Based on known campus usage, ACNS has two recommendations for source control/version control solutions.

Bitbucket

  • bitbucket.com
  • See ‘Considerations for Security,’ below
  • Regular accounts are free for small teams up to 5 users, $2/user/month for up to 10 users, etc
  • Academic accounts are free and include private repositories. (Create your account using your @colostate.edu email.) Community or academic subscriptions include unlimited private repositories for unlimited contributors.
  • Integrates with Visual Studio with Bitbucket Extension
  • Suggested to make a team account which can be assigned as owner of each repository, to promote continuity in the case of employee turnover; individual employee accounts can still check in / check out but the ownership will remain stable over time
  • Strongly recommended to use their “two-step verification” (which is 2-Factor Auth)

Github

  • github.com
  • See ‘Considerations for Security,’ below
  • Plans with private repositories are priced between $7/user/month to $21/user/month
  • Free plans do not include private repositories
  • Integrates with Visual Studio with GitHub Extension for Visual Studio
  • Strongly encouraged to use their 2-Factor Auth for account-login as described here (choosing “configuring two-factor authentication via a TOTP mobile app” allows use of the Duo client, which should soon be ubiquitous on campus).

Considerations for Security

  • Cloud Computing is included in the IT Security Policy – be sure to adhere to the policy and not store, transmit or share CSU Private Data or CSU Restricted Data in your repositories
  • Programmers SHALL NOT include their web.config or application.config files – or any other files which can have Database and other passwords in cleartext – in their repositories!
  • Make use of two-factor authentication for logins for either system
  • Note that any storage of CSU private or CSU restricted data requires advanced analysis and approval through the VPIT and/or Director of ACNS)