
GitHub has launched a new feature that integrates AI-powered security detections into pull requests, expanding its code scanning capabilities. This enhancement allows for broader language and framework coverage beyond what CodeQL supports, helping developers identify vulnerabilities earlier. The AI detections are integrated into the pull request workflow, allowing issues to be addressed before code is merged. Currently in public preview, this feature requires a GitHub Copilot license and is available to users with GitHub Code Security.
Read original
© GitHub ChangelogGitHub's latest update for Copilot in Visual Studio 2026 introduces several enhancements aimed at improving user experience and trust. The update includes a new usage tracking system that provides real-time alerts for usage limits, ensuring developers are aware of their billing status. A trust validation feature for MCP servers enhances security by requiring user approval for changes. Notably, the modernization agent for C++ is now generally available, offering automated and guided upgrade paths. These updates make Copilot more integrated and user-friendly, especially for C++ developers looking to modernize their codebases.
© GitHub ChangelogGitHub Copilot for JetBrains IDEs has expanded its customization capabilities, allowing developers to tailor the tool more closely to their workflows. The update introduces 'bring your own key' support, enabling the use of custom OpenAI-compatible endpoints with API keys. This flexibility is complemented by a more comprehensive plugin management experience, making it easier to integrate team-specific tools. Additionally, new features like local sandboxing and a built-in debugger skill for CLI sessions are now in public preview, enhancing the development environment's adaptability and debugging capabilities.
© GitHub ChangelogGitHub's Dependabot now introduces a default three-day cooldown period for version updates, aiming to mitigate the risk of supply chain attacks. This delay allows the community to identify and address any issues with new releases before they are automatically integrated into projects. While security updates remain immediate to ensure critical fixes are not delayed, developers can customize or opt out of this cooldown through their configuration files. This change enhances security without sacrificing control, providing a buffer against potentially compromised updates.
The latest update to Claude Code, version 2.1.208, introduces several enhancements and bug fixes aimed at improving user experience and system stability. Notably, a new screen reader mode has been added to assist visually impaired users, and vim mode now supports custom insert-mode remaps. The update also addresses numerous bugs, such as memory leaks and session crashes, ensuring smoother operation. These changes make Claude Code more accessible and reliable, particularly for developers relying on its agent and background service functionalities.
The latest update to Claude Code, version 2.1.210, introduces several fixes and improvements aimed at enhancing user experience and system stability. Notably, a live elapsed-time counter has been added to prevent long-running tool calls from appearing stuck, and various bugs related to session management and command execution have been addressed. These changes make the platform more reliable, especially for developers relying on its tools for complex tasks. While no groundbreaking features are introduced, the update solidifies Claude Code's position as a dependable tool for developers.
© The Verge AISpaceXAI's Grok Build AI tool was discovered to be uploading entire user codebases to Google Cloud, including files that were supposed to be excluded and sensitive information. This practice went beyond typical data retention norms, raising significant privacy concerns. After the issue was reported by Cereblab, SpaceXAI disabled the feature, and Elon Musk assured users that all previously uploaded data would be deleted. This situation underscores the critical need for robust data privacy measures in AI tools, especially those handling proprietary and sensitive data. The incident serves as a reminder of the potential risks associated with excessive data retention in AI development environments. SpaceXAI's response and Musk's commitment to data deletion reflect the importance of transparency and user control over data.