Welcome to this week’s Tech Roundup. GitHub Copilot continues to broaden its features, with agent automation in VS Code, deeper CLI integration, and finer model management. The AI landscape now includes new agentic frameworks, standardized skill libraries, and orchestration tools for complex deployments. Azure remains central in enabling real-time, AI-powered solutions. Security and DevOps teams further reinforce automation and cloud-native practices, focusing on operational reliability and compliance. Let’s look at the updates influencing development workflows and cloud technology.

This Week’s Overview

GitHub Copilot

The Copilot section this week covers updates in AI tooling for developers, including improved agent functions in VS Code, Microsoft platform integrations, recent model rollouts, and broader workflow and analytics options. The new features reinforce Copilot’s growing use in regular coding, CLI automation, and review tasks, supporting both organizational and individual needs.

Copilot Agent Automation and Extensibility in Visual Studio Code

The February 2026 update to VS Code v1.110 includes automation and extensibility features for Copilot. Building on past agent automation and custom agent creation, it introduces lifecycle hooks for automated activity, like auto-linting and output restrictions that help maintain safe workflows. You can now fork conversations to explore different code paths within agent chats. Slash commands in chat streamline approvals and actions, and terminal sandboxing adds safety for prototyping. Live steering lets you shift task focus during execution. There’s experimental support for custom third-party plugins. Developers can access browser tools, and build agents, prompts, or skills from chat. Integration with the CLI is more flexible, with improved diff views and folder syncing. Persistent memory helps agents retain context and information, making recall across sessions easier. Tools like Explore Subagent speed up codebase searching, and memory compaction gives manual control over session data. Predictive edits now use complete file context for more relevant suggestions. Terminal images and interface updates (including accessibility changes) lead to a more productive and collaborative environment in VS Code.

GitHub Copilot CLI: General Availability and Practical Tutorials

Copilot CLI is now available for all users, letting developers work with Copilot in their terminal. After last week’s general availability announcement, developers can access code suggestions, reviews, and simple automation workflows outside the IDE. CLI users benefit from diff navigation, trusted sync, and snippet-based actions. There are telemetry and user-metrics options for teams to track usage. A free eight-part open source course helps you set up CLI, build custom agents, and run your own MCP server with hands-on labs. User-level metrics help with resource planning. Official dashboards and how-to guides demonstrate how Copilot CLI can help in day-to-day command-line work.

GPT-5.4 Integration: New Coding Model for Copilot

With the release of GPT-5.4, Copilot Pro, Pro+, Business, and Enterprise users in supported IDEs can now access better code generation and improved agent workflow support. It’s available on VS Code (v1.104.1+), Visual Studio (v17.14.19+), JetBrains (v1.5.66+), Xcode, Eclipse, the web, and in the CLI. These updates bring improvements to handling multi-step coding tasks and agent interactions. Enterprise admins must enable GPT-5.4, with guides provided for migration. Tutorials explain changes that improve reasoning and task management in VS Code Copilot.

Copilot Code Review: Agentic Architecture and Workflow Evolution

Copilot Code Review uses an agent-driven architecture to support more than 60 million automated reviews, now accounting for over 20% of all reviews on GitHub. Continuing last week’s agent-oriented code review discussion, Copilot supplies detailed context, recognizes recurring code issues, and makes targeted suggestions on correctness and design. Batch review comments and automated multi-line fixes are designed to make feedback clearer. Self-hosted runner setup is needed for these features, while GitHub-hosted runners work automatically. Continuous improvements are based on telemetry and team reactions. Future plans include adaptive personalization and more interactive team review features.

Copilot Memory: Persistent Context Now On by Default

For Pro and Pro+ users, Copilot Memory is now enabled by default. This feature stores repository-level conventions, patterns, and dependencies, refreshing every 28 days to keep the context relevant. This capability supports better code completion, reviewing, and CLI interaction. Users may opt out, and organization admins control settings. The documentation provides more about operation and updates, reflecting last week’s move from opt-in to default for persistent memory.

Model Management: Selection and Deprecation

Now, you can select specific Copilot AI models such as GPT-5.4 when you use @copilot in pull request comments. This lets you tailor model selection for each review, with the picker available on github.com, and plans to support GitHub Mobile. Gemini 3 Pro and GPT-5.1 are being deprecated; admins are advised to migrate to Gemini 3.1 Pro and GPT-5.3-Codex with official support to guide the transition.

