Protecting data in applications is important; protecting sensitive information is paramount. One of the most common ways to protect information at all times is data encryption. Cryptography, symmetric and asymmetric encryption, keys and certificates are directly related to this task. The keys and certificates used to protect information must also be reliably protected. For these purposes is used keystore - storage of certificates and keys.
keystore is a specialized secret data storage that is used by Java applications to encrypt, authenticate and establish HTTPS connections. So, for client and server authentication, establishing SSL (Secure Sockets Layer - Secure Sockets Layer) connection, private keys and certificates are required. If one-way authentication is used, then keystore used only on the server side. With two-way authentication, the client and server exchange certificates; respectively, both the server and the client must have keystore with a pair of private / public keys + certificate. In other words keystore used to store keys and certificates used to identify the owner of the key (client or server).
Java supports several storage formats keystore :
Each keystore entry has a unique alias. It is recommended that keystore not use alias "that are only case-sensitive. In the standard implementation, each key in the vault is password protected; in addition, the entire vault can be protected entirely by a separate password.
The standard Certificate Authority store for Java applications is located in the directory jre / lib / security / cacerts (password is changeit).
Information in the repository can be divided into two categories: key records (private / public key pairs) and trusted certificates. The key record used for cryptographic purposes includes the identity of the object and its private key. A trusted certificate contains the identity of the entity and the public key. A trusted certificate entry cannot be used in cases where a private key is required.
To separate key records from certificates, it is advisable to use different stores: one for private keys, and the other for trusted certificates, including Certificate Authority Certificates (CA). This approach will allow the separation between own certificates and the corresponding private keys, and trusted certificates. Additionally, you can provide higher protection for private keys in a separate keystore with limited access, and leave trusted certificates more freely available.
Keytool utility
To manage key pairs (private / public), certificates, and keystore storage, Java includes a utility keytoollocated in the bin directory. For start keytool You can use the command line. Utility options allow you to perform various operations and receive certain information. So, to get information about the utility, you can simply run the command keytool without options:
C: \\ Program Files \\ Java \\ jre1.8.0_121 \\ bin\u003e keytool Key and Certificate Management Tool Commands: -certreq Generates a certificate request -changealias Changes an entry "s alias -delete Deletes an entry -exportcert Exports certificate -genkeypair Generates a key pair -genseckey Generates a secret key -gencert Generates certificate from a certificate request -importcert Imports a certificate or a certificate chain -importpass Imports a password -importkeystore Imports one or all entries from another keystore -keypasswd Changes the key password of an entry - list Lists entries in a keystore -printcert Prints the content of a certificate -printcertreq Prints the content of a certificate request -printcrl Prints the content of a CRL file -storepasswd Changes the store password of a keystore Use "keytool -command_name -help" for usage of command_name
To get additional help about the team, you must specify its name and the magic word help. Do not forget about the hyphen "-" before the options:
C: \\ Program Files \\ Java \\ jre1.8.0_121 \\ bin\u003e keytool -certreq -help keytool -certreq ... Generates a certificate request Options: -alias
Create a self-signed certificate
To create a self-signed certificate, you must also use the -genkey command with the certificate validity period in the -validity option. The following command will create a pair of 2048-bit RSA keys valid for 365 days with the specified alias (parent) in the specified file / keystore (keystore.jks). The private key in the store is “locked” with a password, the public key is “wrapped” in a self-signed certificate.
Keytool -genkey -alias parent -keyalg RSA -validity 365 \\ -keystore keystore.jks
If the specified keystore (keystore.jks) does not exist, then keytool will create it. When executing the command, keytool will ask for some necessary data: the password of the store, Distinguished Name and private key password. Many parameters are used with default values. For example, an alias is mykey, a repository is .keystore in the user's home directory (HOMEPATH), an encryption algorithm is SHA1withDSA, etc.
