Browse All Posts (105)
GitHub announces that the GitHub Copilot desktop app is now available across every plan, including Copilot Free and GitHub Education, and highlights agentic coding sessions plus bring-your-own-key support for custom AI model providers.
Abhishek Tiwari explains how Azure Front Door’s tenant isolation work (completed after the October 2025 incidents) reduces blast radius in a dense, multi-tenant edge fleet, using configuration isolation and a micro-cellular, layered ingress-sharding design to keep one tenant’s bad config or traffic from impacting others.
Arturo Quiroga shares major updates to the open-source Azure Architecture Diagram Builder, including a multi-turn Architecture Chat, a Blueprint (whiteboard-style) rendering mode, and a new MCP server interface so AI agents can generate, validate, cost, and render Azure architectures programmatically.
Allison announces CodeQL 2.26.0 updates for GitHub code scanning, including Kotlin 2.4.0 support, improved C# Razor Pages dataflow for SQL injection detection, new JavaScript/TypeScript system prompt injection coverage, and multiple query accuracy improvements across Go, Python, Swift, and GitHub Actions.
Varun Chawla (with Abhishek Tiwari and Amit Srivastava) explains how Azure Front Door reduces multi-tenant blast radius using Layered Ingress Sharding: combining independent, randomized tenant-to-shard assignments across layers with an ingress controller (IRIS) that uses real-time health and capacity signals to steer traffic and contain failures to a single tenant.
Allison announces a terminology update in GitHub Secret Scanning that renames detector types to better reflect how secrets are found, while keeping detection behavior unchanged. The post clarifies the difference between provider vs generic secrets and pattern-based vs AI-based detection, and confirms no API or webhook changes.
Sridhar Baynes announces Aurora 1.5, an open-source update to Microsoft’s Earth-system foundation model that adds more weather variables, hourly resolution, and probabilistic ensemble forecasts, with results compared against ECMWF ensembles and examples including tropical cyclone track improvements.
Salim Chawro summarizes Microsoft’s July 2026 Secure Future Initiative (SFI) progress report, covering measurable improvements in identity and configuration hardening, AI-assisted proactive defense for vulnerability discovery and remediation, and preparations for post-quantum cryptography—plus concrete steps organizations can apply now.
Napalys Klicius explains why migrating Copilot code review to shared Unix-style exploration tools (grep, glob, view) initially increased cost and reduced useful findings, and how rewriting tool instructions to match a reviewer’s diff-first workflow delivered about 20% lower average review cost without hurting quality.
John Savill runs through a weekly set of Azure platform updates, covering new capabilities across OpenShift, storage, Event Hubs, Log Analytics, Chaos Studio, and identity. He also calls out security-related changes (WAF exceptions, Network Security Perimeter, Entra backup/restore) and an OpenAI/GPT update.
GitHub recaps this week’s developer news, including the general availability of the GitHub Copilot app (now supporting free and education plans plus bring-your-own-key), GitHub Issue Fields reaching general availability, and quick updates on new ECMAScript JavaScript methods and the new HTTP QUERY method.
Allison announces a GitHub Enterprise Cloud REST API update that lets enterprise owners and billing managers retrieve per-user consumption for a multi-user budget from a single endpoint, making it easier to review spend and identify users nearing their limits at scale.
David Paquette explains how the Azure DevOps team reduced Azure Pipelines task extension size by bundling Node-based tasks with esbuild, cutting thousands of files down to a few per task and significantly improving agent download and extraction time in real production pipelines.
Allison announces an update to GitHub Mobile that adds improved filtering and sorting for GitHub Copilot sessions, helping developers find active, completed, and needs-attention sessions more quickly as their session list grows.
Hidde de Smet breaks down why spec-driven development can either reduce risk or quietly add “delivery debt”, especially in regulated environments. He outlines six common process cost centers, a three-lane model (full/light/no-spec), and a small set of KPIs to tell when structure is paying off.
Fokko at Work demos selected updates in Visual Studio Code 1.128 that affect GitHub Copilot, including configuring the default utility model for BYOK and notes on how enterprise policies and pricing plans can change which features are available.
Daniel Roth, Javier Calvarro Nelson, Maya Mateva, and Stamo Gochev present a Blazor Community Standup on “generative UI”: using AI agents and agent-driven UI patterns to dynamically create and adapt application experiences with AG-UI, A2UI, Microsoft Agent Framework, and Blazor.
Carlotta Castelluccio demonstrates how to build a hosted, coded AI agent in VS Code using GitHub Copilot CLI and a Microsoft Foundry Skill, then walks through the workflow to test and deploy it for a social media management scenario.
