Securing GitHub Copilot CLI with a Docker Socket Broker

GitHub is sitting in a strange spot right now: critical infra for almost every dev team, but struggling with reliability just as AI agents are flooding it with new load. Availability dropping to "one nine" and a steady stream of outages point to infra that was built for humans, not thousands of bots spinning up repos and hammering APIs in the background. At the same time, a tiny startup like Pierre Computer claims to handle repo creation at a scale that looks tailor-made for agents, not people. If GitHub wants to stay the top git platform for AI-native development, it has to treat agent traffic as first-class. That means an AI-native git layer, better scaling of stateful systems like databases and Redis, and a clear North Star around being the backbone for agentic code lifecycles. The current mix of Copilot branding, internal politics, and no CEO naturally pulls attention away from the boring but essential work of hardening the platform. But it is also worth being cautious with the clean narrative. GitHub runs a very different workload from a greenfield product in closed beta, with years of baggage, enterprise constraints, and a massive ecosystem to keep stable. Self-reported numbers from a startup and a rough month of incidents are not enough on their own to declare the incumbent broken or the new model proven. Shutting down Copilot or slicing away half the product surface sounds decisive, yet could throw away real value while the market is still figuring out how devs and agents should work together. The useful takeaway is not that GitHub is doomed or that an AI-only platform will automatically win, but that infrastructure and product strategy now have to be designed around agents and humans coexisting at scale. Getting that tradeoff right - reliability for everyone, while building new, agent-native primitives with a clear focus - will matter a lot more than any single outage or launch over the next few years. https://lnkd.in/dECY42Vt

Most open source contributors never make their first commit. Not because they can't code. Because they open the repo, see 40 folders, and quietly close the tab. Our CTO, Ole Lensmar wrote a post that removes that excuse for Testkube. Clone the repo. Run two commands. Make a real code change inside a live local Kubernetes cluster. Watch Tilt pick it up in about two seconds, no Docker rebuild, no pod reschedule. The entire inner dev loop is that fast. If you've been meaning to contribute to an open source Kubernetes project and keep putting it off, this is the one to start with. → Full walkthrough on the blog: https://hubs.li/Q04bNx6R0

10 GitHub repos that actually earn their place in a Claude Code workflow : 1./ superpowers ⭐142K TDD-enforced. Deletes code written before tests exist. Forces structured thinking before any line runs. https://lnkd.in/dMUU_hcA 2./ everything-claude-code ⭐147K 30 agents, 136 skills, 60 slash commands. Don't install all of it, pick 4. Still changes everything. https://lnkd.in/dwk28CSF 3./ repomix ⭐23K One command packs your entire codebase into one AI-readable file. Claude sees the full picture instantly. https://lnkd.in/dAXa475V 4./ awesome-claude-code ⭐37K The community's curated index. Only PR allowed: from Claude itself. That's the quality bar. https://lnkd.in/d2PZZf2R 5./ claude-code-action ⭐7K ✅ Official Runs Claude Code directly in your CI/CD pipeline. PR reviews, automated, not demo-ware. https://lnkd.in/dyTuATuk 6./ claude-code-best-practice ⭐33K Read it, don't install it. Apply the patterns. 30 mins → weeks saved. https://lnkd.in/din-wP8h 7./ servers (GitHub MCP) ⭐83K Full GitHub access via natural language. Read repos, create issues, manage PRs. https://lnkd.in/dAKj2EDu 8./ context7 ⭐52K Injects live, up-to-date library docs into your prompts. Kills hallucinated APIs dead. https://lnkd.in/dBtucySC 9./ claude-session-restore Restores full context from previous sessions via git history. Handles files up to 2GB. https://lnkd.in/dTRv8Et8 10./ awesome-claude-skills ⭐52K 50+ community skills by category. Browse before you build your own. https://lnkd.in/dfPXNfrW

