Just this week, GitHub announced that they will be offering a free version of Microsoft’s Copilot. I came across an article that discusses this breakthrough. In this article, GitHub CEO Thomas Dohmke gives his direct input on the situation. He has always believed in offering free resources for developers and believed that Copilot should also be an available resource. He later goes on to explain that this is because He believes that people all across the world should have access to the same tools that allow them to become developers, as the $10 a month that you would have to pay for Copilot normally is relatively more expensive in other regions. While this is great news for developers around the world, it will be a fairly limited version of Copilot. In this free version, developers will be allowed 2,000 code completion suggestions per month. This includes suggestions that are not accepted by the user.

I found this article particularly interesting because we have been using GitHub and its many features in my CS 348 class this semester. We’ve mostly been using GitHub for creating repositories and creating pull requests for larger repos. It is incredibly convenient and makes version control much easier. However, this new feature adds a lot to the software. Not only can you store your work in a repo and add work to other repos, but you can also get AI assistance for what you are working on.

I believe this is an important breakthrough for developers globally. Dohmke’s idea of creating equal opportunity for developers worldwide is amazing to me. Not only is the future in technology, but we currently live in a world where technology is everything. There are great minds all over that may have never gotten the right opportunity. Perhaps this addition can help someone create a life changing software. Outside of speculation, though, this will help thousands of developers, as GitHub now has over 350 million users. While it is a limited version of the product, it is a big step taken by GitHub. It is nice to know that I am getting into a field that people are willing to offer help and services for the betterment of the industry. As someone who is still young and learning new things daily, I hope to be able to take advantage of this. I believe it will help me, along with many others, to write good code while still learning.

URL: https://techcrunch.com/2024/12/18/github-launches-a-free-version-of-its-copilot/

From the blog CS@Worcester – Auger CS by Joseph Auger and used with permission of the author. All other rights reserved by the author.

This week, I came across an article discussing how attackers were targeting Docker remote API servers recently. Docker is something we have discussed in my CS 348 class, so this was immediately intriguing. I know that Docker is used on many projects so that teams can all work with the same software. Obviously, attacks on these servers is something of great concern. The article begins by stating the issue and giving an example of a recent attack. It quickly jumps into explaining the process of how these attackers are pulling this off. The attack starts with a ping to the remote API server. Once they are able to get the information from the server, they create a container with the same name and allow themselves access to privileged mode. From there, the attackers have the reigns to complete the attack. The article then goes on to show how exactly the attackers do it with shell scripts and examples. It concludes with a list of recommendations on how to prevent these attacks for your own Docker remote API servers.

I found this article quite interesting for a couple of reasons. First being that, as I am still new to Docker and its features, I was unaware that it was susceptible to attacks such as this. Now, I am aware that it is not a normal occurrence, it was still surprising to me. However, I am now aware that whoever is running the server must make sure to configure the settings properly and pay attention to the server. Another reason I found this interesting is that I also have an interest in cybersecurity and networking. Not only was I able to learn more about what we had talked about in class, but also what I am learning outside of class.

There was a good amount of knowledge to take away from this article. I learned that even in software created by and for computer scientists, you can’t trust it blindly. This is not to knock Docker, but more of a reminder to myself, as it is something I am responsible for, not the software. It also shows how much more there is to being a computer scientist than just writing code, and if that is the only responsibility you prioritize, it will prove to be problematic for you and those you are working with. It was also pretty cool for me to see the actual scripting used for these attacks as I am learning more about cybersecurity.

URL: https://www.trendmicro.com/en_us/research/24/j/attackers-target-exposed-docker-remote-api-servers-with-perfctl-.html

From the blog CS@Worcester – Auger CS by Joseph Auger and used with permission of the author. All other rights reserved by the author.

This week, I came across an article that talks about Microsoft encountering an issue with Git and version control. Microsoft software engineers use Git as their version control system, and they recently discovered a problem with the amount of memory being used in their repository. Their first commit was only 2 GB, then grew to 4. However, it soon was taking up 178 GB of memory. Obviously, this is a bit of an issue. It would be very difficult for a team to make commits with that much storage space in that amount of time. But how does this happen? Well, the article states that the issue stems from name-hash collisions. Basically, Git was finding a bunch of differences with each commit despite there not being many at all. Obviously, this is a huge issue, so steps are already being made to resolve it.

This is an issue that was particularly interesting to me because we are currently learning about Git and how to properly use it in my CS 348 class. Git is an incredibly useful and necessary tool in the computer science world. To see an issue this scale at a company this important grabbed my attention immediately. I was also curious to see how Git was used on large projects at a company like Microsoft.

Seeing that problems like this can occur was for sure interesting. However, what was more interesting to me was that by the time anyone could report on this, changes were already being made. The article does state that this issue would not affect smaller repos, which would be what I am dealing with at the moment. However, it is fascinating to see how on top of everything these developers are in order to assure a smooth running product. It makes me feel better knowing that these issues will be resolved by the time I could ever encounter them. It also motivates me knowing that some day, I will have to be this vigilant in my work to truly be successful. Also, the fact that over 90% of developers use Git for version control was intriguing. I knew it was popular, but I also was aware of other version control systems. This just goes to show how reliable Git is, despite some occasional issues such as this one. I am glad to be learning how to use this system, and I am excited to learn more about it going forward.

https://www.techzine.eu/news/devops/125694/flaw-in-git-bloated-microsoft-repository-by-a-factor-of-35/

From the blog CS@Worcester – Auger CS by Joseph Auger and used with permission of the author. All other rights reserved by the author.

I came across an article titled “‘It’s time to question agile’s cult following’: Doubts cast on method’s future, with 65% of projects more likely to fail” that discusses the effectiveness of agile. Agile is a popular software development methodology, but this article suggests that it may be time to try other methods. It talks about how projects using agile are more often unsuccessful. For example, it states that research shows “agile software projects are 268% more likely to go wrong than those employing other methods.” It also cites other research that suggests projects using agile fail more often, decrease productivity, and adds unneeded stress to those working on the project. On top of that, the article suggests agile is inefficient. According to more cited research, major companies are starting to get rid of the use of agile in their software development.

This article is incredibly relevant to the subjects discussed in my Software Process Management class this past week. We went over software development methodologies, specifically agile. I wanted to read up on something relevant and educating. When I had come across this article, it caught my eye. when we had discussed agile in class, it had seem like the best option of the methods presented. However, this article suggested that, perhaps, agile isn’t the best method out there. In fact, it suggested that it shouldn’t be used. I was intrigued as to why it would be considered ineffective.

This article opened a door of questions about agile and software development methodologies. However, I did not feel as if they were all answered. I was shocked to see the amount of research and data that suggests agile is ineffective. I only recently learned about agile, and it seemed as though it would create a well-designed product through constant communication and reflection on the project. While reading the article, I became curious what other methods would be better to use than agile, but the article did not answer that question. I believe if you are going to critique something, you should offer a solution as well. One thing I personally liked about the article was all of the research data cited. I am a big numbers guy, so being able to see numbers to communicate the purpose of the content was nice to see. I am curious to learn more about other methodologies. I think this article was a good mind opener for me, and it reminded me that everything has room for improvement.

Article URL: https://www.itpro.com/software/development/its-time-to-question-agiles-cult-following-experts-cast-doubt-on-methods-future-with-65-of-projects-more-likely-to-fail

From the blog CS@Worcester – Auger CS by Joseph Auger and used with permission of the author. All other rights reserved by the author.