Upcoming Changes to Assignment Repositories and Starter Code in GitHub Classroom

In January, GitHub Classroom will begin a public beta that will change the way student repositories are created from starter code repositories. Currently, starter code repositories must be template repositories, and GitHub Classroom creates a repository from a template for each student repository. After the change, student repositories will be created by forking the starter code repository.

This change allows us to enable one of our most-requested features from teachers: the ability to change starter code after an assignment has been accepted by students. Students will be able to sync their assignment repository with the upstream starter code, allowing teachers to correct starter code mistakes or add additional content after the assignment has gone live to students.

Because there are important differences between creating a repository from a template and forking a repository, there will be important changes in behavior for both new and existing assignments in GitHub Classroom. We recommend reviewing the following new behaviors and making adjustments to your assignments if necessary.

Important Changes starting in January

  • All new accepted assignments will be forks, including existing assignments that were created with a template repository. Existing assignment repositories will not be changed, so they will not be able to sync changes from upstream.
  • Starter code assignments cannot be empty. If you are using a starter code repository without any commits, students will not be able to accept your assignment. GitHub Classroom will enforce this requirement for new assignments, but you will need to manually create an initial commit to existing empty starter code repositories in order for students to accept assignments.
  • Starter code commits will no longer be automatically squashed in student repos. A new fork includes the entire commit history of the parent repository, while a repository created from a template starts with a single commit. This can affect teachers who may have assignment solutions in the commit history of the starter code. We recommend using Git on the command line or GitHub Desktop to squash commits of starter code repositories prior to distributing assignments to students if you previously had solutions filled-in the starter code.
  • Student repository visibility will be inherited from the starter code repository. Forks of public repositories cannot be made private on GitHub. As a result, if you wish to use a public template repository as starter code for an assignment where student repositories should remain private, we recommend creating a new repository from the public template and setting it to private prior to using it as starter code in a GitHub Classroom assignment.

Be on the lookout for another Changelog post when the public beta begins. Join the conversation in our Education community discussions for further clarifications.

Dependabot Grouped Security Updates Public Beta

Reduce pull request noise and fix multiple security alerts at once with Dependabot grouped security updates.

Starting today, you can enable grouped security updates for Dependabot at the repository or organization-level. When you click “Enable” for this feature, Dependabot will collect all available security updates in a repository and attempt to open one pull request with all of them, per ecosystem, across directories. There is no further configuration available at this time.

Known limitations

  • Dependabot will NOT group across ecosystem (e.g. it will not group pip updates and npm updates together)
  • Dependabot WILL group across directories (e.g. if you have multiple package.json’s in different directories in the same repository)
  • If you have version updates enabled as well, Dependabot will NOT group security updates with version updates
  • If you use grouping for version updates, your groups configuration in dependabot.yml will NOT apply to security updates

To enable this feature, go to your repository or organization settings page, then go to the Code security and analysis tab, and click "Enable" for grouped security updates (this also requires each affected repository to enable Dependency graph, Dependabot alerts, and Dependabot security updates). When you enable this feature, Dependabot will immediately attempt to create grouped security pull requests for any available security updates in your repository.

We'd love to hear your feedback as you try this feature! Join the discussion within GitHub Community.

See more

Updates to repository pages

We are rolling out a few minor updates to the user experience for GitHub repositories starting today, in order to be more responsive, performant and more easily accessed by a broader range of users.

Repository Overview:
Screenshot of repository overview page showing entering a letter to expand to go to file menu.

  • Go to file: Quickly get to the file you want from the top of every repository using our existing code search and navigation experience.
  • Special files: If you have Code of Conduct, License, or Security files in your repository, they are now shown in tabs alongside your README.

Branches:
Screenshot of branches page showing the overview tab for branches of GitHub Docs repos.

  • Status checks: At a glance, see the status checks’ details on any branch.
  • Stale Branches: The overview page for branches no longer defaults to showing stale branches to improve load times. You can still easily see stale branches by clicking the “Stale branches” tab.

Commits:
Screenshot of Commits page filtered by date and user.

  • Filters: New commits filters allow you to sort by users or limit results to specific date ranges.

These changes have been in a feature preview for the past few months and thanks to community insights, we’ve made several improvements that allowed us to now exit the preview, and bring these enhancements to everyone on GitHub. Join the conversation about this release in the community discussion.

See more
View all changes