AI Dev Stack

Sign in Subscribe

feature

GitHub Security Lab Uses LLMs to Triage Vulnerabilities at Scale

GitHub Security Lab Uses LLMs to Triage Vulnerabilities at Scale

GitHub Security Lab built an LLM framework that triaged thousands of CodeQL alerts and found 30 real vulnerabilities. Here's how they combined fuzzy pattern matching with structured workflows to make SAST results actually useful.

Building a Countdown App with GitHub Copilot: Context Windows, Plan Agent, and TDD

Building a Countdown App with GitHub Copilot: Context Windows, Plan Agent, and TDD

Chris Reddington built a countdown app live on stream and discovered practical patterns for working with AI: context window management, Plan agent for requirements, TDD with Copilot, and custom agents. Here's what actually worked.

GitHub Copilot's Memory System: Agents That Learn Your Codebase

GitHub Copilot's Memory System: Agents That Learn Your Codebase

GitHub Copilot now shares learnings across coding, code review, and CLI agents using citation-based memory that verifies itself in real-time. Early results show 7% higher PR merge rates and 2% better code review feedback.

When Defense Systems Become Technical Debt: GitHub's Rate Limit Cleanup

When Defense Systems Become Technical Debt: GitHub's Rate Limit Cleanup

GitHub's emergency rate limits from past incidents were blocking legitimate users. The lesson: defense systems need the same lifecycle management as features — observability, expiration dates, and active maintenance.

GitHub Security Lab's Taskflow Agent: Open Source AI Security Research

GitHub Security Lab's Taskflow Agent: Open Source AI Security Research

GitHub Security Lab open sourced their agentic framework for AI-powered security research. Write vulnerability detection workflows in YAML, share them as Python packages, and audit the code. This is how community-powered security should work.

What AI Coding Tools Are Actually Good For, According to Devs

What AI Coding Tools Are Actually Good For, According to Devs

GitHub's developer advocates share what actually works in AI coding tools based on real usage data: inline suggestions beat chat interfaces, AI should handle tedium while you handle judgment, and protecting flow state matters more than automation.

Context Engineering: How to Make GitHub Copilot Actually Useful

Context Engineering: How to Make GitHub Copilot Actually Useful

Context engineering beats prompt engineering. Instead of crafting clever prompts, give GitHub Copilot the information it needs upfront: your coding standards, workflows, and architecture. Three techniques — custom instructions, reusable prompts, and custom agents — turn Copilot from "sometimes he...