The GitHub developer conference Universe in San Francisco was all about the AI programming assistant Copilot. GitHub not only introduces new features for Copilot, but also focuses on security. The Advanced Security program is upgraded with AI-powered features that make it easier to identify and resolve security vulnerabilities. In particular, scanning with CodeQL can now suggest AI-generated fixes for vulnerabilities in the JavaScript and TypeScript programming languages.
New AI security features:
- CodeQL with AI generation of fixes: GitHub Advanced Security now enables AI-generated solutions for vulnerabilities found in pull requests during CodeQL scanning. This applies to the programming languages JavaScript and TypeScript.
- AI password detective: GitHub continues to address security risks posed by secrets such as API keys in code repositories. Through AI-powered Regular Expressions (Regex), developers can create their own patterns to identify such secrets. The AI generates regex expressions from a previous questionnaire.
- Better recognition of passwords: Thanks to new generations of AI language models (LLMs), unstructured secrets such as passwords can now be better recognized. The collaboration with OpenAI and Microsoft enables access to different models for a variety of tasks.
GitHub and AI security:
Michael Hanley, Chief Security Officer at GitHub, highlights the advances in AI security and highlights the broad partnership with OpenAI and Microsoft. The AI security features are already available as a preview; those interested can register on a waiting list.
Developer trends and GitHub predictions:
GitHub predicts that by 2027, India will be home to the most developers, overtaking the US. The Universe conference also presents the Octoverse Report, which highlights trends in software development. GitHub highlights the increasing importance of AI projects among the top 10 open source projects. The report also highlights the ongoing trend towards infrastructure-as-code (IaC) and cloud-native application development, supported by the popularity of languages such as HCL and Go, as well as the growth of Rust as a programming language.
Software development continues to experience dynamic development, supported by tools like Copilot and the continued integration of AI security features. GitHub remains a central place for the community to track developer trends and innovation.