Distinquished Name
The certificate is created in X.509 format. In this format, the owner identifier is used. Distinquished Name or just a DN in X.500 format. The same object identification format is used in the LDAP protocol or in SNMP. Distinquished Name set as comma separated attributes:
- CN - common name (owner name);
- OU - organizational unit or department / division;
- O - organization name;
- L - locality or city (city / location);
- ST - state or province;
- C - country, two chars (country).
Some of the attributes may be omitted; in this case they will be assigned the value Unknown.
One of the important attributes of a certificate is alternate names. San (SubjectAlternativeName). Details and an example of adding a SAN to a self-signed certificate are provided on the Tomcat server configuration page.
Certificate parameters can be specified as an option to the command. So, in the next version of the example, information about the company, the name of the alias, the type and location of the store, the validity period, the algorithm for generating the keys, the size of the key, passwords for the store and the key are set.
C: \\ Program Files \\ Java \\ jdk1.8 .., L \u003d Moscow, C \u003d RF "\\ -alias parent -storetype jks -keystore keystore.jks \\ -validity 365 -keyalg RSA -keysize 2048 \\ -storepass mystorepass -keypass mykeypass Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 365 days for: CN \u003d site, OU \u003d Developers, O \u003d IT Systems Inc., L \u003d Moscow, C \u003d RF
The new repository was located in the same directory as keytool.
Create a key pair
To create a key pair, use the "-genkeypair" command. The following command will create a keypair key pair in the keystore.jks repository where the previously created certificate is located.
C: \\ Program Files \\ Java \\ jdk1.8.0_121 \\ bin\u003e \\ keytool -alias keypair -genkeypair -keystore keystore.jks \\ -dname "CN \u003d site" Enter keystore password: Enter key password for
The certificate and private key are saved as a new keystore entry identified by the alias "keypair". The public key is wrapped in the X.509 format - it is a self-signed certificate that is saved as a singleton certificate chain.
Genkeypair team options
- [-storepass storepass]
- (-alias alias)
- (-storetype storetype)
- (-keystore keystore)
- [-keypass keypass] - is the password used to protect the private key
- [-dname dname] - defines a distinguished name in X.500 format, associated with an alias and used as issuer and subject fields in a self-signed certificate
- (-startdate value)
- (-keyalg keyalg) - defines the algorithm that will be used to generate a key pair
- (-keysize keysize) - determines the size of each key that will be generated
- (-sigalg sigalg) - defines the algorithm that should be used to sign a self-signed certificate; the algorithm must be compatible with keyalg
- (-ext ext) *
- (-validity valDays)
- (-protected)
- (-Jjavaoption)
Let's create two more key pairs with the aliases "keypair1" and "keypair2" so that when viewing the contents of the repository (below) there is a small list of key pairs:
Keytool -alias keypair1 -genkeypair -keystore keystore..jks \\ -dname "CN \u003d site"
Certificate Export
The certificate can be exported from the store and provided to users of your “signed” program. Then users can add your certificate to their trust store. To export the certificate, use the "exportcert" command. The following example retrieves a certificate from the repository in the file "parent.cer":
C: \\ Program Files \\ Java \\ jdk1.8.0_121 \\ bin\u003e \\ keytool -excort -keystore keystore.jks \\ -alias parent -file parent.cer Enter keystore password: Certificate stored in file
Certificate Import