I love Coder.  It seems every few months I circle back and see what's new.  In "Coder in Docker and K8s" I cover a few setup options for Coder (upgrading Kubernetes and running in Docker with provided reverse proxy).  Coder is a fantastic way to get an open-source version of something similar to Firebase Studio or Github Codespaces.  Code-server is like a mini-Coder in that it is just a single hosted Code Server, but does a great job if you just need effectively a single coding workspace.  Surprisingly, while Github Copilot is now blocked in Coder/Code Server, Google Code Assist is not and does a fantastic job if you need an LLM assistant.  I show Coder with Gitlab as well as Code-server with Forgejo and Continue.dev (for a full self-hosted end-to-end option). In "OS Apps: Dynacat and Seafile" I check out a couple of interesting open-source containerized tools/suites that have been on my list.  Dynacat is a fork of Glance, a YAML-driven containerized landing page.  It's easy to use and customize, and doesn't require as many plugins as the original Glance.  While they don't have Kubernetes documentation, I built out a k8s YAML manifest from the docker compose and showed how to set that up with a TLS ingress.  Seafile is supposed to be this office file server and markdown suite that is easy to host.  I'll just spoil it now: I fought to get it to take any file over 1Mb without success.  I detail out all the ways I tried to host and launch Seafile.  It works mind you, but only for tiny files so in the end, I gave up and removed it. Apps hosted: - https://dynacat.tpk.pw/ Articles: - OS Apps: Dynacat and Seafile: https://kutt.tpk.pw/w253XN - Coder in Docker and K8s: https://kutt.tpk.pw/zUu6N8 #Opensource #docker #kubernetes #coder #Codeserver #gca #googlecodeassist #dynacat #glance #seafile

Want your GitHub Action to edit files and push the results back to the repo? 🔁 You don’t need a custom action — just run git CLI inside a workflow. This post walks through checkout, making changes, detecting diffs, configuring git user/email, and committing + pushing safely. Key takeaways: - Use actions/checkout@v4 to get the repo ⚙️ - Modify files in a run step (scripts/commands) ✍️ - Detect changes with git diff and set an output to avoid failed commits 🔍 - Configure user.name/email with ${{ github.actor }} and @users.noreply.github.com 👤 - Commit (git add ., git commit) and push only when has_changes == 'true' ✅ Why read: includes a full ready-to-use workflow YAML you can drop into your repo. 💡 Read more: https://lnkd.in/erkvYydE #GitHubActions #GitHub #CICD #DevOps

🚨 𝗦𝘁𝗿𝘂𝗴𝗴𝗹𝗶𝗻𝗴 𝘄𝗶𝘁𝗵 𝗚𝗶𝘁𝗟𝗮𝗯 𝗿𝗲𝗽𝗼𝘀𝗶𝘁𝗼𝗿𝘆 𝘀𝗶𝘇𝗲 𝗹𝗶𝗺𝗶𝘁𝘀 𝗱𝘂𝗿𝗶𝗻𝗴 𝗺𝗶𝗿𝗿𝗼𝗿𝗶𝗻𝗴? I recently ran into a 2.9 GB repository issue while setting up GitLab → GitHub mirroring — and the GitLab UI simply couldn’t handle it. Instead of giving up, I took a manual approach using Git + BFG Repo-Cleaner, and it worked flawlessly. ✅  🔍 𝗪𝗵𝗮𝘁 𝗜 𝗰𝗼𝘃𝗲𝗿𝗲𝗱 𝗶𝗻 𝘁𝗵𝗶𝘀 𝗯𝗹𝗼𝗴:  • Why large repositories break mirroring pipelines  • How to identify large files hidden in Git history  • Step-by-step cleanup using BFG Repo-Cleaner  • Essential (often missed) Git commands 🧠  • Optimizing repos with `git gc` & `repack`  • Successful mirroring using `--mirror` over SSH 🔐  • Verifying actual size reduction 📉 💡 If you're working with 𝗺𝗼𝗻𝗼𝗿𝗲𝗽𝗼𝘀, 𝗹𝗲𝗴𝗮𝗰𝘆 𝗯𝗶𝗻𝗮𝗿𝗶𝗲𝘀, 𝗼𝗿 𝗹𝗮𝗿𝗴𝗲 𝗚𝗶𝘁 𝗵𝗶𝘀𝘁𝗼𝗿𝘆, this guide will save you hours of debugging. 📖 𝗥𝗲𝗮𝗱 𝘁𝗵𝗲 𝗳𝘂𝗹𝗹 𝗴𝘂𝗶𝗱𝗲 𝗵𝗲𝗿𝗲: https://lnkd.in/gYYs6sfy  🛠️ Key takeaway:  - Git problems at scale are rarely about code — they're about history. #Git #GitHub #GitLab #DevOps #SoftwareEngineering #Mirroring #BFG #VersionControl #TechBlog #Developers

