// Security

Quoted as a GitHub expert on the importance of integrating security tooling into development lifecycle and the role of AI in secure coding practices.

Chris reviews the latest GitHub changelog including CodeQL updates, GPT-5.1 Codex Max preview, GitHub MCP server tool-specific configuration, and Enterprise Server 3.19 GA. He then explores the major VS Code December release featuring Agent HQ, background agents with git worktrees, sub-agents, and custom agents for organizations, while continuing to build custom agents for a game MCP server project.

This episode dives deep into Copilot custom instructions — what they are, how to write them, and why they matter for guiding AI-assisted development. Chris reviews the GitHub Changelog including the credential revocation API, CodeQL improvements, and the GitHub Models playground's new prompt improvement feature, then live codes a higher/lower game for a Go-based GitHub CLI extension using Agent Mode with detailed custom instructions.

In this episode, Chris reviews the GitHub Changelog covering organization-level Copilot custom instructions, CodeQL for Actions workflow security analysis, Copilot Code Review language expansion, secret scanning alert dismissals, and GitHub Mobile updates. The coding segment tackles theme switching for the Copilot Airways web app and a Tailwind CSS upgrade using GitHub Codespaces and Copilot Agent Mode.

This episode dives deep into GitHub Advanced Security's new standalone Secret Protection and Code Security products. Chris demos secret scanning, push protection, custom patterns, and the free secret risk assessment report, then shows off a GitHub-themed brick breaker game powered by real contribution graph data.

Chris introduces OctoSnap, a GitHub-themed memory card game built with Next.js, and dives deep into designing a scoring model with Copilot covering difficulty multipliers, time bonuses, and penalty mechanics.

Introduces GitHub push rulesets, a governance feature that restricts what can be pushed to a repository based on the attributes of changed files—including path, extension, and size. The video demonstrates protecting sensitive files such as GitHub Actions workflow files, configuring bypass rules for designated roles, viewing blocked-push and bypass insights, and explains that push rules are enforced across the entire fork network of a repository.

Introduces enterprise repository policies in GitHub, a governance feature that lets administrators restrict repository operations—including visibility changes, creations, deletions, transfers, and naming—across all organizations in an enterprise account. The video also demonstrates repository properties defined at the enterprise level, giving organization admins consistent, inherited property values and requiring them at repository creation time to enforce compliance from day one.

Introduces GitHub's Private Mirrors App, a self-hosted or GitHub-managed tool that helps organizations contribute to open source projects while managing compliance, legal, and security risk. The app creates private mirrors mapped to public forks, enabling teams to run CI/CD checks and policy enforcement before syncing changes back to the public fork for upstream contribution. The video demonstrates forking an upstream project, configuring multiple team mirrors, and integrating with an Enterprise Managed Users organization.

Many of you may be familiar with GitHub for your own Open Source (OSS) projects. But, did you know that you can run your end-to-end development within your organization using GitHub Enterprise? Join Chris for a whistle-stop tour in the day-in-the-life of a developer with GitHub Codespaces, GitHub Copilot, GitHub Actions and GitHub Advanced Security, showing how you can bring Open Source best practices into your day-to-day work (also known as InnerSource)!