Welcome to this week’s tech update, covering the latest tools and strategies affecting developer experience and enterprise IT. AI-driven agents now support production environments, with GitHub Copilot’s SDK and enhanced CLI, while Microsoft platforms automate workflows across sectors like healthcare and retail. Azure, machine learning, and Fabric updates drive improvements in performance, security, and modernization—helping teams with DevOps, supply chain enhancements, and up-to-date security. Below, we detail the week’s main releases and approaches influencing the current technology landscape.

This Week’s Overview

GitHub Copilot

GitHub Copilot continues to add new agent-based SDK capabilities, as well as improvements for its command-line interface and tools for automating modernization. Developers can now use Copilot in different development environments, including IDEs, terminals, automated pipelines, and custom agent-based apps. The latest enhancements to the CLI, better integration with organizational information, and tools for Java modernization are all designed to provide more concrete benefits for programming teams.

GitHub Copilot SDK: Powering Custom Agentic Development

The GitHub Copilot SDK is now in technical preview, following a recent rollout for platforms including Node.js, Python, Go, and .NET. Step-by-step guides now demonstrate how to use Copilot’s code completions inside purpose-built agent applications and automation tasks. The SDK expands on CLI capabilities with features such as agentic workflows, memory, tool orchestration, routing for multiple models, and streaming. Microsoft and contributors are offering in-depth examples for embedding agents using Python, enabling .NET in Visual Studio, and combining Copilot with external model authentication. The platform’s modular approach is suitable for organizations creating custom AI-enabled workflows and tools, and user feedback notes broader integration with internal processes.

GitHub Copilot CLI: Enhanced Terminal Workflows and Integration

GitHub Copilot CLI now offers new features for automatically using AI within the terminal, following updates such as support for different models (including GPT-5 mini, GPT-4.1), better installation, and agent-driven command-line tools. The updated “Plan” mode introduces guided, stepwise code planning before code is generated, which aligns with the broader move toward agentic workflows. GPT-5.2-Codex support provides improved prompt handling and context control (/context). The CLI now integrates with gh copilot for quick setup and unified onboarding for teams. Features for background task delivery (/delegate), persistent repository memory, review functionality, and audit/history tools all support better security practices. The YOLO mode and CI/CD automation are designed to cut repeated tasks.

Organizational and Work Context Integration

For distributed and enterprise development teams, Copilot now adds greater organizational context into AI features. Following last week’s update on context engineering and memory, these integrations allow Copilot to pull from Microsoft 365, SharePoint, and call transcripts via the Work IQ MCP server. You can now search organization documents and previous work history directly from the IDE or command line, which helps with requirement matching and audit needs. Persistent and auditable context handling strengthens code reviews and onboarding, which continues the trend of team-wide curation and verifiable memory functions. Teams report higher productivity and more accurate requirement handling.

App Modernization with GitHub Copilot

Copilot’s modernization tools support more automation for Java and Spring upgrades. Last week’s Java EE to Jakarta EE migration is now followed by tools to automate updates for Spring Boot and Spring Framework, with step-by-step guides for both JDK upgrades and secure identity changes. These tools combine security, dependency management, and automated refactoring—including support for OpenRewrite, JDK/build planning, and Microsoft’s ID and Key Vault. This reduces friction for enterprise migrations, covering tasks like namespace changes, dependency and CVE analysis, fixing security vulnerabilities, and deeper IDE integration. Focus remains on simplifying post-migration review, automated code improvements, and cloud adoption.

Integrating and Expanding Copilot Use Across Platforms

GitHub Copilot continues to integrate with additional workflows. After last week’s news about Copilot support for OpenCode (including login and credential management across desktop, terminal, and IDE), current guides show practical setup steps for connecting Copilot to OpenCode and CI/CD tools. An in-depth look at Copilot’s Arm Cloud Migration Agent discusses how Copilot helps with container migration, indicating expanded applicability in infrastructure and cloud migrations. Community updates show more widespread adoption.

Advanced Workflow Guidance and Tutorials

Recent resources offer strategies for using Copilot throughout the development process. Tutorials cover test-driven development with agents, Copilot review practices, and ways Copilot functions as a collaborator rather than just a code assistant. KQL support in Microsoft Fabric continues to show how Copilot can power analytics and engineering. Community events like the .NET AI Community Standup discuss new SDK features and integration, highlighting practical implementation advice.

