Microsoft is canceling most Claude Code licenses for developers and steering staff to GitHub Copilot CLI after internal AI coding costs surged. 💸
Uber exhausted its 2026 AI coding budget in four months as rising token use exposed compute costs that can exceed employee pay. ⚙️

🔗 https://fortune.com/2026/05/22/microsoft-ai-cost-problem-tokens-agents/

#TechNews #Microsoft #Anthropic #Claude #ClaudeCode #GitHub #GitHubCopilot #AI #ArtificialIntelligence #Copilot #LLM #Privacy #FOSS #Cloud #Developers #Automation #Compute #Enterprise #Uber

Things are moving too fast to plan a sequel to Practical Internet Groupware.

But this got me thinking about it!

https://github.com/judell/bram/issues/54

#collaboration #groupware #github #bram

ИИ-агент сам создал тикет, сам же его взял, и сам закрыл. Менеджер ничего не заметил

Автономные агенты в разработке уже встроены в CI/CD живых команд, закрывают реальные тикеты и пишут код, который идёт в прод. Проблема не в том, что они это делают плохо, а в том, что метрики при этом выглядят слишком отлично. Разобрали, как агенты проходят каждый этап SDLC, что именно идёт не так на каждом из них и почему зелёный дашборд стал наименее надёжным источником правды о состоянии команды.

https://habr.com/ru/companies/simpleone/articles/1037330/

#ииагенты #SDLC #автоматизация_разработки #управление_командой #Agile #тимлид #Devin #claude_code #github #code_review

From the linked thread:

"Just to be clear:

Microsoft’s #GitHub was compromised when a Microsoft developer using Microsoft VSCode installed a rogue extension from Microsoft’s VSCode extension library, which is moderated and hosted by Microsoft.!
https://m.einverne.info/@HackerNewsBot/116605491892963437

So, #GitHub has been hacked.

Own Your Data!

#OwnYourData

Let's move all of our internal code, pipelines, secrets and tokens for external systems to someone. It's free and everyone does - it must be awesome. Welcome to 2026!

#git #security #vulnerability #github #opensource

info on the github breach appears to only be available on xitter 🙄 , I fished it out for you.

#github

Alt...

post from github on May 20th, 2026: We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately. Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far.

TIL: you can use `workflow_run` on #GitHub actions to run them after another workflow ran ... previously I would invokle the second workflow from the first one. This makes it much more flexible!

https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow_run

Can someone explain why everyone is suddenly moving to #Codeberg and not #GitLab?

I know I'm kinda late to ask this, but why is Codeberg better than GitLab these days? What happened that it become the preferred choice for people moving off of #GitHub?

#GitForge #Git

What I’ve been reading (, watching, and listening to) this week ending 10 May 2026 https://jchyip.medium.com/what-ive-been-reading-watching-and-listening-to-this-week-ending-10-may-2026-27fcb149fc3d #SoftwareArchitecture #AI #GitHub #DataArchitecture #EV #management #cybersecurity #economics

The Pulse: #AI load breaks #GitHub – why not other vendors? https://blog.pragmaticengineer.com/the-pulse-ai-load-breaks-github/

Call me impressed: #codeberg pages are slightly less annoying to setup than #github #pages 😎

What’s gone wrong at #GitHub https://leaddev.com/software-quality/whats-gone-wrong-at-github

Flaky GitHub Pull Request builds are an annoying reality in many projects. Just when you think a change is complete and good to merge, you are greeted with an ❌. To unblock your PR, you need to rerun lengthy test pipeline just because of one rogue test.

If you have a Java project on GitHub, TestLens can help you:

https://testlens.app/blog/2027/05/07/reuse-test-results/

Drop me a message, if you would like to join or beta program.

#Java #JUnit #Gradle #Maven #GitHub

Alt...

TestLens control buttons in a comment on your GitHub Pull Request. They offer a 'Only rerun the tests that failed or were muted before' checkbox to activate before triggering a rerun through the 'Rerun job' checkbox.

So, #GitHub is having a rough go of it lately. With significant instability and frequent outages in the last month and platform uptime dropping below 85%.

But the most fun trick? Any authenticated user could execute arbitrary commands on GitHub's backend servers with a single git push command - using nothing but a standard git client. (Because their architecture didn’t sterilize semicolons, thus prompt injection.)

On GitHub Enterprise Server, the vulnerability grants full server compromise, including access to all hosted repositories and internal secrets.

GitHub Enterprise Server customers should upgrade ASAP. Wiz dot io data indicates that 88% of instances were still vulnerable.

https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854

#infosec #live #githubEnterprise #rce

Since I was visiting the 'daemontools' account on #GitHub, I took a look at what the people who mistakenly thought that it was someone actually involved, have done.

Not much, fortunately.

One wheel reinvention that didn't even look at Bruce Guenter's daemontools-encore.

Only one thing worth following up on, in 13 years:

https://github.com/daemontools/daemontools/issues/8

The bugfix will be in #djbwares version 13 when it comes out. As noted, neither @ska's nor my #nosh reimplementations have this bug.

#daemontools

For the record, and since we are on the subject of supply-chain attacks:

The person behind the 'daemontools' account on GitHub is unidentifiable, and certainly isn't Daniel J. Bernstein, me, @ska, Bruce Guenter, or anyone else well-known in the #daemontools world.

The account has been inactive since 2013. If that account suddenly wakes up, it's not unreasonable to suspect that it has been compromised/become malicious.

