The focus of GitHub’s Universe developer conference in San Francisco was the AI programming assistant Copilot, which will be expanded to include a number of new features in December. GitHub not only wants to help developers write code, but also make software development more secure.
Advertisement
The company has announced that it will be giving an AI upgrade to a number of features available as part of GitHub Advanced Security (GHAS). Scanning with CodeQL can now suggest AI-generated fixes for vulnerabilities it finds in pull requests. This works with the programming languages JavaScript and TypeScript, two of the most used languages on GitHub.
AI detective looks for passwords
Secrets such as API keys in code repositories still represent one of the biggest security risks. In order to better identify these, GitHub has long been offering the so-called Partner program for secret verification, in which 180 partners have taken part so far. In addition, you can use regular expressions (Regex) to create your own patterns to search for. To simplify this complex process, you can now get help from AI, which generates regular expressions from a questionnaire that you have previously filled out.
.
Passwords have previously been much more difficult to discover because they usually do not follow recurring patterns. According to GitHub, with a new generation of AI language models (LLMs), it is better possible to find such unstructured secrets. Thanks to the partnership with OpenAI and Microsoft, you can access a broad portfolio of models and therefore always have the right tool for the task at hand, says Michael Hanley, Chief Security Officer and deputy head of the engineering team at GitHub, in an interview with c’ t. The AI security features within the Advanced Security program are now available in preview. Those interested can register on a waiting list.
Trends in software development
Like last year, GitHub used the Universe conference as an opportunity to present the Octoverse Report, which summarizes the important trends and changes on the platform.
GitHub predicts that India will be home to the most developers by 2027, overtaking the US. Germany is currently in seventh place and is expected to slip to eighth place in 2024. Overall, 26 percent more users have registered on GitHub this year. In an interview with c’t, Chris Reddington, GitHub’s senior manager in developer advocacy, expects that tools like Copilot will make it much easier to get started in software development in the future.
In a linear development, India is expected to overtake the US in the number of developers by 2027.
(Image: GitHub)
According to GitHub, AI plays an important role on the platform. Projects dealing with generative AI are now among the top 10 most popular open source projects, measured by the number of developers contributing to them. Open source projects sponsored by companies see the largest number of developers contributing code to a project for the first time. Private repositories grew 38 percent in 2023 and account for 80 percent of activity on GitHub.
The trend towards more Infrastructure-as-Code (IaC) and cloud-native application development, which was already observed last year, continues, as can be seen in the popularity of languages such as HCL (HashiCorp Configuration Language) and Go. In 2023, more than 4.3 million repositories contained Dockerfiles that can be used to build containers. Rust is the programming language that is experiencing the greatest growth.
The innovation graph illustrates, among other things, the use of various software licenses.
(Image: innovationgraph.github.com)
Next to the annual Octoverse Report The trends on GitHub can also be viewed continuously since September so-called Innovation Graph follow up.
(ndi)