Figma MCP Server Integration: Design-to-Code Workflows

Copilot now connects VS Code with the Figma MCP server, allowing developers to import UX/UI content for code or export components as editable frames in Figma. This helps bridge design and engineering tasks. Setup guides are available for continuous integration, with CLI support planned. These updates provide deeper automation across tools, picking up from last week’s discussion on design-engineering workflows.

Agentic Workflows: Repository Automation and Open Source Bots

Copilot’s agentic workflows allow developers to automate repository tasks using markdown scripts. Tutorials cover safety precautions, scenario-based automation, and best practices for bots that manage issues or maintain projects. Home Assistant and similar open source projects use these workflows to reduce manual work and enable community support. Guidance is provided for setting up safe, effective automations.

Jira Integration: Coding Agent for Issue-Driven PR Automation

Copilot Coding Agent’s new link to Jira Cloud lets teams assign Jira tasks to the agent, which then drafts pull requests based on details and status, asking clarifying questions when necessary. It helps automate repetitive issue-resolution steps and keeps manual reviews intact. Marketplace app installation and repository-level access are required, and data residency controls are included. Documentation is available for setup, and feedback is invited for new features. This addition complements last week’s focus on agent-powered task automation.

Copilot Usage Metrics: Expanded Telemetry, Plan Mode, and Username Consistency

The Copilot metrics API now provides plan mode telemetry across IDEs and detailed CLI usage at a per-user level, helping organizations understand adoption and support users effectively. The dashboard reflects these changes, and Enterprise Managed Users (EMUs) now have consistent usernames to simplify large-scale tracking.

Agent Management and Network Configuration

Enterprise admins gain session filtering by agent status, repository, and user, simplifying oversight. Outbound network routing for Copilot agents now depends on specific plans; allowlists need updating for self-managed and Azure runners, though GitHub-hosted runners remain unchanged. Documentation explains the settings, updating last week’s content on enterprise management and registry.

Global Developer Events and Skill Expansion

GitHub Copilot Dev Days are rolling out worldwide, offering workshops, demos, and hands-on sessions for VS Code and Visual Studio users starting March 15, 2026. GitHub is working with Andela to grow AI skills, offering training and mentorship in Africa and Latin America. This focus on training supports faster onboarding and more complex project management, reflecting Copilot’s dedication to developer education.

Other GitHub Copilot News

The Grok Code Fast 1 AI model is now included for automatic model selection in Copilot Free, making updated suggestions accessible in leading IDEs. Developers using .NET MAUI can try a demonstration of Copilot’s effect on their mobile workflow, covering scaffolding, troubleshooting, and deployment.

AI

The AI section outlines current innovations and tool adoption, especially among Microsoft and open-source developers. The focus is on new agent frameworks, skills SDKs, toolkits, and orchestration options for agentic applications, plus guidance on deploying secure and scalable AI solutions. This continues themes from last week, adding new practical toolkits for production-ready deployment.

Microsoft Foundry Ecosystem: Model, Agent, and SDK Advancements

Microsoft Foundry’s February 2026 release brings new models and agent features, picking up from recent updates on edge AI and hybrid privacy. Anthropic’s Claude Opus/Sonnet 4.6 models enable deep reasoning, scalable deployment, and large context handling. Models like GPT-Realtime-1.5 and GPT-Audio-1.5 support internationalized and voice-driven use cases. The Grok 4.0 engine enhances agent workflows, and FLUX.2 Flex improves text-image generation for interface prototyping.

Model updates complement new features for privacy and on-prem deployments. Foundry Local allows for disconnected, compliance-aware hardware. The Agent Framework (Python) reaches API stability, with better credential management, session orchestration, and migration instructions. Durable agent orchestration via Azure Functions and SignalR enables agents to work around long delays or restarts—useful in public sector and telecom scenarios.

The new Foundry REST API v1 is stable, with SDKs for Python, .NET, JS/TS, and Java. It introduces consistent naming and credential handling. Migration is supported for previous versions. There are also improvements in the AI Toolkit for VS Code (v0.30.0), introducing debugging, a model inspector, and catalog tools for quick prototyping and release. Documentation now further supports onboarding and protocol usage.

Modular Skills and Agent Frameworks: Agent Skills SDK, Reusable Skills, and Dynamic Tool Discovery

The Agent Skills SDK, an open-source Python toolkit, helps developers package common agent knowledge as portable skills. These can be published or discovered across different storage providers (local, HTTP, Azure/S3, databases). Skills are loaded only when relevant to save resources. The SDK works with tools like LangChain and Microsoft Agent Framework, supporting skill reuse and modular agent composition. It is MIT-licensed and customizable for DevOps, incident response, and retrieval agents.

