GitHub工程能力遭质疑:明显bug拖三年不修,Zig创始人直指"过度AI化"

Zig核心开发者Matthew Lugg在2025年4月的错误报告中指出:"在负载极高的CI服务器上,这种情况很容易发生。一旦发生,后果非常严重:它会彻底摧毁一个运行器,直到人工干预。在Zig的CI运行器服务器上,我们观察到多个这样的进程已经运行了数百小时,悄无声息地导致两个运行器服务器宕机数周。" ...
腾讯网

GitHub Actions 提示注入漏洞波及多家《财富》500强企业

网络安全公司 Aikido Security 发现了一类新型提示注入漏洞,命名为"PromptPwnd"。该漏洞影响与AI Agent(包括谷歌Gemini CLI、Claude Code和OpenAI Codex)集成的GitHub ...
腾讯网

高危漏洞影响CI/CD管道,提示注入即可攻破谷歌Gemini CLI

一种名为"PromptPwnd"的高危漏洞类别正在影响集成到GitHub Actions和GitLab CI/CD管道中的AI ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud ...

Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...
Dark Reading

Supply Chain Attacks Targeting GitHub Actions Increased in 2025

At this week's Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open ...

Zig 退出 GitHub:微软对 AI 的痴迷毁了它

近期,Zig 编程语言的基金会(The Zig Software Foundation)已宣布退出 GitHub,原因是其领导层认为这个代码共享平台的服务正在衰退。 这场风波始于 2025 年 4 月,当时 GitHub 用户 ...

Zig turns its back on GitHub: Frustration over Actions and Microsoft's AI course

The programming language Zig is leaving GitHub after ten years. The reason is problems with GitHub Actions, chaotic job ...
Bleeping Computer

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
TheServerSide

10 best GitHub Actions examples

Community driven content discussing all aspects of software development from DevOps to design patterns. It all starts with a GitHub Actions workflow. Here’s how to create a run a workflow in the tool.
How-To Geek on MSN

This programming language is quitting GitHub

The Zig Programming Language is officially quitting GitHub and moving its main repository over to Codeberg. The reasoning is ...