Excited to announce rustyochestrator v0.1.4 :— the biggest release yet for our open-source Rust CI/CD pipeline runner. What's new: -- Task Timeouts & Configurable Retries :— set per-task or pipeline-wide timeouts ("5m", "1h") and retry strategies including exponential backoff. No more hanging builds. -- Task Output Capture & Reuse :— tasks can export values (outputs: [VERSION, BUILD_ID]) and downstream tasks consume them via ${{ tasks.build.outputs.VERSION }}. Real data flow between pipeline stages. -- Conditional Execution :— if: expressions evaluate env vars, task outcomes, and boolean logic. Skipped tasks don't block dependents. -- Matrix Builds :— full cartesian product expansion with include/exclude support. One workflow definition, multiple parallel configurations. -- Local Artifact Store :— upload-artifact and download-artifact from GitHub Actions are emulated locally. Debug with --keep-artifacts. -- Structured Run Reports :— every run produces a JSON report with per-task timing, cache hits, and bottleneck identification. View with rustyochestrator report --markdown. -- New CLI Flags :— --dry-run (preview without executing), --trace-deps (visualise dependency resolution), --verbose (stream all output), --log-file (write to file for CI). rustyochestrator parses your GitHub Actions workflows and runs them locally with parallel DAG scheduling, content-addressable caching, and a live TUI dashboard. No Docker required. Written in Rust. Installs in seconds. cargo install rustyochestrator GitHub: https://lnkd.in/etC5ZMh6 If you're tired of pushing to CI just to find out your workflow is broken, this is for you. Star the repo if it saves you time. #rust #rustlang #devops #cicd #opensource #github #automation

> GitHub stopped updating its own status page due to terrible availability ... 90.1% uptime - This means ... issues/degradations for 2.5 hours daily ... > GitHub struggles to keep up with the increase in load from AI agents generating more code and pull requests ... Claude Code bot contributions growth in the past 3 months has been enormous ... Stream of outages ... https://lnkd.in/eYHzasTh

