GitHub
-
Blog
GitHub says Copilot improves code quality – but are AI coding tools actually producing results for developers?
Software development has frequently been identified as an area ripe for improvement through generative AI adoption, but a recent study has challenged perceptions around how beneficial AI coding tools are for developers. The data science team at software development specialists Uplevel looked into the impact generative AI coding assistants are having on the efficiency and efficacy of developers. The investigation…
Read More » -
Blog
GitHub projects targeted with malicious commits to frame researcher
GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and machine learning startup, was targeted in the attack, which has left many wondering about the attacker’s true intentions. ‘Innocent looking PR’ caught injecting backdoor On Tuesday, Alex Cheema, co-founder of EXO Labs warned everyone…
Read More » -
Blog
Python just brushed past JavaScript to become the most popular programming language on GitHub – and a key factor is that AI developers love it
Python has overtaken JavaScript to become the most popular programming language on GitHub, according to new figures released by the firm, largely thanks to the rise of machine learning and generative AI. The coding platform revealed that there are now 518 million projects on GitHub, up by a quarter year-on-year, with 5.2 billion contributions to projects over the course of…
Read More » -
Blog
“There is no one model to rule every scenario”: GitHub will now let developers use AI models from Anthropic, Google, and OpenAI
GitHub Copilot is going multi-model, with the company unveiling a raft of new options for developers to draw from. Developers will now have the option of using Anthropic’s Claude 3.5 Sonnet, Google’s Gemini 1.5 Pro, and OpenAI’s GPT-4o, o1-preview, and o1-mini. They can either go with Copilot’s default, or toggle between models during a conversation with Copilot Chat about the…
Read More » -
Blog
Winamp’s Code Pulled From GitHub Following Messy Release
The open-source release of Winamp, a popular audio player, has gone particularly badly. It has been deleted from GitHub, possibly due to the controversy and confusion surrounding it. Llama Group, the current owner of Winamp, released the source code in September 2024. After many issues, Llama Group deleted the entire Winamp repository from GitHub. This comes after a lot of…
Read More » -
Blog
New GitHub rules mean users can store code and repository data in the EU
GitHub has unveiled a data residency feature for its Enterprise Cloud service that will allow users to control what regions their code is stored in. The feature will be generally available in the European Union (EU) from October 29 to begin with, and GitHub confirmed the option will be made available to users in Australia, Asia, and Latin America in…
Read More » -
Blog
GitHub comments abused to push password stealing malware masked as fixes
GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. The campaign was first reported by a contributor to the teloxide rust library, who noted on Reddit that they received five different comments in their GitHub issues that pretended to be fixes but were instead pushing malware. Further review by BleepingComputer found thousands of…
Read More » -
Blog
GitHub Actions artifacts found leaking auth tokens in popular projects
Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows. Attackers stealing these tokens could gain unauthorized access to private repositories, steal source code, or inject malicious code into projects. The discovery by Palo Alto Networks’ Unit 42 prompted action by owners of…
Read More » -
Blog
GitHub had a major outage, but now says its services are ‘fully operational’
GitHub, the popular code repository and developer platform, has recovered after dealing with some major issues on Wednesday that affected its website and many GitHub services. The company has rolled back changes to its database infrastructure that apparently caused the issues and says that services are now “fully operational,” according to a 8:26PM ET status message. GitHub was acquired by…
Read More » -
Blog
GitHub wants to stamp out software vulnerabilities once and for all: Copilot Autofix helps developers fix flaws three-times faster than manually
GitHub is set on eliminating insecure code with its new offering, Copilot Autofix, a tool designed to automate dealing with software vulnerabilities. Using AI, Autofix analyzes vulnerabilities in code, describes the importance of said vulnerabilities, and then presents users with suggestions to help developers fix each issue as it arises. GitHub found that developers were able to fix software vulnerabilities…
Read More »