At GitHub Universe 2019, GitHub announced that Actions have been moved into General Availability. We are very excited about this launch and as part of it have launched the Twilio SMS for GitHub Action. In this blog post we'll look at how you can get started with that and some use cases for it.

Getting Started

You can find the Twilio SMS Action in the GitHub Marketplace. Before using it, you'll need a Twilio account. Sign up for free to get your account details.

Once you have an account, we'll need two additional things.

Get a phone number

If you haven't gotten a phone number yet, head over to the Phone Numbers section of the Twilio Console and select your preferred phone number. Make sure it has SMS capabilities enabled.

Once you have that phone number, make sure to note it down somewhere. We'll need it later when …

When an open source project first blinks its eyes open into the wider world, maintainers are often focused on nurturing its initial growth across a small variety of dimensions. These focal points are necessary and key for building a successful open source project, but once it reaches a certain scale, new considerations come into play.

What problems are we trying to solve?

Open source is, at its core, about people, and about orienting them around a project such that everyone is cognizant of and working to align on the direction that they want the project to head. A project’s culture is a reflection of the people who populate its ranks and the processes it has set out to guide the choices it makes both technically and non-technically. When your project is growing and it’s clear people are engaged, how do you ensure that your project is on a growth track …

For a lot of developers the first pull request to an open-source project can be the most intimidating one. It often gets even more intimidating if it is your very first pull request to open source in general. For that reason we decided this year to create the Open Pixel Art project with the aim to teach people how to create their first pull request. Today we are happy to have reached a first big milestone with the project.

Thank you for all your contributions!

In the first 4 weeks of the project over 1000 developers have gotten their pull requests merged into the Open Pixel Art project.

A lot of them did not stop by contributing a pixel to the canvas, they added new functionality that let …

Hacktoberfest can be both a wonderful and hectic time depending on the onslaught (or lack thereof) pull requests that you get within the month of October. Having been a maintainer myself of a somewhat popular repository for going on three years now, I’d like to share some of our learnings with you so you can make the most of Hacktoberfest and hopefully enjoy yourself in the process.

Ready, set, hack!

There are plenty of quotes on the internet about preparation being the key to success, and you know what? They’re right! A little bit of preparation on your part before October 1st can make a world of difference in how the month goes. Here are a few suggestions for ways you can prepare your repository and make it welcoming to all contributors:

• Make sure your README is up to date. This saves you and your contributors time in the long …

How can an organization’s security team defend its customers against threats at scale?

When the Twilio Security Operations team (SecOps) was founded, this challenge weighed heavily on our minds. We knew that automating all our threat investigation and response procedures would be key to safeguarding our customers, but we had no clue where to begin. We also knew that many of our peers were in the same boat.

That’s why today, we’re proud to open-source SOCless: a serverless framework to help organizations easily automate their security workflows and respond to threats quickly and at scale.

To get started with SOCless, visit the documentation at https://twilio-labs.github.io/socless/

Building automated security runbooks

When performing investigations and responding to threats, security professionals follow well-documented, pre-planned, step by step procedures. We call these procedures runbooks.

A typical runbook may require a security professional to use multiple security products, custom scripts, and decision trees to …

It's 2019 and the issue by now seems to be mostly settled: Codes of Conduct, as it turns out, are an important tool for any community to promote inclusion and protect their members from harassment that would otherwise distract them or push them away.

But what's the actual experience of designing one, and more importantly, enforcing one?

I was an admin on lgbtq.technology, a community Slack for LGBTQ+ members of the tech industry, for over two years. It had a couple of thousand members, with several hundred active across scores of channels. It was (and still is!) a vibrant community that brought together fairly wide representation of individuals.

In this article, I'll go over the story of how community management evolved in this particular community. Along the way, I'll share various hard-earned lessons myself and the rest of the admin team there learned about how to effectively manage a diverse …

My open source story begins in 2014. I was living in NYC and benefiting heavily from going to free tech meetups like Hacker Hours, where strangers would come together to cowork and help one another out with programming questions. As a recent college grad who didn't have a hugely collaborative learning experience on campus, finding that knowledge sharing culture in the learn-to-code movement at the time was a lot of fun.

The only problem with meetups was that they could be distracting. Instead of finishing the MOOC courses I'd signed up for, I'd get pulled into side conversations about tutorial recommendations and general chatter.

The "running partners for code" idea

That summer, while participating in a program "to launch a side project" taught by Gary Chou from Orbital, I accidentally discovered that the act of screensharing with a study partner on Google Hangouts was a brilliant way to …

The second law of thermodynamics states that entropy always increases over time. To put it another way, chaos overtakes order little by little. Open source software projects are no exception. The longer a project grows and survives, the more issues and unmerged pull requests it will accumulate. Unresolved problems from the past make it hard to keep up with new contributions.

Bots to the rescue. Automation can help welcome new contributors and let them know what to expect. Outsourcing this labor to robots eases the burden on maintainers, freeing up time for more important tasks. Such as reviewing all those Hacktoberfest pull requests that are pouring in.

In this post, I’ll show you 6 ways to improve your open source project with Probot. The improvements fall into two broad categories: warmly welcoming new contributors, and communicating project norms or expectations.

Probot 101

Probot is a Node.js framework for building …

In this post, I’ll discuss my approach to prioritizing work in open source software projects. I’ve found that aligning my work with the unique intent of the project has helped me feel more satisfied with the impact of my open source contributions. I’ll share some questions to help you get started on developing your understanding of an open source project’s intent and include some examples of how to put them into practice.

Hello, p5.js

Every open source software project is different. Not only in their tech stack, but also in their intent. Sometimes I focus so much on widely used projects (like React) that I forget about the wide range of intents available to an open source project. As I’ve been getting more involved as a maintainer on p5.js this year, I’ve had to think a lot about what makes p5.js unique.

p5.js is unique in that it:

• is a …