Back to GitHub Support Contact GitHub


Open source project trends for 2018

Project trends

Last year, GitHub brought 24 million people from almost 200 countries together to code better and build bigger. From frameworks to data visualizations across more than 25 million repositories, you were busy in 2017—and the activity is picking up even more this year. With 2018 well underway, we’re using contributor, visitor, and star activity to identify some trends in open source projects for the year ahead.


Cross-platform development

Some of the projects that experienced the largest growth in activity were focused on cross-platform or web development. For example, Angular/angular-cli had 2.2 times more contributors in 2017 than in 2016. You contributed more, visited more often, and starred projects related to Angular/Angular, Facebook/React, and Electron/Electron. These projects simplify the development process, shortening the time from start to deployment across desktop and mobile platforms.

Deep learning

You’ve also been rallying around deep learning projects. Across multiple industries, artificial intelligence is solving a host of complex and interesting problems. You’ve helped drive that interest by upping your contributions to and visits to projects like Keras-team/Keras and Mozilla/DeepSpeech. TensorFlow/TensorFlow had 2.2 times more visits in 2017 than in 2016, and TensowFlow/models had 5.5 times more visits!

New skills

Your commitment to developing coding skills is unparalleled. You starred projects, many created in 2017, related to learning to code, getting coding jobs, and coding best practices. For example, Chalarangelo/30-seconds-of-code and norvig/pytudes provide code examples in javascript and python respectively to help you brush up on your fluency in these languages. jwasham/coding-interview-university and yangshun/tech-interview-handbook provide resources for how to pass the interview process for software engineering roles. i0natan/nodebestpractices, alibaba/p3c, and thedaviddias/Front-End-Checklist provide best practices for writing code and organizing projects.


How did we discover these trends? We looked at three different types of activity. First, we identified the top 100 projects that had at least 2,000 contributors in 2016 and experienced the largest increase in contributors in 2017. We also identified the top 100 projects that received the largest increase in visits to the project’s repo in 2017. Finally, we identified the top 100 projects that received the most new stars in 2017. Combining these lists, we categorized projects into broad communities and looked at the communities that were the most represented at the top of the lists.

We were impressed with the range of creative projects that emerged. You scratched the itch to keep track of your favorite NBA teams from the command line while you code, and you still found time to create an Android app for journalists and activists to securely monitor their homes and offices. Well done!

Learn more

If you’d like to see a lot more data covering what the GitHub community was up to from September 2016 through September 2017 including the most forked projects, the most social projects, and the most reviewed projects, check out the report we released at Universe: The State of the Octoverse.

You can also see who top contributors to open source in 2017 were in Felipe Hoffa’s analysis on Medium.

And head over to our redesigned Explore experience to find the latest project collections and trending topics on GitHub.

Explore projects

Introducing security alerts on GitHub

Last month, we made it easier for you to keep track of the projects your code depends on with the dependency graph, currently supported in Javascript and Ruby. Today, for the over 75 percent of GitHub projects that have dependencies, we’re helping you do more than see those important projects. With your dependency graph enabled, we’ll now notify you when we detect a vulnerability in one of your dependencies and suggest known fixes from the GitHub community.

Security Alerts & Suggested Fix

How to start using security alerts

Whether your projects are private or public, security alerts get vital vulnerability information to the right people on your team.

Enable your dependency graph

Public repositories will automatically have your dependency graph and security alerts enabled. For private repositories, you’ll need to opt in to security alerts in your repository settings or by allowing access in the Dependency graph section of your repository’s Insights tab.

Set notification preferences

When your dependency graph is enabled, admins will receive security alerts by default. Admins can also add teams or individuals as recipients for security alerts in the dependency graph settings.

Respond to alerts

When we notify you about a potential vulnerability, we’ll highlight any dependencies that we recommend updating. If a known safe version exists, we’ll select one using machine learning and publicly available data, and include it in our suggestion.

Vulnerability coverage

Vulnerabilities that have CVE IDs (publicly disclosed vulnerabilities from the National Vulnerability Database) will be included in security alerts. However, not all vulnerabilities have CVE IDs—even many publicly disclosed vulnerabilities don’t have them. We’ll continue to get better at identifying vulnerabilities as our security data grows. For more help managing security issues, check out our security partners in the GitHub Marketplace.