To import a certificate into the store, you must first get it in some way. We will not be smart and we will extract the certificate with the alias veriSignclass1g3ca from the trust certificate store jre \\ lib \\ security \\ cacerts (password to the changeit store). That is, we will execute the certificate export command with the corresponding storage:
Export certificate from storage cacerts
C: \\ Program Files \\ Java \\ jdk1.8.0_121 \\ bin\u003e keytool -exportcert -alias veriSignclass1g3ca -keystore \\ "C: \\ Program Files \\ Java \\ jdk1.7.0_67 \\ jre \\ lib \\ security \\ cacerts" \\ -file veriSignclass1g3ca .cer Enter keystore password: Certificate stored in file
Import a certificate into the store
To import a certificate into the store keystore.jks you must use the "importcert" command. If you specify "-trustcacerts" as an option, the certificate is imported into the trust store, i.e. in jre \\ lib \\ security \\ cacerts. When the import command is executed, the keytool utility will ask you to enter the vault password:
C: \\ Program Files \\ Java \\ jdk1.8.0_121 \\ bin\u003e \\ keytool -importcert -keystore keystore.jks \\ -file veriSignclass1g3ca.cer Enter keystore password: \\ Owner: \\ CN \u003d VeriSign Class 1 Public Primary Certification Authority - G3, \\ OU \u003d "(c) 1999 VeriSign, Inc. - For authorized use only", \\ OU \u003d VeriSign Trust Network, \\ O \u003d "VeriSign, Inc.", \\ C \u003d USIssuer: \\ CN \u003d VeriSign Class 1 Public Primary Certification Authority - G3, \\ OU \u003d "(c) 1999 VeriSign, Inc. - For authorized use only", \\ OU \u003d VeriSign Trust Network, \\ O \u003d "VeriSign, Inc.", \\ C \u003d US \\ Serial number: \\ Valid from: \\ Fri Oct 01 04:00:00 MSD 1999 until: Thu Jul 17 02:59:59 MSK 2036 \\ Certificate fingerprints: \\ MD5: B1: 47: BC: 18: 57: D1: 18: A0: 78: 2D: EC: 71: E8: 2A: 95: 73 \\ SHA1: 20: 42: 85: DC: F7: EB: 76: 41: 95: 57: 8E: 13: 6B: D4: B7: D1: E9: 8E: 46: A5 \\ SHA256: CB: B5: AF: 18: 5E: 94: 2A: 24: 02: F9: EA: CB: C0: ED: 5B: B8: 76: EE: A3: \\ C1: 22 : 36: 23: D0: 04: 47: E4: F3: BA: 55: 4B: 65 Signature algorithm name: SHA1withRSA Version: 1 \\ Trust this certificate? : y Certificate was added to keystore
View Storage
To read the contents of the repository, you must use the -list command. As an option "-keystore" you can specify the path to the repository. By default, the "-list" command displays the SHA1 certificate fingerprint. The following code allows you to view the contents of the created repository, which includes a certificate and three key pairs:
C: \\ Program Files \\ Java \\ jdk1.8.0_121 \\ bin\u003e \\ keytool -list -keystore keystore.jks Enter keystore password: Keystore type: JKS Keystore provider: SUN Your keystore contains 5 entries keypair2, 02/14/2018, PrivateKeyEntry, Certificate fingerprint (SHA1): \\ C4: 02: BA: D7: 24: 6B: 84: 2F: CD: F9: 81: 16: 5F: 74: E0: 31: 7B: C0: 19: B1 keypair1, 02/14/2018 , PrivateKeyEntry, Certificate fingerprint (SHA1): \\ AB: BA: 92: 77: 44: BD: B0: 65: EB: 29: 0C: F9: 86: 64: 0F: 81: B7: 4A: 27: 9A keypair , 02/14/2018, PrivateKeyEntry, Certificate fingerprint (SHA1): \\ 8A: 8B: 21: 83: 1E: 75: 4F: C7: 62: 85: 6A: 31: 84: 45: AA: 16: 2B: 20: 06: 1E parent, 02/13/2018, PrivateKeyEntry, Certificate fingerprint (SHA1): \\ DB: 8B: 9D: 9D: DF: 5B: B3: 82: 0E: 19: C6: A4: A4: 3E: 08: C0: AB: 20: F9: 85 mykey, 02/18/2018, trustedCertEntry, Certificate fingerprint (SHA1): \\ 20: 42: 85: DC: F7: EB: 76: 41: 95: 57: 8E: 13: 6B: D4: B7: D1: E9: 8E: 46: A5
List command options
- (-v | -rfc)
- [-storepass storepass]
- (-alias alias)
- (-storetype storetype)
- (-keystore keystore)
- (-providerName provider_name)
- (-providerClass provider_class_name (-providerArg provider_arg))
- (-protected) (-Jjavaoption)
If you use the "-v" option when viewing the store, then information about the certificate is displayed with additional information, including the owner, serial number, etc. When using the "-rfc" option, the content of the certificate is printed according to the Internet standard RFC-1421.
