifications
- Customise the settings as you see fit.
From the default remove:
- Automatic watching x2
- Dependabot alerts x5
- GitHub Actions x1
- Email notification preferences | Pull Request pushes x1
GitHub Issues offer a great way of raising Issues within projects. However, it can be difficult to distinguish whether the Issue is a bug, feature request or just a question. GitHub Issue Templates should be used to help standardize Issues and ensure they have enough information for a developer to start work.
Let's take a look at how implementing Issue Templates can improve repository backlogs...
Notifications from GitHub can be quite a pain, as they send a lot of emails. This leads to many developers ignoring the important emails they receive.
To reduce this spam and to make the notifications have value, make sure to configure your GitHub Notifications.
The important one here is to make sure the item marked Send notifications for failed workflows only is checked, so that you receive emails for failures in your deployments.