This is the next step in using the world’s largest collection of open source data to help you keep code safer and do your best work. The dependency graph and security alerts currently support Javascript and Ruby—with Python support coming in 2018.

Learn more about security alerts

The data science behind topic suggestions

Add topics to repositories

Earlier this year, we launched topics, a new feature that lets you tag repositories with descriptive words or phrases. Topics help you create connections between similar GitHub projects and explore them by type, technology, and other characteristics they have in common.

All public repositories show topic suggestions, so you can quickly tag repositories with relevant words and phrases. These suggestions are the result of some exciting data science work—in particular, a topic extraction framework based on text mining, natural language processing, and machine learning called repo-topix.

Learn more about repo-topix from the Engineering Blog

Topic suggestions close up

Now when you add or reject topics, you’re doing more than keeping projects organized. Every topic will contribute to surfacing connections and inspiring discovery across GitHub. Repository names, descriptions, and READMEs from millions of public projects serve as the very start of an ever-evolving knowledge graph of concepts. Eventually, the graph will map how these concepts relate to each other and to the code, people, and projects on GitHub.

Topics is part of a greater effort to use our public data to make meaningful improvements to how people discover, interact, and build on GitHub. We’ll be sharing more ways that data can improve the way you work at Universe—our flagship product and community conference.

Get tickets to GitHub Universe

Announcing an open data set on the open source community

We just released an open data set for the open source community, researchers, and curious data wonks to study.

The data includes responses from 5,500 open source participants randomly sampled from over 3,800 projects on and over 500 sourced from communities that work on other platforms. Altogether, the data represents some of the most comprehensive and high-quality data on the open source community to date.

header from the survey website

The Open Source Survey covers a broad set of topics, including:

  • What people value in the software they use and in open source projects
  • How and where people find and provide help
  • Privacy preferences and practices
  • Employer policies around using and contributing to open source
  • Negative experiences and their consequences
  • Personal backgrounds of community members

We hope you’ll use the data to inform decisions about community, tooling, and prioritization of work; understand the needs and experiences of different parts of the community; and do new and interesting research on a remarkable system of peer production that powers so much of modern life.

In the meantime, we’ve started using the findings to help us understand what makes a healthy community and how we can improve GitHub for maintainers, contributors, and end users.

plot of importance of various attributes to project use and contribution

Huge thanks to all of our collaborators in academia, industry, and the open source community who contributed topic ideas and questions, helped with translations, and took the survey. You can find the data, and an analysis of the key findings, at Let us know how you use the data or write to us with questions or comments.

GitHub data, ready for you to explore with BigQuery

GitHub data is available for public analysis using Google BigQuery, and we’d like to help you take it for a spin.

If you’d like to find out more about what data is available and how it’s been used so far, watch this conversation between GitHub Data Analyst Alyson La and Google Developer Advocate Felipe Hoffa. You’ll learn the story behind the datasets and what types of analysis they make possible. You’ll also see how we’ve visualized data with Tableau and Looker.

There’s a lot of data out there, but it’s all available through BigQuery in two large data sets. The original, community-led GitHub Archive project launched in 2012 and captures almost 30 million events monthly, including issues, commits, and pushes. Last year, we worked with Google to release The GitHub Public Data Set, separate tables with information on all projects that have open source licenses, including commits, file contents, and file paths.

You can also use the GH torrent project to complement the existing datasets with additional metadata.

We ran a list of queries on the datasets above to create the open source section of our Octoverse report, but anyone can run an analysis. Here are the results of some of the queries run so far.

  • “This should never have happened” has appeared in code comments more than a million times (hear this data point for yourself in this Changelog episode)
  • Where does open source happen? GitHub top countries shares which countries have the most open source developers per capita
  • How reliable is GitHub? Felipe runs a query to find out in GitHub reliability with BigQuery
  • There are a lot of feels in open source. Geeksta examines how emotions are expressed in GitHub commit messages
  • Are bigger pull requests better? Jessie Frazelle analyzed the top 15 projects on GitHub in terms of pull requests opened vs. pull requests closed

Happy exploring!



Discover new ways to build better

Try Marketplace apps free for 14 days

Learn more