Example of viewing the store and certificate
The screenshot shows an example CertificateReader, which allows you to view the keystore and certificates, as well as retrieve certificate information.
A pair of values \u200b\u200bis stored inside the certificate. Distinqueshed names. One DN belongs to the certificate holder, and the second DN indicates the identifier of the certification authority (CA) that signed the certificate. In the case of a self-signed certificate, both of these DNs point to the owner of the certificate.
Listing Example
The sample interface is implemented using the Swing library. Since Swing is not the subject of this article, the methods for creating the interface are not presented in the example listing. If necessary, anyone can download the source code of the example at the end of the page.
The example listing shows two methods: loadKeyStore, showCertificate. The first method allows you to select a certificate store. The second method reads the certificate and presents its parameters in the interface. After listing, a screenshot is presented on which the created certificate is read.
Import java.security.KeyStore; import java.security.KeyStoreException; import java.security.cert.Certificate; import java.security.cert.X509Certificate; public class CertificateReader extends JFrame (final String TERMIN \u003d "Certificate expiration% s"; final String VALID \u003d "valid"; final String INVALID \u003d "not valid"; final String CREATER \u003d "Publisher% s"; final String NUMBER \u003d " Serial number% s "; final String START \u003d" Start of expiration% s "; final String END \u003d" Expiration of% s "; final String OWNER \u003d" Owner% s "; final String ALGORITM \u003d" Signature algorithm% s " ; final String SIGN \u003d "Certificate Signature% s"; final String LF \u003d "\\ n"; final String LF_SPACE \u003d ": \\ n"; KeyStore keyStore \u003d null; // JList store
Note: the CertificateReader class is used as an example on the digital signature page of jar files
Download example
The example of viewing the keystore and certificates storage considered on the page can be downloaded (2.5 Kb).
You have probably already come across the network term “pastebins”. These are web services that allow you to post snippets of written useful code and then share it with other people. Such services are very often used by users of IRC, social networks, blogs and so on. Users can post source code to services like pastebins, and then send the code links to other people.
On the net you can find a bunch of these web services. Most are equipped with a standard feature set. But some developers are clearly distinguished by their ingenuity. We have compiled a selection for you and the best services, and you will surely find one that will fully meet all your requirements.
02.
Ideone is not just a Pastebin service, but also an online compiler and debugger. It allows you to compile and run code on a network. There is support for more than 40 programming languages. In addition, you can archive already created passages or highlight the order. Nevertheless, it is worth saying that the service does not provide code encryption capabilities.
03.
Pastebin.com allows you to post your texts and code on dedicated servers for further sharing with other people. In addition, you can specify the expiration date of the code service, archive excerpts, highlight individual parts of the code, and automatically assign sub-domains. There is also no possibility of code encryption.
04.
Mystic Paste is a pastebin service that provides free source code. Using this service, you can easily post your code snippets and share it with people. The service also offers various additional plugins.
05.
TinyPaste allows you to easily place texts and codes, and besides, you have the opportunity to capitalize on this. The system pays you bonuses for each unique visit to your catalog. You can encrypt the code with a password, select individual fragments, archive it, and also assign sub-domains. You can also compile the code right away. TinyPaste provides you with an API and some third-party tools.
06.
Paste HTML allows you to place HTML code, plain text, as well as markup. The service can be used as an anonymous web hosting to host HTML pages. This service is designed specifically for HTML code.
07.
Codepad is an online compiler that allows you to run your code and share it with friends. The tool allows you to highlight individual snippets of code, as well as create separate private elements. However, there is no support for password protection. At the moment, the application supports 13 popular programming languages.