Microsoft Agent Framework also now supports reusable skills for .NET/Python agents, packaged with scripts and configuration to support on-demand discovery. Skills are loaded only as needed, reducing context and token requirements. Guidance is included for safely sharing and maintaining skills, with forward-looking features for creating new ones dynamically.

Developers can use mcp-cli, a Bun-powered CLI, for finding tools in a token-efficient way, letting agents only fetch what they need. This aligns with earlier updates on secure modular agent deployment.

Secure Agent Execution and Durable Tasks: Azure Container Apps Dynamic Sessions, MCP C# SDK

Updates in this area give developers ways to run untrusted or agent-supplied code in Azure Container Apps with dynamic sessions, offering sandboxed runtimes for various workloads. Integration with Agent Framework and MCP is supported, while Azure AD and OpenTelemetry are used for authentication and traceability. Templates and deployment instructions make rollout easier, focusing on safe and repeatable ephemeral compute.

The MCP C# SDK v1.0 brings improved capabilities to .NET developers, providing durable AI operations, OAuth 2.0, client/server APIs, tool calling, SSE event streaming, and more. These changes enable secure, large-scale, and async tasks for agentic systems.

Architectures and Best Practices: High-Performance Agentic Systems, Open Standards

A Microsoft guide details best practices for enterprise-scale agentic AI engineering with Foundry and Copilot Studio, emphasizing differences from traditional chatbots, and focusing on autonomy, orchestration, and clear boundaries. The architecture makes use of tools like Microsoft Graph, Logic Apps, and Power Automate. Memory, access control, observability, and compliance requirements are addressed, with case studies for contract analysis and customer support.

A separate panel review discusses how open standards (MCP, Agent2Agent, OpenTelemetry, OAuth) help with secure, interoperable agent deployments, as well as how to write requests-for-proposal and select technologies focused on compatibility.

Other AI News

VS Code has added five new agent features: skills on demand, message steering, integrated browser, conversation forking, and lifecycle hooks. These updates are aimed at improving productivity and automation for developers.

Copilot for Data Factory (Microsoft Fabric) enables low-code data engineering, including natural language SQL transformations and automated pipeline setup.

Power Platform developers have new documentation for building Generative Pages with AI, supporting advanced UI features and Dataverse integration.

A new JavaScript AI Build-a-thon season is open, providing hands-on agentic AI and data pipeline challenges for JS/TS developers.

A GitHub interview with Anders Hejlsberg discusses the shift from AI assistants to more capable agents, including their effect on software tools and interoperability.

ML

This week’s ML section covers improvements in large language model (LLM) deployment, multimodal AI, and changes to enterprise patterns on Microsoft’s cloud stack. It includes guides on inference efficiency, permission updates, and releases of new AI models.

LLM Inference Optimization and Architecture on Azure

The Azure ML updates highlight resources for selecting the best trade-offs between prediction accuracy, request latency, and budget, using AKS, Ray Serve, and vLLM. Articles explain technical measures for improving throughput and scaling, such as TTFT, TPOT, batching, quantization, and memory handling. Fine-grained GPU allocation, modular LLM architecture, and best-fit machine selection are covered. Security and compliance remain fundamental for practical deployment.

Multimodal and Vision Reasoning AI: Phi-4-Reasoning-Vision-15B

Microsoft’s Phi-4-Reasoning-Vision-15B model supports new use cases in image-based reasoning, GUI automation, and chart/document analysis. The model’s thinking_mode can be adjusted for different latency/quality profiles. Benchmarks show reliable math and object inference. Training insights focus on reinforcement learning, verifier agents, and real-world use cases.

.NET AI Agent Architecture and Enterprise Patterns

A .NET AI Community Standup session highlights modern agent frameworks, orchestration, and continuous integration/monitoring. It features the Interview Coach sample and introduces MCP and Aspire tooling for production use. The presentation builds on modularization and cloud-native deployment, providing a blueprint for agents in .NET production settings.

Other ML News

Read-only permissions are now required to use semantic models with Fabric data agents, while more advanced actions remain behind Build or workspace member roles. This reduces friction and makes collaboration easier for new data modeling projects.

Azure

This week’s Azure section covers new general availability releases, migration guides, platform engineering changes, and features for secure and real-time data platforms.

