Github
No mentions found
This entity hasn't been tracked yet, or Iris is still building its knowledge base.
Related Articles from SNS
Angry devs vow to flee GitHub Copilot as metered billing takes hold
Developers seem to hate Microsoft’s new usage-based billing policy for GitHub Copilot as they report burning through a month's worth of credits in hours. “This is a staggering shift from a 'predictable subscription' to a 'stressful meter-based' service that hinders my productivity rather than helping it,” wrote one developer on GitHub's user forum who said they were paying for Microsoft's $39-per-month Copilot Pro+ plan but burned through about 8 percent of their monthly AI Credits...
1-Click GitHub Token Stealing via a VSCode Bug
Just by clicking a link, it’s possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones. Table of Contents - Background - VSCode Webview Security Model - PoC and Protecting Yourself - What VSCode Did Well - Why Full Disclosure - Timeline Background Did you know GitHub has this really cool feature called github.dev? On any repository you have access to, if you can change the url from github.com to github.dev or you click this little menu...
AI costs how much? GitHub Copilot users react to new usage-based pricing system.
In April, GitHub announced that it was moving subscribers from request-based billing to a usage-based model for its AI-powered Copilot service. As that new pricing model goes into effect today, many GitHub Copilot users are reporting some extreme sticker shock as they realize just how quickly their previous "normal" usage is burning through their newly limited monthly allotment of AI credits. Across social media and forums, many Copilot users are sharing personal statistics showing how just...
GitHub Copilot App
From issue to merge, in one app Join the waitlist to stay informed and get notified when we expand access to the GitHub Copilot app technical preview—a new desktop experience for agent-driven development built natively on GitHub. Already a Copilot Pro, Pro+, Max, Business, or Enterprise customer? You can immediately install the app and get started today.
GitHub Actions down again today
GitHub Actions experienced another outage today, as reported on the GitHub status page. Users on Hacker News have also been discussing the recurring service disruption.
GitHub Actions outage told devs 'your account is suspended'
GitHub Actions experienced an outage lasting over three hours, during which developers were shown an incorrect error message stating their account was suspended. The disruption, which began around 1030 UTC on May 26, was attributed to authentication issues and impacted CI/CD workflows. This incident highlights ongoing reliability concerns for the platform amidst surging user activity, partly driven by AI coding.
Miasma worms its way onto GitHub as attack kit goes open source
As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire Miasma worm supply-chain attack toolkit, likely using previously compromised developers' accounts to publish GitHub repositories containing the self-spreading malware’s source code over the last 24 hours. SafeDep, a company focused on open source supply chain security that developed Package Management Guard (PMG), spotted the malicious repos, named...
GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
Microsoft’s GitHub has disabled over 70 repositories after they were reportedly compromised by a worm in the latest open source supply chain attack. The code shack took down 73 repos within the space of 105 seconds after its alarms were tripped on Friday, June 5, after detecting signs of the Miasma worm infecting its projects, according to StepSecurity’s co-founder and CTO, Ashish Kurmi. Users reported issues quickly on Friday, after visits to those repos all resulted in the same message...
Show HN: Gitdot – a better GitHub. Open-source, written in Rust
What works now: user signups, org creations, private/public repos, and importing GitHub repositories (both as read-only mirrors and full migrations). So basically, you can create, push and pull to a repo, but we don't have many features quite yet (issues, PRs, CI).What is a bit unique is: 1) we built it in Rust and 2) the website is a little odd. Its design is inspired by CLIs (e.g., fzf, broot, vim) instead of web apps, and as such, lacks some affordances that you might typically expect in...
GitHub pulls pin on npm's auto-run scripts
GitHub will change npm's defaults so the install command no longer runs scripts automatically, disabling a feature commonly exploited by malicious packages such as the notorious Shai-Hulud worm. Maintainer Leo Balter said: "Install-time lifecycle scripts are the single largest code-execution surface in the npm ecosystem. Every npm install runs scripts from every transitive dependency, so a single compromised package anywhere in your tree can execute arbitrary code on a developer machine or...