(M. Guenter is bruceg on #GitHub and is active there to this week.)

🚨 New Release of gh-get!

gh-get is a GitHub CLI extension that makes cloning and forming repositories eaiser, much like the ghq tool.

This release contains better forking behavior, improved logging and the possibility to directly cd into new clones.

Full announcement: https://britter.dev/blog/2026/05/05/gh-get-v2-5-0/

#release #github

#GitHub
haha merde quelqu'un a fait ce site 😂
https://www.dayswithoutgithubincident.com/

#VagueTooting

Helpful suggestion:

Instead of:

• Posting error messages from #GitHub
• Complaining about github being down

try:

• Not supporting #FashTech
• Moving to a different service
• Not supporting fashtech
• Self-hosting
• Not supporting fashtech

#kthxbai

GitHub recently announced that starting with v2.91.0 GitHub CLI will start sending pseudonymized telemetry data back to GitHub.

https://github.blog/changelog/2026-04-22-github-cli-opt-out-usage-telemetry/

Since this is an opt-out feature, most users will have it activated without knowing it. This is unacceptable in my opinion. So I took the liberty of turning this into an opt-in, disabled by default for nixpkgs.

https://github.com/NixOS/nixpkgs/pull/515047

#GitHub #nixos #nixpkgs #privacy

#copyfail #github serious question, has anybody found any info from Microslop about the impact of copyfail on github actions? Are they .. safe .. to use atm?

#GitHub is sinking https://dbushell.com/2026/04/29/github-is-sinking/

With so many posts popping up about “leaving GitHub” or discussing how poor the experience overall is with that platform, I will share my old post again on moving over to SourceHut :)

“Git Your Freedom Back: A Beginner’s Guide to SourceHut”

https://btxx.org/posts/beginners-guide-sourcehut/

#sourcehut #git #github

Have you already migrated your projects from #github?

Apparently I have 75 million PRs to review today... gonna be here a while.

#GitHub you're drunk, take your CoPilot and Go Home.

Alt...

a snapshot of the Github web UI, with a list of random projects because github is completely borked, with over 75 million PRs to review.

RE: https://mastodon.social/@andrewnez/116478133377243019

Workflow security continues to be a common cause of compromises of open source projects.

If you're using GitHub Actions and don't want this to happen to your project: use Zizmor and treat the findings seriously, especially insecure triggers and user-controllable template injections.

https://docs.zizmor.sh

#github #actions #security #oss #opensource #python

Andrew Nesbitt » 🌐 2026-04-27 / 2026-04-27
@andrewnez@mastodon.social

At this point having zizmor scans of every python package is turning out to be quite the crystal ball: https://www.stepsecurity.io/blog/elementary-data-compromised-on-pypi-and-ghcr-forged-release-pushed-via-github-actions-script-injection

elementary-data in my db: 203 zizmor findings total. 82 template-injection (High), 47 unpinned-uses, 4 dangerous-triggers, 2 github-env, and 1 bot-conditions.

The irony of megabytes of JavaScript force-fed to users in the name of “Nobody wants full page reloads!!!” and then exactly that full page reload being necessary to make the app work properly. FFS… 😣 #Github

Today in “Fun with Github UI inconsistencies”:

– Create a new milestone
– Follow the “Back to milestones” link
– New milestone is missing
– Refresh page
– The new milestone shows up

Does anyone even test this stuff? 😔 #Github

@lattera

#Gitlab is known to be quite resource hungry.

Perhaps you can have a look at #forgejo which is implemented in #Golang, and the #UX is very similar to #Github's.

https://forgejo.org

And #Codeberg is hosted on forgejo, and maintain a downstream fork, optimized for high-scale use, which is also open source.

https://codeberg.org

Some large projects have migrated from GH and GL before, and created migration reports, etc. The other day I was asking if there's a list of those, I am not sure there is.

CC @forgejo and @Codeberg

I'm 100% out of ideas. Our servers cannot handle the load the AI/LLM web scraping bots place on #GitLab. #Radicle is turning out to still not be ready for prime-time. I refuse to use #GitHub beyond being a read-only mirror.

Self-hosting our code repos is an absolute requirement in order to provide higher levels of OPSEC than what third-party hosted services can provide.

So, at the hands of our oligarchic overlords, is this the death of HardenedBSD?

Someone please provide me ideas. I have no idea what to try next and I'm desperate.

editi[0]: This is solved! I changed my approach and now everything's happy--and so am I! :-)

'#Claude is down' is the new '#GitHub is down'

https://xkcd.com/303/

In other news, today I discovered there is no #xkcd comic number 404.

Alternate code forges be like:

1. Let's offer this alternate VCS, so all the #git haters come to us.
2. Oh no, there's not much money in git haters. Let's offer git as well.
3. This alternate VCS is too much effort. Let's discontinue hosting it and tell our users to switch to our git hosting.
4. Why did all our users to move back to #GitHub?

#Bitbucket #Launchpad

Ok, that gave me enough of an angry energy boost to move my #Garmin tooling away from #GitHub to #Codeberg…

https://codeberg.org/michael-simons/garmin-babel

Wanted to do this for a while.

Also, now fully Java 26, and because of that, no longer #GraalVM build profiles.

The Pulse: is #GitHub still best for #AI-native development? https://blog.pragmaticengineer.com/the-pulse-is-github-still-best-for-ai-native-development/