10 GitHub repos to cut Claude Code token usage by 60–90% If you're coding with Claude and not optimizing tokens yet, you're probably burning money for no reason. Here's what's actually worth using: 1/ RTK (Rust Token Killer) A CLI proxy that filters terminal output before it hits context. → 60–90% fewer tokens on common dev commands → One binary, zero dependencies → Works with Claude Code, Cursor, Copilot github.com/rtk-ai/rtk 2/ Context Mode Sandboxes raw tool output into SQLite instead of dumping everything into context. → Up to 98% context reduction (Playwright, GitHub, logs) → Only clean summaries go into chat → Works as a Claude Code plugin https://lnkd.in/eAa5Ux4D 3/ code-review-graph Local knowledge graph for your codebase using tree-sitter. → Claude reads only what matters → Up to 49x token reduction on large monorepos → ~6.8x average improvement on reviews https://lnkd.in/erSM7dpq 4/ Token Savior MCP server that navigates code by symbols, not full files. → Up to 97% token reduction for code navigation → Persistent memory across sessions → 69 tools, zero external dependencies https://lnkd.in/eJxH9-Ck 5/ Caveman Claude Makes Claude reply like a caveman to reduce output tokens. → 65–75% output reduction → One-line install → Still technically accurate https://lnkd.in/eG4S739j 6/ claude-token-efficient Single CLAUDE.md setup to keep responses terse. → Drop-in, no code changes → Reduces verbosity in heavy workflows → Great for output-heavy sessions https://lnkd.in/eh3-t-CY 7/ token-optimizer-mcp MCP server with caching, compression, and smarter tool handling. → 95%+ token reduction through intelligent caching → Compresses repeated tool outputs automatically https://lnkd.in/eVJXye3n 8/ claude-token-optimizer Reusable prompt setup to optimize almost any project quickly. → ~90% savings in about 5 minutes → Can shrink doc usage from 11k tokens to ~1.3k https://lnkd.in/emiY32xK 9/ token-optimizer Finds ghost tokens that quietly drain your context. → Survives compaction without quality drop → Helps prevent context quality decay over time https://lnkd.in/e8Xwqr8x 10/ claude-context (by Zilliz) Code-search MCP that treats your whole codebase as context. → ~40% token reduction with similar retrieval quality → Hybrid BM25 + dense vector search https://lnkd.in/epCinRiw 💡 How to stack them You don't need all 10. Pick 2–3 based on your workflow: • Heavy terminal output → RTK • Big codebase → code-review-graph + Token Savior • Many MCP servers → Context Mode • Quick win → Caveman + claude-token-efficient Most people are wasting tokens without realizing it. Run /context in a fresh session and check how much is gone before you even type. Your wallet will thank you. 🙂 Which one are you trying first? Drop it in the comments 👇

Every engineer I know is quietly asking the same question in 2026: Claude Code or GitHub Copilot? The answer most posts give is bad: "it depends." Of course it depends. What we actually need is a way to figure out *what* it depends on. I spent sometime using both for real work and here's the framework that finally made it click for me — sharing in case it saves someone else the same trial and error. Start with the task, not the tool. Is the task quick and inline? Autocomplete, a one-line refactor, explaining what a regex does, drafting a kubectl command? Copilot. Its IDE rhythm is genuinely better, and at $10/month you'll never hit the quota for this kind of work. Is the task tied to GitHub? PR review, issue triage, turning a ticket into a draft branch, automating something in Actions? Copilot, again. It lives there natively. Nothing to wire up. Is the task heavy reasoning? Multi-file refactor, debugging a bug that crosses three services, designing a new module before writing it? Claude Code. The 1M-token context window means you can have it read 30 files and still reason about all of them coherently. CLAUDE.md acts like a running notebook your codebase carries around — conventions, gotchas, project memory that survives every session. Is the task long-running and autonomous? An hours-long debugging session, parallel sub-agents researching different parts of a codebase, the kind of work where you'd usually pair with a senior engineer? Claude Code's harness is built for exactly this. The pricing finally made sense to me when I stopped reading $10 vs $100 and started reading per-request vs flat-rate. Copilot Pro at $10 gives you 300 "premium requests" a month. Sonnet costs 1 per call, Opus costs 3. So 300 requests is really ~100 Opus calls. Fine for occasional use. Claude Code Max at $100 has no multiplier. A 2-hour Opus debugging session is just a Tuesday. The math flips around 25–30 deep sessions per month. The honest takeaway after living with both: They aren't competing for the same job. Copilot is the IDE-and-GitHub layer. Claude Code is the deep-reasoning-and-refactor layer. Most engineers I respect run both for ~$30/month combined and never have to choose. The model is a constant — both can run Claude. The difference is *where each one sits in your day*. Pick by task, not by hype. Carousel below has the decision tree and the pricing breakdown if you want the visual version ↓ #SoftwareEngineering #DeveloperTools #AI #ClaudeCode #GitHubCopilot