Browse All Posts (144)

GitHub hosts a Rubber Duck Thursdays coworking stream that talks through updates from the GitHub changelog and discusses the GitHub Copilot app, alongside general live coding and developer Q&A.

Poonam Gupta shares how Microsoft is reshaping the software development lifecycle with an internal “agentic platform”, using GitHub Copilot, Azure SRE Agent, and specialized agents to reduce toil across planning, code review, security remediation, operations, and modernization—along with measurable results from large-scale adoption inside Microsoft.

Allison announces a GitHub Actions workflow update that lets you run steps concurrently with separate logs, using new syntax keywords to start background work, wait for completion, and cancel long-running steps.

Microsoft Developer shares a short, practical overview of using Git in game development, focusing on the challenges of binary assets and how Git LFS and file locking help teams collaborate on textures, audio, and 3D models.

Allison announces a new npm safeguard for high-impact accounts: when npm detects sensitive account changes (like email updates or 2FA recovery code use), it temporarily restricts risky actions for 72 hours to reduce account-takeover and supply chain attack impact.

Microsoft Developer shares a practical walkthrough of using Git in game development, focusing on the real-world problems of binary assets and multi-discipline teams, and how Git LFS and file locking help make Git workable for Unity and Godot projects.

Microsoft Developer shares an episode of Data Exposed on common blockers that slow down enterprise SQL Server modernization, with practical guidance for migrating to Azure SQL and avoiding costly post-migration operational issues.

Allison announces a public preview for Red Hat Enterprise Linux (RHEL) 9 and RHEL 10 images on GitHub-hosted larger runners, enabling organizations to base custom runner images on RHEL for Linux x64 workflows.

Priyanka Vergadia hosts David Sanchez to demo “agentic DevOps” using GitHub and Azure, showing how AI and GitHub Copilot can support planning, coding, reviews, CI/CD, testing, security checks, and monitoring across an end-to-end delivery pipeline.

Allison announces an update to GitHub Enterprise Cloud billing: cost centers can now include enterprise teams as resources, so usage is attributed based on team membership and stays current as teams change via manual updates or SCIM-based IdP sync.

GitHub discusses “loop engineering” as a practical way to think about building with AI agents, focusing on how iterative feedback loops shape agent behavior and reliability.

Authorised Territory demonstrates how to use an AI-powered feature search experience in Visual Studio 2022 (17.14.35) to quickly find IDE functionality without manually browsing menus and settings.

Hidde de Smet explains how MCP’s Enterprise-Managed Authorization changes MCP authentication from per-server OAuth consent to policy-driven sign-in via an identity provider, with VS Code 1.123 preview support for Entra ID, Okta, and Auth0 and governance controls that pair with GitHub Copilot’s MCP registry policies.

perirocha introduces the generally available sp_get_table_health_metrics stored procedure for Microsoft Fabric Lakehouse tables, showing how SQL analytics endpoint users can diagnose physical table health (like small files, deleted rows, and checkpoints) in T-SQL and trigger OPTIMIZE only when it’s actually needed.

Lily Ma summarizes what has shipped in the Azure Functions MCP extension since preview, including resource and prompt triggers, MCP Apps for interactive UI, built-in MCP authentication with Microsoft Entra ID, and new .NET fluent configuration APIs for schemas, metadata, and rich content responses.

Batoul Diab shares how the ALICE collaboration at CERN uses GitHub to work on open source code for analyzing large physics datasets, highlighting shared repositories, peer review, and how distributed teams coordinate their work.

bexelbie explains what the Microsoft UEFI CA 2011 expiration in June 2026 means for Linux systems using UEFI Secure Boot, why expiration isn’t the same as revocation, and what can actually cause boot failures when vendors move to 2023-only signed shims.

Rohan Malpani explains how AI features in Visual Studio and VS Code can help teams ship safer, more accessible code by combining reusable “skills” with agent-based workflows that fit real development practices.

Microsoft Security Team summarizes how CNAPP is shifting from posture visibility to context-aware risk reduction, and explains how Microsoft Defender for Cloud fits into the “code-to-cloud-to-SOC” model by correlating identity, data, runtime, and cloud signals to prioritize exploitable attack paths.

analyticanna rounds up the Microsoft SQL updates shipped in the first half of 2026 across Azure SQL, SQL Server, and SQL database in Microsoft Fabric, with links to each GA/Preview announcement. Highlights include T-SQL regex features, Entra-based logins, TDE improvements, embeddings support, and new tooling in SSMS and VS Code (including GitHub Copilot features).