AI

AI platform news this week highlights new agent orchestration tools and real-world automation scenarios in areas such as healthcare, law, and retail. Microsoft continues developing orchestration and security patterns. Best practices and open-source agent projects support teams looking to deliver practical AI solutions and reliable products.

Microsoft Agent Framework, Foundry, and Agentic Orchestration

Microsoft’s Agent Framework (Python/.NET) reaches deeper into enterprise infrastructure, with Windows 365 for Agents providing secure, flexible cloud PCs for agent deployments beside human users. The new Agent 365 APIs and SDKs add robust and modular orchestration for scaling, policies, and automation. Integration with Azure, Entra ID, Intune, and added capabilities for credentials and observability all follow previous best-practices discussions. The Microsoft Foundry for VS Code introduces a workflow visualizer, resource tracking, and improved feedback loops for production-scale orchestration. Technical articles explore Foundry IQ for retrieval-augmented generation (RAG), context management, and troubleshooting memory, reinforcing the modular agent platform focus.

Open Source Agent Interoperability and Best Practices

Open source agentic frameworks are moving forward, as discussed previously with the Model Context Protocol (MCP) and agent modularity. Angie Jones’s talk covers using Goose to build interoperable and trusted agents for developers and non-developers, supporting community and production adoption. Goose shows how Azure’s approach to open APIs and context supports broader agent patterns.

Specification-Driven and Contextual AI Development Workflows

The resource “From Vibe Coding to Spec-Driven Development” continues the discussion on test-driven and context-oriented agent workflows. This practical guide helps teams implement improved validation, automation, and error handling in agentic delivery. The content connects prior themes about prompt design and engineering rigor for reliable agent projects.

Azure collaborations reach practical use for healthcare (e.g., Parkinson’s care), legal technology (AI for India’s court system), and retail (autonomous robots). These examples extend previous themes of workflow modernization, while providing tips on compliance, privacy, cost efficiency, and deploying agents in context-sensitive environments.

ML

This week’s machine learning updates highlight improvements to developer toolkits, analytics, and applied AI for robotics. Microsoft’s ecosystem releases streamline development, testing, and deployment for a range of ML applications.

Microsoft Fabric: Enhanced Data Engineering, Analytics, and Performance

Building on last week’s news about ML in Fabric, these updates provide enhanced security and speed for Spark workloads via Private Endpoints, cost-saving autoscale features, and up to 4x Spark performance improvements with the Native Execution Engine. The GigaOm report recognizes Fabric’s unified feature set and includes new controls for cost, scaled SQL pool management, and additional ML connectors. Serverless processing and new OneLake capabilities support flexible analytics and engineering. Real-Time Dashboards have further speed optimizations, boosting streaming and IoT analytics up to 6x or 10x faster. Updated documentation and ongoing events keep users informed.

Physical AI Advances: Microsoft Research’s Rho-alpha Robotics Model

Rho-alpha, from Microsoft Research, applies machine learning beyond data analytics by supporting physical robotics. Its underlying system combines natural language processing, multiple sensors, and controls, and supports continuous learning from user interactions. The platform aligns with earlier discussions around Copilot’s agentic updates and best-practice monitoring. Developers in robotics, manufacturing, and real-time control gain tools as APIs and SDKs are released, showing a unified approach similar to advances in Fabric and .NET AI.

Azure

Azure’s current updates offer improvements in networking, infrastructure automation, data engineering, operations, and developer productivity. These include enhanced reliability for Kubernetes and storage, automation features, better analytics, and tools for modern developer workflows.

Azure Kubernetes Service (AKS) and Infrastructure Automation

Guides for AKS cover how to scale, secure, and improve cluster performance. One walk-through investigates DNS scaling using Cilium, NodeLocal DNSCache, and FQDN policy to address latency in large workloads and documents troubleshooting for outbound traffic. Another resource explains optimizing AKS node pools with Crossplane, including notes on version compatibility and automation. Java users can use the Azure Performance Diagnostics Tool v5.0 to monitor JVM metrics—useful for faster debugging on Kubernetes.

Microsoft Fabric Data Integration, Real-Time Intelligence, and Analytics

New features in Fabric include full pipelines for retail analytics using Delta Lake, Debezium, and Azure Event Hubs, showing automated change tracking and partition management. Data Factory now adds incremental copy/CDC, more connectors, flexible replication, and adjustable mapping for schema changes. A preview integration with Cribl Stream allows for fast telemetry routing and visualization.

