Browse All Posts (116)

Liam Hampton demonstrates how to use third-party coding agents (Claude and Codex) inside Visual Studio Code via GitHub Copilot’s agent tooling, including when to choose local vs. remote execution and a short end-to-end demo workflow.

Jesse Houwing shows how to automate GitHub Copilot AI Credits budgeting by assigning per-user budgets based on Microsoft Entra ID group membership, using a GitHub Actions workflow and a PowerShell script that calls the GitHub enterprise billing API via the GitHub CLI.

John Savill shares a quick weekly Azure update covering what’s new across the Azure platform, aimed at keeping practitioners current on recent changes and announcements.

Hidde de Smet lays out a practical KPI scorecard for teams adopting AI coding agents under usage-based billing, using GitHub Copilot’s AI Credits model as the concrete example. It focuses on measuring speed, quality, reliability, and spend together, with a rollout plan and data sources you can wire into a weekly dashboard.

Fokko at Work demos selected new features in Visual Studio Code 1.122, focusing on GitHub Copilot updates like BYOK without GitHub login, the Agents window, and the built-in browser with device emulation, with notes on how enterprise policies and pricing plans can affect availability.

aakarshdhawan walks through building a React + TypeScript single-page app with Vite and deploying the compiled output to Microsoft Power Pages using the Power Platform CLI, including routing gotchas, activation steps, Dataverse Web API usage, and key security considerations around permissions and web roles.

paggarwal introduces Engineering Squad, an open-source multi-agent framework that turns plain-text requirements into user stories, technical design, production code, and automated tests using Azure OpenAI and Foundry Local, with a self-correcting review loop and traceable run artifacts.

yuvmaz breaks down the MegaTrain paper’s approach to training 100B+ parameter LLMs on a single GPU by treating GPU memory as a cache and streaming layers from host memory/NVMe. The post connects the technique to Azure NC-series VM choices, storage throughput, PCIe constraints, and cost/performance trade-offs.

Microsoft Defender Security Research Team reports on the “Mini Shai-Hulud” supply-chain campaign where typosquatted npm packages execute during install to steal cloud and CI/CD secrets. The post breaks down the two-stage payload, key indicators, and concrete hunting and mitigation steps for defenders.

Randy Pagels explains how to reduce repeated prompting by capturing team conventions in a copilot-instructions.md file so GitHub Copilot can generate code that matches your repo’s standards, architecture expectations, and preferred testing and design patterns.

AmirB announces a public preview that brings built-in CIS Benchmarks for Windows Server to Azure Policy via Machine Configuration, targeting Azure VMs and Arc-enabled machines. The post outlines what’s supported today (Windows Server 2025), how the workflow mirrors the Linux experience, and what’s coming next around remediation and broader baseline coverage.

mosiddi walks through the OWASP Top 10 risks for agentic applications (2026) and maps each risk to concrete mitigations in Microsoft’s open-source Agent Governance Toolkit (AGT), including policy-as-code enforcement, capability sandboxing, zero-trust identity, execution isolation, encrypted inter-agent comms, and tamper-evident audit trails.

Allison announces enforceable hard budget limits for GitHub Advanced Security (GHAS), letting enterprise admins cap license usage so new GHAS enablement is blocked once the limit is reached, while keeping existing budget alerts and adding license-to-cost visibility.

Allison summarizes the CodeQL 2.25.5 release, focusing on accuracy improvements to GitHub code scanning queries across C/C++, Java/Kotlin, and GitHub Actions, with several changes aimed at reducing false positives and improving detection coverage for workflow and composite action metadata.

Kayla Cinnamon demonstrates how to enable and use Remote Sessions for Copilot CLI agent sessions, so you can reconnect to the same running session from the web and the GitHub Mobile app.

GitHub introduces Project Pods, a program aimed at helping mission-driven open source nonprofits tackle stalled, high-impact work by pairing maintainers with skilled volunteer teams to coordinate and deliver larger initiatives.

dbandaru explains why Azure SRE Agent is shipping an MCP server before its interactive CLI and subprocess “agent mode”, focusing on how different callers (humans in coding agents vs remote automation agents) drive interface, schema, and response-contract design.

GitHub replays a Rubber Duck Thursdays session focused on talking through coding problems and debugging approaches in a live, conversational format.

Amanda Silver explains why open-sourcing TypeScript mattered, focusing on how community collaboration helped it evolve alongside major JavaScript frameworks like Angular, React, and Vue, and pointing viewers to the TypeScript GitHub repository.

Pieter de Bruin shows how Learn MCP Server can ground MCP-compatible coding agents in up-to-date Microsoft Learn docs, reducing failures caused by deprecated APIs. Using an Azure AI Foundry deployment example, he contrasts an agent that picks the outdated az ml path with one that queries Learn and uses az cognitiveservices successfully.

