Browse DevOps News (261)

Arnaud Lheureux, davidwright, and sdaniels walk through a hands-on “agentic platform engineering” demo using Git-ape inside VS Code, where GitHub Copilot agents (via Azure MCP) can deploy and manage Azure infrastructure through validated, policy-aware actions.

The Visual Studio Code Team summarizes what’s new in VS Code 1.116 (Insiders), including updates to the Agents app (keyboard navigation, accessibility help, and file-context completions) plus CSS @import link resolution improvements.

Dylan Birtolo announces that organization admins and security managers can now open a GitHub Copilot experience from Code Security and secret risk assessment results to get contextual explanations and guided next steps.

Allison announces a new GitHub moderation option that lets moderators classify hidden comments as “Low Quality” (in addition to options like Spam and Abuse) across issues, discussions, pull requests, and commits.

Allison announces a GitHub update that shows contributor role labels (like First-time contributor, Contributor, and Member) directly in the pull request list view, helping maintainers triage PRs faster and spot first-time contributions more easily.

Allison announces GitHub updates that surface release information directly in the issue sidebar, add default values for GitHub Projects fields, and improve navigation by opening issue references in the issue viewer.

Jakub Oleksy summarizes four March 2026 GitHub incidents, including outages affecting github.com/API, GitHub Actions, and GitHub Copilot/Copilot Coding Agent, with root causes (caching, Redis config, auth/credentials) and concrete mitigations like rollbacks, improved monitoring, and configuration safeguards.

Allison announces new GitHub Copilot usage metrics API fields that measure how Copilot code review affects pull request merges and time-to-merge, enabling enterprise and org owners to track adoption and review impact across reporting windows.

Allison summarizes GitHub Secret Scanning updates that make security automation easier: a new REST API exclusion filter, richer webhook payloads (including user-facing URLs), clearer delegated-bypass emails, additional closure-request fields, and a fix for a delegated-closure resolution comment bug.

Allison announces GitHub’s free Code Security risk assessment for organization admins and security managers, summarizing vulnerabilities across repositories and pointing to remediation guidance, including where Copilot Autofix can suggest fixes.

Rachel Cohen shares a call for sessions for GitHub Universe (Oct 28–29) and highlights five memorable past talks—covering Git workflow tips, secure GitHub Actions patterns with Copilot, GitHub Advanced Security, Kubernetes security training themes, and Copilot Autofix-style AI-assisted remediation.

Allison announces an updated PGP keyring for GitHub CLI (gh) Linux package repositories, adding a replacement signing key and explaining who needs to rerun install steps before the current key expires on September 5, 2026.

Jeffrey Fritz walks through GitHub Copilot’s application modernization assessment report, showing how it drives planning and execution for migrating .NET or Java apps to Azure, including issue triage (cloud readiness, upgrades, security), target compute comparisons (App Service/AKS/Container Apps), and downstream IaC and deployment outputs.

Allison explains a GitHub Advanced Security update that uses Dynatrace runtime context to help teams prioritize code scanning and Dependabot alerts based on what’s actually deployed and the observed runtime risk in Kubernetes environments.

Allison announces an update to GitHub Copilot CLI that adds BYOK provider support (including Azure OpenAI) and a fully offline mode for local models, enabling air-gapped terminal workflows while keeping the same agentic CLI experience.

Allison announces a GitHub feature that lets you assign Dependabot alerts to AI coding agents (including GitHub Copilot) to analyze vulnerabilities and open draft pull requests with proposed fixes, with guidance on when it helps and why human review is still required.

Allison announces that Dependabot now supports Nix flakes for version updates, letting teams configure `dependabot.yml` to track `flake.lock` inputs and receive pull requests when upstream commits change.

Allison announces a GitHub update that lets developers batch-apply code scanning alert fix suggestions directly in a pull request’s Files changed tab, reducing repeated scans and speeding up remediation and review.

Allison announces that npm Trusted Publishing now supports CircleCI as an OIDC provider, enabling credentialless releases from CI/CD workflows, and notes that npmjs.com dark mode was built using GitHub Copilot agent mode.

Allison explains a GitHub Copilot cloud agent update that lets organization admins set and optionally lock the GitHub Actions runner used for agent tasks, making it easier to enforce consistent defaults and guardrails across repositories.