08.
MathBin allows you to easily place math equations. The service uses LaTeX formatting to generate equations in the form of images. This tool is perfect for placing fragments of mathematical and physical problems that are subject to solution and discussion.
09.
Snipplr is a public repository of code snippets that allows you to post and share your own code snippets. The service allows you to highlight individual pieces of code and archive the code. To use the service, you will have to register.
10.
Code Upload is a free pastebin service that provides its own source code. Using this service you can post code snippets and share them with others. The service also allows you to archive passages, close them with passwords and highlight individual fragments of code.
11.
PASTE allows you to place your codes and also debugging text. It allows you to set the expiration date and lock files with a password.
12.
Gist is an easy way to post code snippets. The service provides various functions such as highlighting individual code fragments, setting a password, and so on. All passages are automatically installed version.
13.
Codetrunk is a tool for posting code snippets, which also provides its own source code. The service allows you to highlight individual passages of code, archive them, and so on. The service automatically assigns sub-domains for each code snippet.
14.
PasteSite allows you to post code snippets that can be viewed through the site, pre-specifying the selection of individual code snippets. PasteSite allows you to password protect your code snippets. You can also easily delete any of the documents.
15.
pzt.me is a pastebin service that works in several ways. You can share text, images, videos, and links to various online interests. You can embed videos from all popular video sites, including YouTube, DailyMotion, Vimeo, etc. You can also use the service to shorten links.
16.
Snipt provides you with an easy way to post code snippets on micro-blogging sites like twitter. The service includes such functions as highlighting individual fragments, archiving and setting a password. You can get your own code snippets using the authorization data on twitter.
17.
Clippy is a free service that will provide you with various functions such as password protection, highlighting of individual fragments, anti-spam and assignment of sub-domains. At the moment, the service supports more than 50 programming languages.
18.
The simplest implementation of a service like pastebin. The service is very easy to use. The interface consists of a text input field and an insert button.
19.
Dpaste is a tool for posting code snippets. It was originally developed by Django programmers for use in the #django IRC channel. You can select individual fragments of text, as well as archive excerpts. However, it supports only a few programming languages.
20.
Slexy is a powerful and flexible pastebin service. It allows you to add tabs within the pasted text, save settings and paste through the CLI / terminal. It also provides you with the ability to set expiration, highlight individual fragments of code, and protect your code with a password.
21.
Paste-It is an easy to use pastebin service. The service provides the opportunity to create private excerpts, expiration dates, as well as highlighting individual fragments. The service also provides special plugins for Firefox and Chrome for faster and more convenient copying.
pastebin.ca
pastebin.ca is a pastebin tool. It allows you to post code and share it with other people. The service provides functions for highlighting individual fragments of code, archiving, password protection, and assigning sub-domains. It also allows you to set an expiration date, as well as leave comments on passages.
25.
Pastie is another pastebin service with support for all the basic functions specific to this type of service. The service supports all popular programming languages.
The project consists of both its own code and third-party libraries. Naturally, the question arises of how to store this good. To this question I will try to give recommendations based on my own experience.
Primary requirements:
- The developer must get started quickly without bothering with installing a dozen libraries.
- Libraries should be accessible from different projects, while avoiding duplication of code in repositories.
- It should be possible to save certain project conditions: new versions, number assemblies for testers, etc.
I recommend creating your own repository for each project. This will allow you to clearly separate one project from another, if necessary, give the right to edit specific repositories only to certain developers, solve the issue of archiving. Libraries, even third-party ones, should be considered as separate projects and also stored in separate repositories. An exception can be made only for especially large libraries, for example Qt or Boost.
Subversion allows you to establish dependencies between projects by establishing the dependence of the project on other projects. Thus, simultaneously with receiving the project from the repository, it is possible to get all the code necessary for work automatically, without complicating the life of installing several libraries and tracking their relevance.
Folders trunk, tags, branches
Subversion often uses a project structure of three folders: trunk, tags and branches. What are they for?
