A huge amount of under-the-hood enhancements have been made to GitLive 17.0 to make GitLive more secure, performant and robust than ever! These improvements lay the foundation for several exciting new features now and in the near future.
Here are the features included in this update:
- Simplified onboarding. Sign in and get started straight away without needing administrator privileges on your repository hosting service.
- Sign with OAuth or a personal access token. Credentials are now securely stored locally and only accessed to make direct calls from your local machine to your repository hosting service API.
- Improved support for GitLab self-hosted. No server configuration required and your server no longer needs to be accessible from the internet.
- Your data is now protected by end-to-end encryption. When you share your working tree changes all sensitive data is encrypted, including source code, branch names and file paths.
Getting started with GitLive is easier than ever, install the VS Code extension or Jetbrains plugin and GitLive starts in offline mode using only the git data contained in your local repository. If your repository is hosted with one of our supported services: GitHub, GitLab, BitBucket, Azure DevOps (using something else?) then you will also be prompted to sign in.
Once you are signed in we’ll be able to:
- Notify you the moment there are changes to pull from your remote.
- Show the latest changes in the repository view without the need to fetch them.
- Go live and share your working tree changes with your team.
- Show branches from your organization’s private repositories in the organization view.
- Get a higher rate limit when making calls to your repository hosting service API.
Sign with OAuth or a personal access token
OAuth is the default for cloud services such as github.com, but you can switch to personal access token if required, for example when OAuth app access restrictions are enabled on GitHub for the organization you are signing in to.
Personal access token is the only option available when signing in to a self-hosted repository hosting service such as GitLab Self Managed or Azure DevOps Server.
How we protect your tokens
To keep your access tokens safe in GitLive 17, unlike other developer tools, we do not store tokens on our servers, not even temporarily. Tokens are passed back from the in-browser sign-in process by local deep link and only stored on your local machine where they are encrypted at rest and only accessed to make direct calls from your local machine to your repository hosting service API.
Improved support for GitLab self-hosted
With the introduction of support for sign-in via access token and the fact we now only make direct calls from your local machine to the GitLab API, GitLive 17 supports GitLab self-hosted behind firewalls and so your server no longer needs to be accessible from the internet.
In addition, no special configuration of your GitLab server is required, so you can get started straight away without needing administrator approval!
Your data is now protected by end-to-end encryption
We understand trusting a service with your data can sometimes be daunting, especially valuable intellectual property such as your code. Being developers ourselves who use our own product on a daily basis, we have always made sure GitLive accesses and stores your data sensibly.
To make GitLive even more secure, now when you share your working tree changes all sensitive data is encrypted, including source code patches, branch names and file paths.
End-to-end encryption ensures only you and the other members of your organization can read what is sent, and nobody in between, not even GitLive.