Posts

SpecKit is an open-source toolkit from GitHub that transforms how we build software by putting specifications first. Unlike traditional development where we jump straight into coding, SpecKit guides you through a structured process: define what you want, clarify requirements, create a technical plan, break it into tasks, and finally implement. While it provides a CLI for setup, it’s primarily a set of templates and agents that work within your existing AI coding assistant like GitHub Copilot. ...

I’ve been using GitHub Copilot CLI for a few weeks now, and it has significantly enhanced my productivity beyond what Copilot in IDEs already provides. In this post, I’ll share my experience and practical tips to help you maximize this powerful terminal-based AI assistant. NOTE: GitHub Copilot CLI is in public preview. Features may change before general availability. What is GitHub Copilot CLI? GitHub Copilot CLI brings AI-powered assistance directly to your terminal, similar to the IDE experience but optimized for command-line workflows. It stays unobtrusive until needed and excels for developers who prefer terminal-based work. Beyond code completions, Copilot CLI enables powerful automation capabilities—you can run prompts in CI/CD pipelines, background jobs, or any automated workflow. ...

Container security is a critical aspect of modern application deployment. Vulnerable container images can expose your applications to serious security risks, making regular vulnerability assessment essential for maintaining a secure infrastructure. Microsoft Defender for Cloud provides powerful built-in capabilities to scan and assess vulnerabilities in container images stored in Azure Container Registry (ACR). This guide will walk you through the process of identifying vulnerabilities, understanding their impact, and automating the review process using Kusto queries. ...

When migrating from Azure DevOps to GitHub, one of the most challenging tasks is importing work items as GitHub Issues. While Personal Access Tokens (PATs) work well for individual migrations, organizational migrations often require a more professional approach using GitHub Apps. I’ve been developing adowi2gh, an open-source CLI tool designed specifically for importing Azure DevOps work items into GitHub Issues. With the recent release of version 0.1.0, the tool now supports GitHub App authentication, enabling better organizational control and attribution. ...

Originally posted at Hitachi Solution’s blog. In my last post, I discussed migrating from Azure DevOps to GitHub. Whether you have just completed the migration or have been using GitHub for a while, GitHub offers many features that you might not be aware of. This guide walks you through five key GitHub features that most teams should configure: Dependabot for automated dependency management Copilot Instructions for enhanced AI assistance Push Protection to prevent secret exposure Copilot Code Reviews for automated code quality checks Dependency Review Actions to enforce security policies By implementing these features, you’ll create a more secure, efficient, and collaborative development environment. ...