• RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN A vulnerability inGitHub Codespacescould have been exploited by bad actors to seize control of repositor
• A vulnerability in GitHub Codespaces could have allowed attackers to take over repositories by injecting malicious Copilot instructions in a GitHub issue.The attack, Orca Securit
• MicroPython now requires AI disclosure on every pull request, adding a Generative AI policy to guidelines. • PR template includes a checkbox: ‘I did not use Generative AI tools’
• GitHub is introducing a new approach to streamline developer workflow, offering AI agents that can shoulder the repetitive tasks that accumulate inside code repositories. • Known
• Gentoo Takes the First Step to Ditch Microsoft Copilot-Infested GitHub Contributors to Gentoo Linux can now submit pull requests throughCodeberginstead ofGitHub. • The repository
• SmartLoader uses a trojanized Oura MCP server to deliver the StealC infostealer. • Threat actors cloned legitimate Oura MCP, creating fake forks to build credibility. • StealC st
• Gentoo Linux Begins Codeberg Migration In Moving Away From GitHub, Avoiding Copilot The Gentoo Linux project last year announced plans to move their code hosting to Codeberg rath
• Open source is experiencing an ‘Eternal September’ due to a massive influx of contributions fueled by AI. • While this increases engagement, it overwhelms maintainers. • GitHub i
• We’re so glad you’re here. • You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game. • Check
• Try GitHub Agentic Workflows in a repo today! • Install gh-aw , add a starter workflow or create one using AI, and run it. • Then, share what you build (and what you want next).
• Share: In January, we experienced two incidents that resulted in degraded performance across GitHub services. • January 13 09:38 UTC (lasting 46 minutes) On January 13, 2026, fro
• How to maximize GitHub Copilot’s agentic capabilities A senior engineer’s guide to architecting and extending Copilot’s real-world applications. • Modern engineering work rarely
• Aaron Winston Aaron helps lead content strategy at GitHub with a focus on everything developers need to know to stay ahead of what’s next. • Also, he still likes the em dash desp
• GitHub Copilot CLI’s animated ASCII banner showcases complex terminal UI engineering. • Building the banner required handling diverse ANSI color interpretations across terminals.
• Year recap and future goals for the GitHub Innovation Graph Discover the latest trends and insights on public software development activity on GitHub with data from the Innovatio
• Tailscale has a unique ability to connect any machine to any machine, and CI/CD pipelines are no exception. • The Tailscale Github Action has, as of this writing, nearly 800 star
• Share: Today, we’re announcing some changes that will improve the security of accessing Git data over SSH. • We’re adding a new post-quantum secure SSH key exchange algorithm, kn
• Product engineers build the final product, while platform engineers supply the tools and infrastructure. • GitHub’s infrastructure team now serves internal customers, shifting fo
• GitHub Issues search now supports logical AND/OR operators across all fields. • Nested parentheses allow precise grouping of query terms for complex searches. • Example: is:issue
• GitHub CLI brings GitHub power to the terminal while ensuring accessibility for all developers. • Terminal accessibility lacks comprehensive standards, prompting innovative, purp
• GitHub CLI now fully supports triangular workflows, enabling smoother fork‑to‑PR development. • Triangular workflow lets you pull updates from other branches into your feature br
• Introduced sub-issues to break large GitHub issues into smaller, manageable tasks. • Enables hierarchical lists within a single issue, improving progress tracking and dependency