Azure Databricks and Real-Time Data Platforms

Azure Databricks Lakebase is now generally available, providing a Postgres-compatible, serverless data platform for analytics, operational, and AI workloads. State management, real-time feature serving, and agent memory are supported. Postgres migrations are straightforward, and new AI models (Grok 4.0, Qwen3.5, GPT-5.x) are now supported. AI Foundry simplifies advanced model connections and analytics.

Azure Logic Apps and Integration Modernization

Azure Logic Apps enhancements include higher API Management limits, easier migration, SAP workflow support, AKS hybrid deployment, and advanced cost management and monitoring controls. The BizTalk migration tool allows orchestrations to convert easily to Logic Apps. Tutorials cover external configuration, state management, and host migration. These changes make logic-driven automation more accessible for enterprise teams.

Hybrid and Sovereign Cloud Capabilities

Azure’s hybrid cloud now has new training (Sovereign Cloud MicroHack) for governance, RBAC, encryption, and confidential settings, available as GitHub lab challenges. Azure Arc Gateway for Kubernetes streamlines network operations for regulatory workloads. Both updates help customers meet compliance rules across disconnected or connected environments.

Migration Guides for Azure Networking and Container Workloads

Guides are available for moving from AKS Virtual Nodes to Helm-managed Container Instances, covering steps like add-on disablement, resource clean-up, and new deployment configurations. There’s also new help for ExpressRoute Gateway migration, with focus on public IP SKU changes and best practices for minimal disruption and validation.

Platform Engineering, AI-Driven Infrastructure, and Compliance

This week, analysis covers how AI-driven IaC (infrastructure as code) and policy enforcement streamline compliance and resource management. Using Copilot and other agents, teams can generate and validate infrastructure, create diagrams, and automate compliance checks in development and operations. Platforms like Copilot Spaces and Skills help with modular agent tooling, and policy-as-code systems keep cloud management auditable.

Location and Networking APIs

The Azure Maps Geocode Autocomplete API is generally available, offering multi-language structured address suggestions and serving as a Bing Maps Autosuggest replacement. Documentation and migration samples provide everything needed for integration and localized applications.

Azure Managed Disks and Developer Productivity

Managed Disks now support instant access incremental snapshots, improving restore speed and reducing downtime in premium and ultra-tier environments. New API parameters allow granular configuration and more efficient cost control for disk usage.

The Azure Developer CLI (azd) adds support for direct slot swaps with a single command, helping achieve zero-downtime releases and improved CI/CD automation.

Other Azure News

Azure IaaS Resource Center adds new best practices, sample architectures, and migration resources for reliable and scalable environments, including networking, redundancy, GPU scaling, and cost optimization.

Microsoft Fabric’s new Execute Query API (public preview) automates Power Query transformations from REST or Spark endpoints, making pipeline development and hybrid analytics easier.

A how-to explains real-time, secure streaming into Fabric using Eventstream connectors and Azure VNets, VPN, or ExpressRoute, designed for regulated scenarios.

Netstar’s service migration to Drasi with Azure SQL and EventHub improved real-time fleet tracking and alerts. Event-driven integration cut manual processes and enabled faster reactions, continuing a recent trend toward continuous monitoring with Azure platform tools.

Coding

In Coding this week, major platforms received new updates and improvements. TypeScript 6.0 RC debuted, VS Code expanded support for agent development, and .NET streamlined data and workflow integration. Tutorials and Q&A sessions cover current best practices in productivity and migration.

TypeScript 6.0 Release Candidate and Migration Path

TypeScript 6.0 RC introduces default strictness settings, native support for Temporal date types, and more flexible module resolution. The --stableTypeOrdering flag supports the coming parallel type checker. Updates to standard libraries and the removal of deprecated configuration targets modernize projects. Codemod tools help with migration, and developers are encouraged to check compatibility ahead of TypeScript 7.0, which will feature a Go language implementation for the compiler and tools.

Visual Studio Code 1.110: Agent-Driven Development and Insiders Update

VS Code 1.110 brings more agent-specific features, including session memory retention, manual compaction with /compact, request queuing, session forking, and lifecycle hooks for workflow automation. Manual and automatic session features support different workflows. Frontend tools, CLI integration, and live session updates round out the release.

Insiders version improvements focus on accessibility, dialogs, keyboard navigation, and terminal experience.

.NET Data and Workflow Tooling

The .NET Data Standup presents dotConnect and Entity Developer tools for streamlined data access and model automation. This reduces manual configuration and helps avoid errors, supporting quick setup and maintenance.