Azure Storage: AI-Centric Platform Evolution

The Azure Storage service’s updated roadmap outlines shifts toward scalable, AI-focused workloads. This includes changes for blob storage, deep integration with AMLFS, and options for GPU-based operations (benefiting agents or LLMs). Elastic SAN and ACStor provide orchestration and combined file/block sharing for demanding deployments. Resiliency improvements span disks and files, while sustainability and smart tiering features are also being expanded.

Azure Automation, SRE, and Incident Management

Recent guides describe how to automate with Azure SRE Agents. You can connect SRE Agents with MCP for fine-grained roles and permission, scheduled compliance/security checks, and send automated reports via Teams or GitHub. Incident management integrates with ServiceNow to streamline triage and root cause processes, and work notes are now automated with AI summaries.

Azure Verified Modules, Infrastructure as Code, and Platform Foundations

Azure Verified Modules (AVM) for Platform Landing Zone with Bicep are now generally available, featuring modular IaC support for governance, network, and management. AVM adds Deployment Stacks, parameter files, policy control, and clear docs for migrations—continuing the platform update cycle.

Developer Tools, Testing Services, and Workflow Improvements

Developers now have access to the Azure Playwright Testing Service (Preview) for scalable UI/API automated tests. The preview includes workspaces, secret handling, CI integration, and reporting tools. Playwright Workspaces v2.0 add report views, artifact handling, and data retention controls to help with workflow governance and collaboration—building on ongoing improvements in SQL and CI pipelines.

Memory Reliability and Hardware Efficiency for Azure Infrastructure

Azure launches RAIDDR, an open-source tool for improving reliability in modern memory (like LPDDR5X), and ELC for adaptive CPU power management, increasing data center energy savings while optimizing latency and performance. Both areas advance last week’s focus on infrastructure sustainability.

Application and Container Networking, Security, and Cache Optimization

Guides for Azure Container Apps show secure integration with virtual networks and firewall routing for policy enforcement, monitoring, and compliance. Redis tips include scripts for listing key lifetimes, statistics, and tuning, assisting teams with troubleshooting and scaling.

Azure Arc Server and Hybrid Cloud Updates

The Azure Arc Server recap covers improved management, zero-downtime patching, TPM rollout, and SQL hybrid workflows, maintaining last week’s focus on secure hybrid and multi-cloud management.

Microsoft Data Platform Ecosystem

SQLCon and FabCon announcements outline conference topics, training, and product updates for SQL Server, Azure SQL, Fabric, and AI-powered data management. These events extend previous coverage on data platform feedback and innovation.

Other Azure News

Developer-focused updates enhance debugging, performance, and workflow management. New filters for Azure Boards (now in private preview) let backlog and Kanban boards filter by custom fields, supporting better UI and management options.

Coding

Highlights this week include optimized patterns for .NET and SharePoint, new features for React Native Windows, and practical resources for developer engagement and education.

.NET Performance Optimization and Modern Web Development

This week includes a guide on making IEnumerable<T> iteration in .NET allocation-free. Andrew Lock details compiler behavior and testing, explaining how Reflection.Emit/DynamicMethod avoids boxing overhead on older runtimes—useful for SDKs and instrumentation. Resources on modern web teaching (Razor Pages and HTMX) show how to build with less JavaScript, leveraging Razor’s separation of logic for maintainable courses and projects.

React Native Windows and Cross-Platform App Development

React Native Windows v0.81 introduces features for desktop debugging and accessibility, including Hermes engine support. Early support for DevTools is coming, helping teams with breakpoints and profiling. Recent architecture work prepares the project for a move to “Fabric.” Discussions remain about whether to prefer React Native or MAUI for .NET-based cross-platform development.

SharePoint Site Optimization Guides

SharePoint site optimization advice covers scaling with site collections/hubs, filtering lists and libraries, improving metadata, auditing custom code, batching API usage, and regular diagnostics. A checklist provides steps for both urgent and longer-term maintenance across large enterprise sites.

Other Coding News

A tutorial shows how to use the “Report Issue” feature in VS Code for feature requests, including tips for improving the chance of getting changes reviewed, referencing feedback cycles as a means to better software.