- trunkis a development folder. It always contains the latest version of the code available to developers. It is extremely important here to always maintain the code in a collective state. Any breakdown of the project assembly should be fixed as quickly as possible so as not to create difficulties for other developers.
- IN tagsare the status of the project at a certain point. For example, closer to the release, developers begin to create, with a certain frequency, assemblies with a unique number that are passed to the testers. The status of the project at this point can be fixed in the tag folder, giving it a talking name, for example build_723. This will allow, in the case of introducing a defect that is absent in this assembly and found in the next assembly, to analyze the cause of the problem and take appropriate measures to eliminate it. Also released versions can be noted here, for example 1.0.5. Thus, after receiving a complaint from users about an error in any version, you can take the code relevant for this version to study the problem.
- branches- temporary branches of developers. What does it mean? Developer Vasya receives a task to add some functionality. In order not to block the work of other team members, he creates a copy of the project in branches / vasia_task_1234, works in this branch periodically saving the code from the repository. Having completed the task, it merges with the main development branch (trunk) and deletes the temporary branch. The task was completed, while he could fix the state of his work in a temporary branch, without disrupting the work of other developers.
Work with branches and fixing the status of the project in tags will be described in another note.
How to name versions?
I suggest a three-digit version numbering method - major.minor.microwhere:
major- a figure indicating the version of the product (different version numbers indicate significant differences between the products),
minor- the subversion of the product (different numbers indicate that the subversions have different functionality),
micro- as part of the subversion, indicates that any errors have been fixed.
- With the release of a new version containing only bug fixes, the number in the micro position increases.
- At release of the version with the changed functionality, minor is incremented and micro is zeroed.
- With the release of a new version of the product significantly different from the previous one, major increases, while minor and micro are reset.
Project example
Consider a simple project consisting of the project code (project) and two libraries (lib1, lib2). A structure of three repositories:
project(For example, let the path to the repository be https: // server / project)
branches
tags
trunk
lib1(https: // server / lib1)
branches
tags
lib2(https: // server / lib2)
branches
tags
trunk
Actually project is our project, which depends on the third-party library lib1 version 1.0 and on the lib2 library of its own development, which is being developed jointly with the project itself, so the dependence will be on its main development branch (trunk).
Install dependencies in Subversion
To set project dependencies in Subversion, use the svn: externals property. To view the set properties, go to the project folder (for example, trunk) and use the command
To set the svn: externals property (naturally for the entire folder) being in the folder with the main development branch ( local_path_name / project / trunk) execute
It is possible that Subversion will not call a text editor, but will produce an error in which it will inform that the environment variable is not defined SVN_EDITOR. This means that you need to add this variable to the system environment by specifying the path to the text editor that will be called. for instance C: /WINDOWS/system32/notepad.exe for Windows (note - slashes must be expanded) or / usr / bin / vi for Linux.
You can delete a property using the command
| svn propdel svn: externals |
Is that all?
It seems like that. Now each time taking the project code from the repository, the library code will be loaded at the same time. If changes were made to the libraries, they will automatically be updated. Thus, having registered the project dependencies, you can not think about libraries, they will be updated and downloaded automatically, the main development branch will contain lib1 and lib2 folders with libraries.
The next logical step is to automatically collect the necessary libraries with the project, which I will talk about shortly with the example of the cross-platform build automation tool CMake.
Sooner or later, every programmer has to deal with a problem when he needs to save his code somewhere, and for some reason this cannot be done on his computer. Or you need to show the code to another programmer who is thousands of kilometers away, or to the customer. For freelancers, this is a very urgent problem, and the site decided to tell you where you can “throw” your code into storage.
In the network of such services - at least a dime a dozen. We will show you some free and with the optimal set of functions.
It is more than just a service for storing code. It allows you to compile code, as well as find and correct errors. Compiled code can be run on the network. Ideone supports about 40 programming languages. But with all its advantages, the service has one drawback - you cannot encrypt the code with a password here.