Community guides offer insight into orchestrating advanced workflows in the Microsoft Agent Framework, encouraging modular and graph-based automation.

.NET MAUI Platform Expansion and Blazor in .NET 11 Preview

This week’s .NET MAUI standup covers expanded platform support (including Linux and macOS), plus AI-driven acceleration for routine app development. Blazor Community Standup discusses productivity, performance, and tooling improvements in .NET 11 Preview 2 for web development.

DevOps

This week’s DevOps updates emphasize better project management, platform changes for reliability, and automation for CI/CD and high-availability systems.

GitHub Issues and Projects: Enhanced Features and Workflow Guides

GitHub Projects added a hierarchy view with sub-issue filtering and deduplication, persistent list state, issue forms with file upload, and bulk issue moves. Guides help teams and new users get started with board setup, collaborative features, and automation strategy.

GitHub Platform and DevOps Tooling Improvements

GitHub Enterprise Server now uses a single-node Elasticsearch cluster with cross-cluster replication for easier management and better reliability. Advanced Security policies for source control and code quality are split so that admins have finer controls. There’s a new policy page for quality requirements.

The Actions Example Checker tool ensures usage samples in CI/CD are current. Pull request pages now show merge status and blockers directly, helping with code review.

Microservice Architecture Patterns and Solutions

A new resource reviews common pitfalls in microservice architectures and explains practical solutions including API gateways, async brokers, distributed tracing, CI/CD, circuit breaking for reliability, and zero-trust practices. The guide advises matching architecture to team needs and using simpler monoliths when appropriate.

Other DevOps News

GitHub metered products now send automatic usage alert emails at 90% and 100% of quotas to help teams monitor capacity and make proactive adjustments.

Security

Security this week covers both new threats and updated controls, with research on attacks using authentication weaknesses, vulnerability management, software supply chain changes, and the dual role of AI in state-of-the-art threats and defense.

Microsoft Account and Authentication Attack Analysis

The latest research details real-world attacks using OAuth application redirection in Entra ID for phishing or malware delivery. Attackers exploit OAuth parameters to redirect users to malicious URLs. Practical steps for defenders include tightening app permissions, monitoring authentication flows, and enforcing stronger access policies. There is also analysis of malware signed with stolen EV certificates, which is then used to install RMM tools as persistent footholds. Recommendations are provided for auditing, whitelisting, deploying AppLocker, and reviewing RMM credentials.

Global Disruption of Advanced Phishing Kits and MFA Bypass Platforms

A partnership between Microsoft, Europol, and global agencies dismantled the Tycoon 2FA phishing kit infrastructure, which previously enabled large-scale identity impersonation. Tactics included relay, session hijacking, AI-based phishing, and rapid domain switching. The articles offer mitigation steps, including MFA reviews, mailbox rule checks, token revocation, Defender tools, and post-attack clean-up.

AI-Enabled Security Threats, Detection, and Response

Microsoft Threat Intelligence describes how attackers are adopting AI for scanning vulnerabilities, developing malware, social engineering, and building infrastructure. LLMs are now sometimes used for reconnaissance, with North Korean groups highlighted. Defender recommendations include enabling AI-focused dashboards, prompt filter controls, and Defender Copilot products. The section also warns of AI browser extensions that steal chat data, with guidance on detection, extension auditing, and Defender management.

Secure Software Supply Chain and User Controls

Dependabot now allows security alert assignment for better accountability. Bulk assignment and additional webhook/API support enable more structured response. Draft advisories can be locked for authorized edit only, improving audit trail and compliance support.

Automation and AI-Driven Vulnerability Discovery

The GitHub Security Lab Taskflow Agent enables automated vulnerability scanning using YAML-based taskflows and LLMs. Documentation covers review of logic, control, and privilege tasks in your pipeline. User taskflows, integration with Codespaces, and Copilot support help teams act on findings more efficiently.

Secure Binary Signing with Azure Trusted Signing and dotnet sign

Rick Strahl details workflow improvements for code signing using Azure Trusted Signing and dotnet sign. Changes include simpler authentication, faster processes, and support for CI/CD scripts, covering details about configuration, integration, and security best practices. The overview addresses protecting certificates and ensuring responsible automated signoff.

Other Security News

GitHub Octoverse analysis highlights how automation tools like Copilot Autofix and Dependabot speed up vulnerability patching and support a “shift left” approach. Features discussed include merge queues and new access control checks supported by insights, reinforcing the balance between AI-driven automation and human oversight.