DevOps

DevOps news includes new GitHub Actions runners for cost-effective CI, improved issue and pull request workflows, and advances in artifact traceability and security features. Beginner-friendly content covers common workflows.

GitHub Platform and Workflow Improvements

GitHub Actions announces general availability of 1 vCPU Linux runners for shorter, lightweight jobs such as linting and scripting—designed to help teams lower CI/CD costs. Updates expand on earlier changes for reliability and artifact management. GitHub Issues are now faster to load, reducing project dashboard wait times, and the modern “Files Changed” pull request interface with improved commenting is now the default—bringing better accessibility and review features.

Expanding Supply Chain Security and Artifact Traceability

GitHub adds artifact metadata APIs and Unified Artifact Views to help with code/build tracking and verification. REST APIs and Defender/JFrog integrations allow improved workflows. The new Packages tab displays build details, SLSA Level 3 proofs, and event histories. GitHub Actions now streamline attestation creation. Docs and guides offer step-by-step help for DevSecOps adoption.

Other DevOps News

Enterprise admins can now use more precise budget controls that exclude cost center usage—supported by REST APIs for automation. User feedback feeds directly into policy and cost management improvements. New tutorials for beginners walk through git switch, git add, and git commit, highlighting the value of isolating changes and working with tracked project histories.

Security

Security updates include coverage of risks in developer environments, AI and cloud posture, vulnerability triage, and new controls for workload and supply chain protection. Data governance remains a consistent theme.

Security in Developer Tooling and Workflows

An analysis covers risks from VS Code’s tasks.json, which can contain unsafe commands if included in shared repositories. These shortcuts might inadvertently expose engineers to unsafe code. Developers are encouraged to use isolated dev containers, scrutinize repos for automation files, and request stronger platform-level controls.

Cloud AI Security and Copilot Studio Protections

Microsoft Defender now offers unified management tools for AI risk in cloud environments (including Azure, AWS, GCP), mapping agent privileges and checking for prompt injection. Microsoft Copilot Studio’s runtime protection now includes automated webhook review to identify and stop unintended agent actions. These features combine with last week’s coverage of agent security.

Microsoft Fabric and OneLake: Fine-Grained Security Management

Fabric now offers REST APIs for OneLake that provide automated, path-based access controls. These APIs connect with Entra ID for fine-grained, CI/CD-ready permission management. OneLake security for mirrored databases gives detailed controls—reducing risks associated with excess permission or duplicate data.

Threat Intelligence: Phishing Campaigns and BEC Countermeasures

Microsoft investigates new phishing and BEC attacks targeting the energy sector, including using SharePoint for multi-stage attacks that bypass filters and steal sessions. Attackers can add mailbox rules for persistence and erase evidence. The report covers detection, recovery, and analytics alongside remediation strategies, reinforcing best practices for defense.

Automating Vulnerability Detection and Management

GitHub Security Lab’s Taskflow Agent uses LLMs and rule books to automate vulnerability triage for Actions and JavaScript, filter out false positives, and connect with GitHub Issues. Modular YAML and prompt/task templates enable extensibility, helping teams systematically review reports and reduce manual work.

Secure Auth and Delegated Access Patterns in Cloud Services

A new guide explains how to use Microsoft Entra’s OAuth2 On-Behalf-Of flow for Python MCP servers (using FastMCP SDK), enabling developers to configure delegated, audited API access. Code samples and setup details help developers integrate secure user flows with existing cloud services.

Enhancing Supply Chain Security: Container Image Signing

Microsoft’s Notary Project and Artifact Signing (now GA) tools provide managed certificate handling for CI/CD and AKS—making it simpler to sign images, handle credentials, and use RBAC. The guides support migration from older image signing strategies.

Broader Identity and Data Security Guidance

A framework for 2026 outlines four priorities for identity and network access risk management: adaptive policies, governing users/agents, Zero Trust adoption, and credential controls. Platform integration (Defender, Purview, Verified ID) is central for compliance. Azure Essentials video content shows Purview’s main governance and audit features, complementing ongoing security automation content.

Other Security News

CodeQL Release 2.23.9 announces the deprecation of support for Kotlin 1.6/1.7 in February 2026. Users of these versions should upgrade. Guidance is available for GitHub Enterprise Server and CLI, echoing last week’s security tooling updates.