Allison announces that Anthropic’s Claude Opus 4.8 is now available as a selectable model in GitHub Copilot, including details on plan availability, where you can use it (IDE and platform support), and the temporary 15× premium request multiplier ahead of usage-based billing.

mutemwamasheke announces general availability of customizable security baselines in Azure Policy Machine Configuration, covering what’s new, which standards are supported (CIS and Azure Compute baselines), and how to customize, assign, and maintain baselines across Azure and Azure Arc-enabled servers using portal workflows or policy-as-code.

Microsoft Developer explains how to add persistent memory to an AI agent using Microsoft Agent Framework, storing conversation history in SQL Server and showing how the same approach can be future-proofed with Azure SQL Database.

GitHub shows how to manage a full Git workflow directly inside Visual Studio Code using the built-in Source Control panel, including initializing a repo, staging changes, writing commit messages, and pushing to GitHub—without switching to a terminal.

Visual Studio Code shares a short clip about “Copilot Teaches”, pointing to a longer explanation of how GitHub Copilot customization works in VS Code using concepts like instructions, skills, and hooks.

Microsoft Threat Intelligence breaks down The Gentlemen ransomware, a Go-based RaaS encryptor for Windows that pairs per-file Curve25519/XChaCha20 encryption with aggressive self-propagation. The post covers execution flags, defense evasion, persistence, lateral movement techniques, and Microsoft Defender detections, hunting queries, and IOCs.

DevClass reports on a multi-hour GitHub Actions outage that surfaced an incorrect “Your account is suspended” error, why Actions downtime can block CI/CD even when developers can still code locally, and what GitHub’s incident updates said about authentication issues and follow-on data cleanup.

John Edward explains how Declarative Agents and Autonomous Agents differ in Microsoft Copilot Studio, focusing on how each approach handles control, decision-making, and multi-step work. The article maps the trade-offs (predictability vs flexibility), gives practical use cases for each agent type, and offers guidance on choosing the right model for a given workflow.

ChaitanyaThalloory compares two ways to build AI agents on Azure: the Microsoft Foundry Agents SDK (Azure AI Projects/Agents) and Microsoft Agent Framework. The post focuses on real-world trade-offs around orchestration, multi-agent workflows, context/memory handling, and how the developer experience changes as systems move past simple proofs of concept.

Authorised Territory demonstrates how to configure Visual Studio 2026 to use a locally running LLM via Ollama inside GitHub Copilot Chat, using the gpt-oss model as the example.

dbandaru explains how to connect Azure SRE Agent tools to the Azure MCP Server so developers can operate SRE Agents from MCP-compatible clients like GitHub Copilot CLI and VS Code Copilot. It covers setup, RBAC requirements, control-plane vs data-plane behavior, safety guardrails, and common troubleshooting steps.

GitHub presents an overview of how Visual Studio 2026 and GitHub Copilot can help C# and C++ teams build, debug, profile, and modernize large codebases, with a focus on enterprise workflows, performance diagnostics, and preparing applications for cloud-connected and AI-assisted development.

GitHub gives an end-to-end overview of how GitHub Copilot fits into everyday development work, from writing and understanding code to debugging, reviewing changes, and shipping. It also highlights where Copilot plugs into common tools like the CLI, VS Code, and Visual Studio.

GitHub walks through new Visual Studio Code capabilities for remote session management, permissions, and secure AI adoption, including bring-your-own-key and bring-your-own-model options. The video also introduces an agents experience aimed at managing multiple sessions across workspaces, clients, and cloud-connected development environments.

GitHub explains how GitHub Copilot CLI can be used in the terminal to turn TODOs into finished work faster, with practical ways to understand commands, scaffold code, debug issues, and automate repetitive tasks from the command line.

GitHub walks through building a hands-on “battle” web app using GitHub Copilot CLI, starting from an empty folder and iterating to a working local frontend + backend that compares two GitHub profiles and their contributions.

Miles Cole introduces Incremental Liquid Clustering in Microsoft Fabric Runtime 2.0, explaining how OPTIMIZE now rewrites only the files that actually need reclustering or compaction. The post includes benchmark results across common ingestion patterns and shows the Spark SQL commands to use incremental clustering (default) or force a full recluster.

Waldek Mastykarz breaks down what happens between a developer prompt and an AI agent generating code with your SDK, CLI, or API, focusing on how harnesses assemble context, how models choose (or skip) tools like MCP servers, and why response quality and error messages can make agents succeed or fail.

GitHub hosts a Microsoft Build 2026 Day 2 live stream focused on what’s new in GitHub Copilot and Visual Studio Code, featuring product updates, live demos, and announcements from the teams building the tools.

Shireesh Thota explains why “building an app for under $25” is more achievable than it sounds, and points to practical levers like free tiers, serverless services, and architecture choices that keep cloud costs down.