InfoQ Homepage github Content on InfoQ
-
Microsoft Brings AI-Powered Vulnerability Remediation to Azure DevOps with Copilot Autofix
Microsoft has announced the limited public preview of Copilot Autofix for GitHub Advanced Security for Azure DevOps, extending AI-powered vulnerability remediation to teams using Azure Repos.
-
GitHub Copilot Desktop App Targets Parallel Agentic Workflows
GitHub has introduced the GitHub Copilot app, a desktop control centre for agent-native development that aims to keep engineers in charge while AI agents handle more coding work. Mario Rodriguez writes on the GitHub blog that the recent wave of coding agents has brought faster delivery but also "disjointed workflows, more context switching, and too much time spent reviewing agent-generated code".
-
GitHub Slashes Agent Workflow Token Spend up to 62% with Daily Audits and MCP Pruning
GitHub reports cutting token costs in agentic CI workflows by up to 62% by pruning unused MCP tools, swapping some MCP calls for gh CLI, and running daily “auditor” and “optimizer” agents. A token-usage.jsonl artefact and an Effective Tokens metric help track spend across models and spot regressions.
-
Anthropic Introduces Routines for Claude Code Automation
Anthropic has introduced a new feature called Routines for Claude Code, allowing developers to configure automated coding workflows that run on schedules, through API calls, or in response to external events.
-
GitHub Expands Secret Scanning with General Availability of MCP Server Integration
GitHub has announced the general availability of secret scanning support through its MCP Server, extending automated credential detection and remediation capabilities into AI-assisted and agent-driven development workflows.
-
GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis
GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and validators directly through "models-as-data," a move that simplifies how teams extend security analysis across their codebases.
-
GitHub Targets Large Merge Problem with Stacked PRs
GitHub has launched a native stacked pull request workflow through a new CLI extension called gh-stack, closing a gap that third-party tools have filled for several years. It aims to resolve the problem where large pull requests are hard to review, slow to merge and prone to conflicts, with GitHub stating that reviewers lose context, feedback quality drops, and the whole team slows down.
-
GitHub Uses eBPF to Eliminate Deployment Risks and Prevent Circular Failures
GitHub has introduced a new approach to improving deployment safety by leveraging eBPF, enabling the company to detect and prevent hidden circular dependencies that could block recovery during outages.
-
Dropbox Collaborates with GitHub to Reduce Monorepo Size from 87GB to 20GB
Dropbox reduced its backend monorepo from 87GB to 20GB by optimizing Git delta compression in collaboration with GitHub. The changes improved clone times, CI performance, and developer velocity, highlighting how repository storage inefficiencies can impact large-scale engineering workflows.
-
GitHub Acknowledges Recent Outages, Cites Scaling Challenges and Architectural Weaknesses
GitHub has publicly addressed a series of recent availability and performance issues that disrupted services across its platform, attributing the incidents to rapid growth, architectural coupling, and limitations in handling system load.
-
Anthropic Introduces Agent-Based Code Review for Claude Code
Anthropic has introduced a new Code Review feature for Claude Code, adding an agent-based pull request review system that analyzes code changes using multiple AI reviewers.
-
GitHub Copilot CLI Reaches General Availability
GitHub has launched Copilot CLI into general availability, bringing generative AI directly to the terminal. Integrated with the GitHub CLI, it offers natural language command suggestions and code explanations. Recent updates introduce "agentic" workflows with Autopilot mode and GPT-5.4 support, alongside new enterprise telemetry for tracking usage across development teams.
-
GitHub Actions Custom Runner Images Reach General Availability
GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview phase that started back in October behind them. This feature will enable teams to use a GitHub-approved base image and then construct a virtual machine image that really meets their workflow requirements.
-
GitHub Integrates AI to Improve Accessibility Issue Management and Automate Feedback Triage
GitHub has launched a continuous AI-powered workflow to manage accessibility feedback at scale. Using GitHub Actions, Copilot, and Models APIs, the system centralizes reports, analyzes WCAG compliance, and automates triage while maintaining human validation. Teams now resolve feedback faster, improving inclusion and cross-functional collaboration.
-
GitHub Will Use Copilot Interaction Data from Free, Pro, and Pro+ Users to Train AI Models
GitHub will use Copilot interaction data from Free, Pro, and Pro+ users to train AI models starting April 24, opting in by default. Collected data includes code snippets, inputs, outputs, and navigation patterns from active sessions, including private repos. Business and Enterprise tiers are excluded. Community concerns include dark patterns, IP exposure, and GDPR compliance.