It makes it possible not only to place text or codes, but also to indicate the “expiration date” of each passage, archive individual passages, highlight lines, assign sub-domains. But you can’t hide the code with a password either.
Here you can easily save the code and then share the link to it with friends. It is also possible to password-protect your code if you want it to be available to someone alone. Already created passages can be archived and set order.
Designed specifically for storing HTML pages and markup. You can also store plain text here. It can also be used as anonymous web hosting for HTML pages.
It is an online compiler that supports 13 of the most popular programming languages. Here you can not only store your code, but also run it on the network. One minus is that you cannot protect your code with a password here.
Pretty easy and simple service for storing code. Among the useful functions of pastebin is highlighting the code, using a password. The service automatically sets a version for each new passage.
Dpaste supports only a few languages, but it is one of the simplest tools for placing and saving code on the network. Allows you to highlight individual fragments of code, as well as archive excerpts.
This is one of the most powerful and functional services for storing code. Among the features that it provides are password protection and the ability to add tabs, set a validity period and highlight individual fragments of code.
Pastebin.ca
It makes it possible to post code, share it, protect it with a password, set an expiration date, archive passages and even leave comments on them. Simple, functional and very convenient service.
These are far from all services for storing code, but we tried to collect for you the most convenient, simple and functional ones, for which registration or payment is not required. Use for health!
Below you can see where the service repositories are stored, what version control systems are supported, whether they have a desktop application and on which operating systems it can be installed.
| # | Company | Year | Version control | Data storage | Price (per month), $ | |
|---|---|---|---|---|---|---|
|
1
0 |
2008 | Git, SVN | 7–210 | |||
|
2
0 |
2008 | Git, mercurial | cloud / own server | 10–200 | ||
| 2016 | ||||||
|
3
0 |
2011 | Git | cloud / own server | 4-99 | ||
|
4
0 |
2007 | Git, SVN | cloud | 15–200 | ||
Other repository services for storing code when processing respondent data included Amazon Cloud Drive, Codebase, Gitolite, Heroku, Microsoft Azure, RhodeCode, Subversion, Team Foundation Server.
About rating
The rating of repository services for storing code is carried out by Tagline for the third time and is based on a survey from 540+ technical managers of digital companies conducted from April 2016 to May 2018. Respondents were asked to choose one or several options for answering the question “What repository services do you use to store code?”.
The dynamics is given in comparison with the data obtained by Tagline for the period from August 2014 to April 2016.
GitHub, the most well-known web service for project hosting based on the Git version control system, continues to lead in the ranking by a fairly large margin (77%). For open source projects, the service is free, and for private projects with private repositories, there are several tariff plans:
- personal (creation of private repositories for team use, from $ 7 per month);
- for small organizations (it becomes possible to manage access settings, from $ 25 per month);
- for large companies (you can install it on your own server or your own cloud, from $ 2520 per year).
GitHub is often called a social network for developers. It has all the relevant elements: following, commenting, favorites. Activity on the service can also act as a resume.
In second place is Bitbucket, 48% of respondents voted for it. It allows you to create an unlimited number of private repositories, but has a limit of 5 users. For larger teams there is a paid version - from $ 10. Since Bitbucket is one of the Atlassian products, it can be integrated with other solutions of this company: JIRA, Hipchat, Bamboo.
GitLab (14%) is similar in functionality to GitHub, but you can install it on your own server for free and configure it to your needs. At the same time, it also exists as a SaaS - after registration, you can create private repositories for collaboration for free. Paid features - in the version for large companies (from $ 48 per user per year).
Finally, Beanstalk is in fourth place with 1% of the total number of respondents. Unlike competitors, it offers a free version for only 2 weeks, and the choice of paid tariffs depends on the number of users, repositories and the allocated storage volume. Tariffs for paid companies ($ 50-200) also include a number of additional features, such as priority support or deployment on multiple servers at the same time.
Operating Systems
