March 21st, 2024: GitHub has launched a new feature called code scanning autofix, which is now available in public beta for all GitHub Advanced Security customers.
The feature, powered by GitHub Copilot and CodeQL, aims to help developers fix vulnerabilities more quickly and easily, reducing the growing problem of “application security debt.”
Code scanning autofix supports more than 90% of alert types in popular programming languages such as JavaScript, TypeScript, Java, and Python.
When a vulnerability is discovered in one of these languages, the feature provides developers with a natural language explanation of the suggested fix, along with a preview of the code suggestion.
Developers can then accept, edit, or dismiss the suggestion. Remarkably, these code...
AI caught everyone’s attention in 2023 with Large Language Models (LLMs) that can be instructed to perform general tasks, such as translation or coding, just by prompting. This naturally led to an intense focus on models as the primary ingredient in AI application development, with everyone wondering what capabilities new LLMs will bring.
As more developers begin to build using LLMs, however, we believe that this focus is rapidly changing: state-of-the-art AI results are increasingly obtained by compound systems with multiple components, not just monolithic models.
For example, Google’s AlphaCode 2 set state-of-the-art results in programming through a carefully engineered system that uses LLMs to generate up to 1 million possible solutions for a task...