Allison announces new GitHub Enterprise “break-glass” incident response capabilities that let enterprise owners (and permitted members) bulk revoke or delete user credentials and SSO authorizations, plus a self-service experience for enterprise members to revoke their own credentials from Settings.

Aditya Badmaraju explains which Azure service he relied on most when building AI apps, focusing on why Azure SQL can be a central component for operational data, vector search, and building grounded AI experiences.

Allison announces a change to GitHub Copilot Free and Student plans: model selection is now handled only through Copilot auto model selection, which dynamically routes each task to an appropriate model and removes manual model choice.

sbaynes explains Talos, an open-source pipeline for automated, iterative genomic reanalysis that re-checks stored sequencing results as public evidence changes, aiming to deliver more rare-disease diagnoses with a low false-positive rate and a sustainable review workload for clinical teams.

Shantanu Patankar and Azin Heidarshenas break down Azure’s MLPerf Training v6.0 run for Llama 3.1 405B, sharing what they learned scaling pretraining to 8,192 NVIDIA GB200 GPUs on Fairwater—where the time goes per step, why topology-aware parallelism mapping matters, and what actually limits scaling efficiency at extreme scale.

Aditya Badmaraju explains why Azure SQL is a core dependency when building AI applications on Azure, highlighting its role in operational data storage and enabling vector search scenarios that support grounded AI experiences.

John Savill gives a quick walkthrough of Microsoft’s Security Adoption Model resource, explaining how it’s structured and how to use it to plan and track a security adoption journey.

Waldek Mastykarz explains what goes wrong when an AI coding agent has zero training data for your internal SDK or framework, and how to design an extension strategy that replaces the model’s “closest match” assumptions with accurate concepts, API details, and workflows while keeping token costs under control.

vzisiadis walks through how to put Azure API Management (APIM) in front of MCP servers to handle authentication and authorization, from basic Entra ID token validation to interactive OAuth sign-in from VS Code, app-role based access control, and governing external MCP servers like GitHub via passthrough and tool-level blocking.

Microsoft Threat Intelligence, the Microsoft Defender Security Research Team, and the Microsoft Digital Crimes Unit break down how the StealC infostealer and Amadey loader operate, how stolen credentials get monetized, and what defenders can do to reduce risk using Microsoft Defender protections and hardening guidance.

The Visual Studio Code Team shares a brief update for VS Code 1.127, noting a change to token pricing normalization to support a legacy flat pricing payload returned by some endpoints.

Thomas Maurer explains what Azure Local Small Form Factor (SFF) is and why it matters for edge scenarios, then outlines an end-to-end deployment flow: provisioning a device as an Azure resource, installing the Azure Local OS, registering it with Azure Arc, and running container workloads with Docker and K3s.

John Edward explains what “agentic AI” means in the Microsoft ecosystem, focusing on how goal-driven agents plan tasks, call tools, and maintain memory. The article maps those concepts to Azure AI Foundry, Semantic Kernel, and Microsoft Graph, with concrete enterprise workflow examples.

Daniel Roth, Javier Calvarro Nelson, and Yanislav Ivanov demonstrate how Blazor components can use WebMCP to expose UI actions to AI agents, so natural language prompts can trigger real interactions in a Blazor app.

Phil Vetter and Lee Jones describe how Exclaimer evolved its global email-signature platform on Microsoft Azure, moving from VM-based deployments to containerized microservices on AKS and adopting purpose-fit data services (Azure SQL, PostgreSQL, Cosmos DB, Data Explorer, Databricks) to improve scaling, reliability, and cost.

Allison announces an update to GitHub secret scanning: detections for Replicate secrets now include extended metadata to provide more context when a Replicate API token is found in a repository.

Efrat Nauerman announces general availability of the Azure Copilot Observability Agent in Azure Monitor and explains how it supports evidence-based incident investigations across Azure telemetry, with autonomous operations now available in public preview to reduce alert noise and triage effort while keeping humans in control.

jordanselig explains why most Model Context Protocol (MCP) servers are being deployed without real authentication, then walks through a defense-in-depth reference architecture on Azure App Service using Entra ID OAuth, managed identity, Key Vault, private networking, API Management, and monitoring to reduce common MCP attack paths.

Allison announces a public preview of new GitHub REST API endpoints for retrieving GitHub Code Quality (CodeQL) findings at the repository level, enabling integrations that can query findings programmatically and support remediation workflows.

GitHub announces updates to GitHub Copilot CLI that add a terminal UI and tighter GitHub platform workflows, including tabs for issues and pull requests, quick access to gists, and slash-command driven actions like creating PRs and assigning reviewers from the terminal.