GitHub Engineering

Why it matters: This move provides a stable, open-source foundation for AI agent development, standardizing how LLMs securely interact with external systems. It resolves critical integration challenges, accelerating the creation of robust, production-ready AI tools across industries.

The Model Context Protocol (MCP), an open-source standard for connecting LLMs to external tools, has been donated by Anthropic to the Agentic AI Foundation under the Linux Foundation.
MCP addresses the "n x m integration problem" by providing a vendor-neutral protocol, standardizing how AI models communicate with diverse services like databases and CI pipelines.
Before MCP, developers faced fragmented APIs and brittle, platform-specific integrations, hindering secure and consistent AI agent development.
This transition ensures long-term stewardship and a stable foundation for developers building production AI agents and enterprise systems.
MCP's rapid adoption highlights its critical role in enabling secure, auditable, and cross-platform communication for AI in various industries.

#mlp #dist #security

Read original

GitHub EngineeringDec 9, 2025

Speed is nothing without control: How to keep quality high in the AI era

Why it matters: Engineers can leverage AI for rapid development while maintaining high code quality. This article introduces tools and strategies, like GitHub Code Quality and effective prompting, to prevent "AI slop" and ensure reliable, maintainable code in an accelerated workflow.

AI significantly accelerates development but risks generating "AI slop" and technical debt without proper quality control.
GitHub Code Quality, leveraging AI and CodeQL, ensures high standards by automatically detecting and suggesting fixes for maintainability and reliability issues in pull requests.
Key features include one-click enablement, automated fixes for common errors, enforcing quality bars with rulesets, and surfacing legacy technical debt.
Engineers must "drive" AI by providing clear, constrained prompts, focusing on goals, context, and desired output formats to maximize quality.
This approach allows teams to achieve both speed and control, preventing trade-offs between velocity and code reliability in the AI era.

#sre #mlp

Read original

GitHub EngineeringDec 8, 2025

The new identity of a developer: What changes and what doesn’t in the AI era

Why it matters: This article is crucial for developers to understand the evolving landscape of software engineering in the AI era, highlighting the shift in core skills from coding to AI orchestration and strategy. It guides how to adapt and thrive in future roles.

AI is transforming the developer role from "code producer" to "creative director of code," emphasizing orchestration and verification.
Early AI adoption (2023) showed developers seeking AI for summaries and plans, but resisting full implementation due to identity concerns.
Advanced AI users (2025) achieve fluency through consistent trial-and-error, integrating AI into daily workflows for diverse tasks.
The developer journey with AI progresses through stages: Skeptic, Explorer, Collaborator, and ultimately, Strategist.
Key skills now include effective prompting, iterating, and strategic decision-making on when and how to deploy various AI tools and agents.

#culture

Read original

GitHub EngineeringDec 4, 2025

How to use GitHub Copilot Spaces to debug issues faster

Why it matters: GitHub Copilot Spaces significantly reduces the time engineers spend hunting for context during debugging by providing AI with project-specific knowledge. This leads to faster, more accurate solutions and streamlined development workflows.

GitHub Copilot Spaces enhances AI debugging by providing project-specific context like files, pull requests, and issues, leading to more accurate suggestions.
Spaces act as dynamic knowledge bundles, automatically syncing with linked content to ensure Copilot always has up-to-date information.
Users create a space, add relevant project assets (e.g., security docs, architecture overviews, specific issues), and define custom instructions for Copilot's behavior.
Copilot leverages this curated context to generate detailed debugging plans and propose code changes, citing its sources for transparency and auditability.
The integrated coding agent can then create pull requests with before/after versions, explanations, and references to the guiding instructions and files.

#mlp #security

Read original

GitHub EngineeringDec 3, 2025

Your stack, your rules: Introducing custom agents in GitHub Copilot for observability, IaC, and security

Why it matters: Custom agents in GitHub Copilot empower engineering teams to embed their unique rules and workflows directly into their AI assistant. This streamlines development, ensures consistency across the SDLC, and automates complex tasks, boosting efficiency and adherence to standards.

GitHub Copilot now supports custom agents, extending its AI assistance across the entire software development lifecycle, not just code generation.
These Markdown-defined agents act as domain experts, integrating team-specific rules, tools, and workflows for areas like observability, security, and IaC.
Custom agents can be deployed at repository, organization, or enterprise levels and are accessible via Copilot CLI, VS Code Chat, and github.com.
They enable engineers to enforce standards, automate multi-step tasks, and integrate third-party tools directly within their development environment.
A growing ecosystem of partner-built agents is available for various domains, including security, databases, DevOps, and incident management.