Allison announces the general availability of GitHub’s refreshed pull requests dashboard at github.com/pulls, highlighting the new Inbox experience, saved views, and improved filtering/search to help developers and teams track reviews, CI failures, and ready-to-merge work more efficiently.
sbaynes explains how Microsoft AI collaborated with poet William Sieghart and Gravity Road to build Ode Poetry, a real-time voice experience that transcribes user speech, responds empathetically, and recommends poems using MAI-Transcribe and MAI-Voice, with a strong focus on safety testing and quality iteration.
Mika Dumont introduces an interactive upgrade canvas in the GitHub Copilot app that lets teams track a .NET modernization end-to-end, from assessment and planning through execution, code changes, build failures, and final results, with the same upgrade workflow available in Visual Studio, VS Code, and the Copilot CLI.
Allison announces the rollout of OpenAI’s GPT-5.6 model family (Sol, Terra, and Luna) in GitHub Copilot, including what each variant is best suited for, where you can select them, and what admins need to enable for Business and Enterprise plans.
Michael Recachinas explains how GitHub enforced validated repository ownership across a 14,000+ repo organization to unblock security workflows like secret scanning remediation, reduce risk, and make governance and compliance scoping reliable.
GeertVanTeylingen explains what’s changed in Azure NetApp Files for running Oracle Database on Azure VMs, focusing on newer capabilities that make Oracle storage easier to size, deploy, protect, replicate, migrate, and clone across the database lifecycle.
Microsoft Developer recaps the 2026 updates shipped across SQL Server, Azure SQL, and SQL database in Fabric, highlighting security, tooling, and developer workflow changes announced around SQLCon/FabCon and Microsoft Build 2026.
NeoCai announces the general availability of enhanced host pool management for Azure Virtual Desktop, covering session host configuration and updates, dynamic autoscale via scaling plans, and using ephemeral OS disks to improve performance and simplify refresh-heavy environments.
Allison announces a public preview update to GitHub Code Quality that lets organization owners enable or disable Code Quality for a targeted subset of repositories, with optional enforcement to prevent repo admins from changing the setting.
GitHub introduces Bring Your Own Key (BYOK) support in the GitHub Copilot app, showing how to connect custom model providers, run local models with Ollama, and switch models from the model picker across all Copilot plans.
Microsoft Threat Intelligence breaks down GigaWiper, a Golang backdoor that bundles disk wiping, ransomware-like encryption, and system sabotage into modular commands, and maps its C2, persistence, and destructive behaviors to concrete Defender detections and hardening steps defenders can apply.
Allison announces a GitHub Copilot Chat feature on github.com that generates a high-level overview of a repository you’re visiting for the first time, summarizing the repo’s purpose, technologies used, and contribution guidelines, with an option to generate a README when one doesn’t exist.
Visual Studio Code shares a short sizzle reel promoting VS Code Learn, a set of free, hands-on courses created by the VS Code team to help developers learn VS Code features and workflows.
Wes Steyn shows how to scale a Microsoft Agent Framework “claw” using the Agent Harness: on-demand skills (including centrally managed Foundry skills via MCP), approval-gated shell access, CodeAct for sandboxed code execution, and concurrent background agents, with runnable samples in both .NET and Python.
Shree Divya M V announces a preview feature in Azure Logic Apps Standard that generates BizTalk-compatible flat-file XSD schemas directly from sample payloads, so teams can onboard CSV/delimited and fixed-width formats faster and then reuse the generated schema with Flat File Decoding and Encoding actions.
Authorised Territory demonstrates how to build a .NET agent harness that lets an AI agent read a local text file, using the .NET Agent Framework and the Microsoft.Agents.AI.Harness NuGet package with a locally running LLM in Ollama.
Allison announces general availability of GitHub Advanced Security innersource advisories, letting enterprises publish internal security advisories with visibility limited to enterprise-owned repositories. The update includes a new REST API for creating, updating, and withdrawing vulnerabilities, and uses Dependabot to notify affected repos and open upgrade pull requests.
David Pine explains how the .NET Aspire team uses GitHub Agentic Workflows to turn merged product pull requests into SME-reviewed documentation pull requests in a separate repo, while keeping security tight through a “safe-outputs” contract and narrowly scoped GitHub App permissions.
Allison announces enterprise-managed OpenTelemetry export controls for GitHub Copilot in VS Code and Copilot CLI, letting organizations centrally mandate OTLP endpoints, protocols, resource attributes, and capture settings without relying on per-developer OTEL_* environment variables.
CollinBrian explains how to design cloud-sovereign applications by keeping both deployment and runtime dependencies portable, using Radius for an application model and Dapr for consistent distributed-systems APIs across environments like Kubernetes and Azure.
Allison announces general availability of device-level deployment for managed GitHub Copilot settings in VS Code and GitHub Copilot CLI, enabling enterprise admins to enforce consistent Copilot governance via MDM, configuration files, or server-managed settings.
GitHub explains how to control GitHub Copilot costs in large organizations by mapping enterprise teams to cost centers, configuring AI credit pools, and applying user-level spending caps with per-user overrides for power users.