GitHub Agentic Workflows are built with isolation, constrained outputs, and comprehensive logging. Learn how our threat model and security architecture help teams run agents safely in GitHub Actions.
This post explains how we built Agentic Workflows with security in mind from day one, starting with the threat model and the security architecture that it needs. It details the defense in depth approach using substrate, configuration, and planning layers, emphasizing zero-secret agents through isolation and careful exposure of host resources. It also highlights the staging and vetting of all writes using safe outputs, and comprehensive logging for observability and future information-flow controls.
This post explains how we built Agentic Workflows with security in mind from day one, starting with the threat model and the security architecture that it needs. It details the defense in depth approach using substrate, configuration, and planning layers, emphasizing zero-secret agents through isolation and careful exposure of host resources. It also highlights the staging and vetting of all writes using safe outputs, and comprehensive logging for observability and future information-flow controls.
OpenCode is an open source agent that helps you write code in your terminal, IDE, or desktop.
It features LSP enabled, multi-session support, shareable links, GitHub Copilot and ChatGPT Plus/Pro integration, support for 75+ LLM providers, and availability as a terminal interface, desktop app, and IDE extension.
With over 120,000 GitHub stars, 800 contributors, and over 5,000,000 monthly developers, OpenCode prioritizes privacy by not storing user code or context data.
It also offers Zen, a curated set of AI models optimized for coding agents.
It features LSP enabled, multi-session support, shareable links, GitHub Copilot and ChatGPT Plus/Pro integration, support for 75+ LLM providers, and availability as a terminal interface, desktop app, and IDE extension.
With over 120,000 GitHub stars, 800 contributors, and over 5,000,000 monthly developers, OpenCode prioritizes privacy by not storing user code or context data.
It also offers Zen, a curated set of AI models optimized for coding agents.
This article presents findings from a survey of over 900 software engineers regarding their use of AI tools. Key findings include the dominance of Claude Code, the mainstream adoption of AI in software engineering (95% weekly usage), the increasing use of AI agents (especially among staff+ engineers), and the influence of company size on tool choice. The survey also reveals which tools engineers love, with Claude Code being particularly favored, and provides demographic information about the respondents. A longer, 35-page report with additional details is available for full subscribers.
Delegate it a task, and coding agent can independently write, run, and test code. Here’s how you can make the most of it.
This article details the billing structure for GitHub Spark, covering costs associated with app creation (based on premium requests) and current limits for deployed apps. It also outlines future billing plans for deployed apps once limits are reached.
GitHub Copilot now has an Agents page to help developers kick off tasks and track progress. Users can assign tasks to Copilot (tech debt, bug fixes, new features) and Copilot will create a draft pull request for review. The feature is available to Copilot Pro/Pro+, Business, and Enterprise users with the coding agent enabled.
GitHub Copilot has introduced several new models including Anthropic Claude 3.7 Sonnet, Claude 3.5 Sonnet, OpenAI o3-mini, and Google Gemini Flash 2.0. These models are now available in Copilot Chat and agent mode, offering enhanced capabilities and performance.
Google has released Gemini Code Assist for free, offering up to 180,000 code completions per month, significantly more than its competitors like GitHub Copilot.
The article provides a detailed cheat sheet for using GitHub Copilot Chat, including slash commands, chat variables, and chat participants to enhance coding efficiency and productivity.
```
/clear: Starts a new chat session.
/explain: Explains the code in the active editor.
/fix: Proposes a fix for code issues.
/fixTestFailure: Addresses failing tests.
/help: Offers a quick reference for using GitHub Copilot.
/new: Creates a new project.
/tests: Generates unit tests for selected code.
```
```
/clear: Starts a new chat session.
/explain: Explains the code in the active editor.
/fix: Proposes a fix for code issues.
/fixTestFailure: Addresses failing tests.
/help: Offers a quick reference for using GitHub Copilot.
/new: Creates a new project.
/tests: Generates unit tests for selected code.
```
A tool to estimate the memory requirements and performance of Hugging Face models based on quantization levels.
