GitHub kicked off its virtual Satellite developer event today by unveiling Codespaces, a cloud-based code editor integrated into its platform that will roll out alongside several new security features.

Codespaces propels the Microsoft Corp. subsidiary into a competitive new market. There are many rival offerings out there, including Amazon Web Services Inc.’s Cloud9 platform, as well as open-source coding toolkits such as Eclipse that boast strong followings.

Codespaces is a cloud-based version of Microsoft’s open-source Visual Studio Code editor. The tool can be launched directly from GitHub’s namesake code hosting platform, which is used by more than 50 million developers worldwide, according to data released today.

GitHub is betting that giving software teams the ability to edit their code in the same platform on which they host it will set Codespaces apart from the competition. But in keeping with GitHub’s 2018 pledge to “remain an open platform” under Microsoft, the tool will also accommodate users who opt to use rival integrated development environments. Developers can create a Codespaces instance in the cloud and then connect to it via their desktop-based IDE of choice.

GitHub has thrown in a number of more advanced features as well. Notably, developers can customize Codespaces for each project to preload the tools necessary to their work.

The feature is designed to spare users the “dozens of steps” often involved in configuring a development environment, GitHub head of product Shanku Niyogi wrote in a blog post today.  “Codespaces can be configured to load your code and dependencies, developer tools, extensions, and dotfiles,” the executive explained. Nijyogi wrote that GitHub will offer the Codespaces editor at no charge  and will monetize the product by offering tools to handle computationally-intensive tasks such as software builds.

Codespaces instances run in a “VM with two cores and four gigabytes of RAM, completely set up,” Allison McMillan, GitHub’s director of software engineering, elaborated during the Satellite video stream today. “You can see your app running live just like you would locally” once the code is ready to test, she added. 

Codespaces is joined by a set of other platform enhancements announced today that mostly focus on security.

For open-source projects, GitHub is introducing free security scanning as a native feature. GitHub last year introduced a tool that scans repositories for vulnerabilities and it’s now integrating the technology directly into the “git push” command developers use to release new code. Users collaborating on open-source projects will also have access to an improved forum interface called Discussions for brainstorming ideas. 

Enterprise customers are receiving new security capabilities too. GitHub is rolling out a so-called secret scanning feature for internal code repositories that points out if engineers accidentally leave passwords, encryption keys and other sensitive data in code files. GitHub is also introducing a hosted version of its platform’s security-conscious enterprise version.

GitHub Private Instances are a “fully-managed option for our enterprise customers,” Niyogi wrote. “Private Instances provides enhanced security, compliance, and policy features including bring-your-own-key encryption, backup archiving, and compliance with regional data sovereignty requirements.”

Image: GitHub