#sre #security

Read original

GitHub EngineeringDec 2, 2025

“The local-first rebellion”: How Home Assistant became the most important project in your house

Why it matters: This article highlights the engineering complexities and architectural decisions behind building a robust, local-first distributed system for the physical world. It showcases how open-source governance can be a technical requirement for long-term project integrity and user control.

Home Assistant is a fast-growing open-source home automation platform, used in over 2 million households and attracting 21,000 contributors annually.
It champions a local-first architecture for privacy and interoperability, enabling control of thousands of devices on user hardware without cloud dependency.
The platform abstracts diverse devices into local entities with states and events, acting as a distributed event-driven runtime for complex home automations.
This local-first approach presents significant engineering challenges, demanding optimizations for device discovery, state management, and network communication on constrained hardware.
Governance by the Open Home Foundation ensures its open-source integrity, protecting against commercial acquisition and maintaining its core local-first philosophy.

#dist #sre #culture

Read original

GitHub EngineeringDec 1, 2025

How to orchestrate agents using mission control

Why it matters: This tool enhances developer productivity by enabling parallel execution and orchestration of AI coding agents, centralizing task management and review. It shifts the mental model from sequential to concurrent work, optimizing development workflows.

GitHub's new Agent HQ mission control provides a unified interface for managing Copilot coding agent tasks across multiple repositories.
The tool facilitates a shift from sequential to parallel task execution, allowing engineers to assign and orchestrate multiple agent tasks concurrently.
Effective orchestration involves crafting clear, contextual prompts and leveraging custom agents for consistent results.
Engineers must actively monitor agents for signals like failing tests, scope creep, or misinterpretation, intervening with specific guidance when necessary.
While parallel processing is ideal for research, analysis, documentation, and security reviews, sequential workflows remain suitable for dependent or complex tasks.
Mission control centralizes assignment, oversight, and review, streamlining the development workflow and enhancing productivity.

#mlp #culture

Read original

GitHub EngineeringNov 28, 2025

The ultimate gift guide for the developer in your life

Why it matters: This guide helps individuals find practical and fun GitHub-themed gifts for developers, enhancing their daily work and personal life with branded merchandise. It's relevant for celebrating developer culture and community.

The article presents a holiday gift guide featuring a range of GitHub-branded merchandise for developers.
It suggests festive apparel such as ugly holiday socks, beanies, and sweaters, some available in a Black Friday sale.
Hydration and coffee solutions are highlighted, including various bottles, mugs, and tumblers for different settings.
Novelty items like the GitHub Copilot Amazeball are offered for fun and decision-making.
Workspace enhancements include custom key caps, a recycled desk mat, and a MiiR laptop backpack.
The guide also features youth apparel, ensuring gifts for younger developer enthusiasts.

#culture

Read original

GitHub EngineeringNov 25, 2025

Why developers still flock to Python: Guido van Rossum on readability, AI, and the future of programming

Why it matters: This article highlights Python's enduring appeal, its foundational design principles emphasizing readability and accessibility, and its continued dominance in AI and data science, offering insights into language evolution and developer preferences.

Python, created by Guido van Rossum, emerged to simplify programming by offering a safer, more expressive alternative to C and shell scripting.
Despite TypeScript's recent lead on GitHub, Python grew 49% in 2025, maintaining its status as the default language for AI, science, and education.
Its core design emphasizes readability, intuitive syntax, friendly error messages, and a rich standard library, fostering accessibility.
Python's open-source nature, cross-platform support, and strong community are key to its versatility and widespread adoption.
The language's "irreverent" name reflects a deliberate choice to make programming less intimidating and more welcoming.

#data #mlp #culture

Read original

GitHub EngineeringNov 25, 2025

How GitHub’s agentic security principles make our AI agents as secure as possible

Why it matters: This article provides essential security principles for developing and deploying AI agents, addressing critical risks like data exfiltration and prompt injection. It offers practical guidelines for ensuring human oversight and accountability in agentic systems.

GitHub employs agentic security principles for AI agents like Copilot, balancing usability with security through a human-in-the-loop design.
Key risks for agentic AI include data exfiltration, impersonation/action attribution, and prompt injection.
Security controls ensure all context is visible, agents are firewalled, and access to sensitive data is limited.
Agents are prevented from making irreversible state changes without human approval, such as creating pull requests instead of direct commits.
Actions are clearly attributed to both the initiating user and the agent, ensuring accountability.
Context gathering is restricted to authorized users with appropriate repository permissions.

#security #mlp

Read original

Page 6 of 8

Prev 1...4 5 6 7 8 Next