The art of simplicity

Enhance your AI programming skills and take your abilities to the next level! Starting this week, from February 4th to 13th, Microsoft hosts a series of four live classes designed to teach you tips and best practices for using GitHub Copilot. So if you really want to get the most out of your Github Copilot, don’t hesitate to register .   Here is the agenda for the English sessions: February 4, 2025: Prompt Engineering with GitHub Copilot February 6, 2025: Building an AI Web Application with Python and Flask February 11, 2025: Productivity with GitHub Copilot: Docs and Unit Tests February 13, 2025: Collaboration and Deploy with GitHub Copilot Hope to see you all there! More information GitHub Copilot Global Bootcamp | Microsoft Community Hub

Last week a colleague complained to me that he had to wait for an available build agent on our Azure DevOps build server. The reason that all build agents were busy was because I was doing a lot of changes to the documentation(also stored in an Azure DevOps Git repository) causing a lot of builds to be triggered resulting in long wait queues. As only changing the markdown files in the wiki doesn’t need a build to be created, he asked me to configure the build trigger to ignore documentation changes. Let me show you how to configure this… Classic Pipelines To configure this for the ‘classic’ pipelines in Azure DevOps, you need to go to the Triggers tab for your pipeline. There you’ll find a Path filters section on the right where you can specify specific paths to include or exclude. In our example, we want to exclude everything inside the ‘SOFACore/Docs’ folder:   YAML Pipelines If you are using a YAML pipeline, you need to edit the trigger section and add a path e...

Yesterday I showed how to run STRIDE GPT, an AI based threat modelling tool, locally using docker. I demonstrated how I used a local language model through Ollama running on the same machine as Docker Desktop. To be able to access the Ollama endpoint from inside the docker container, I had to use the host.docker.internal as you can see in this .env file: A colleague asked me, what if you are using Podman instead of Docker? Will host.docker.internal still work? The short answer is no. Luckily this doesn’t have to be the end of this post as an alternative exists for podman. Instead of using host.docker.internal you need to use host.containers.internal .

As cyber threats are increasingly sophisticated and pervasive, securing software applications has never been more critical. This means that implementing a Secure Software Development Life Cycle(SDLC) is essential. A key part in this life cycle is threat modelling that allows us to identify and address potential vulnerabilities early in the Software Development Life Cycle (SDLC). In this blog post, we'll explore the significance of threat modelling within the SDLC and how STRIDE GPT , an AI-driven tool, can streamline this essential process. Why threat modelling is crucial in the SDLC Threat modelling is a structured approach to identifying, assessing, and mitigating security risks in software applications. It involves understanding the application's architecture, identifying potential threats, and implementing appropriate countermeasures. Here are some key reasons why threat modelling is crucial in the SDLC: Proactive Risk Management: By identifying threats ear...

I already talked about custom instructions in Github Copilot as a way to tweak Github Copilot. Today I want to show another way to extend the capabilities of your Copilot; Copilot Extensions, a set of third party tools, services, and data available (in preview) through the Copilot marketplace :     What are Copilot Extensions? Copilot extensions are third-party tools, services, and data integrations that enhance the functionality of GitHub Copilot. They allow you to leverage additional features and capabilities directly within your coding environment. Whether you need help with code quality, security, documentation, or project management, there's likely a Copilot extension that can assist you. At the moment of writing this post Copilot Extensions is still in preview and the list of available extension is still limited. Extension usage is not possible in every IDE. Here is the list of supported IDEs:   How to get started with Copilot Extensions Getting star...

Today I was reviewing an existing codebase and I had a hard time to get a good understanding about what was going on. I couldn't create a good mental picture in my head. But then I asked myself, maybe GitHub Copilot can help me out here and draw this picture for me. Let's give it a try... Note: As we were using the Azure DevOps wiki, I decided to try to generate the visualization using Mermaid as this is supported directly in Azure DevOps. Let me first shortly explain what Mermaid is before I dive into Copilot. Introduction to Mermaid Mermaid is a powerful JavaScript-based diagramming and charting tool that allows you to create and modify diagrams dynamically. It uses Markdown-inspired text definitions to render detailed diagrams and charts, making it easy to visualize complex information. Whether you're working on flowcharts, sequence diagrams, or Gantt charts, Mermaid has you covered. Mermaid uses a simple syntax to define charts. Here is an example of a basic ...

After updating WSL on one of the developer machines, Podman failed to work. When we took a look through Podman Desktop, we noticed that Podman had stopped running and returned the following error message: Error: Command execution failed with exit code 125 Here are the steps we tried to fix the issue: We started by running podman info to get some extra details on what could be wrong: >podman info OS: windows/amd64 provider: wsl version: 5.3.1 Cannot connect to Podman. Please verify your connection to the Linux system using `podman system connection list`, or try `podman machine init` and `podman machine start` to manage a new Linux VM Error: unable to connect to Podman socket: failed to connect: dial tcp 127.0.0.1:2655: connectex: No connection could be made because the target machine actively refused it. That makes sense as the podman VM was not running. Let’s check the VM: >podman machine list NAME         ...

One of the most precious gifts I got from my parents is a love for books and reading. It's a gift that keeps on giving, opening doors to new worlds, sparking my imagination, and the entry point to almost every learning journey I started. So, I'm really happy that I was able to pass this gift to my kids as well. But what if reading isn't always easy for you? Don't worry—I have great news! Microsoft has created an incredible tool called Reading Coach to help everyone improve their reading skills and rediscover the joy of reading. Meet Microsoft's Reading Coach Microsoft's Reading Coach is an AI-powered tool designed to provide personalized and engaging reading practice. It's available in 81 languages and can be used both at school and at home. Here are some of the amazing features that make Reading Coach a game-changer: AI-Powered Stories : Reading Coach uses AI to generate stories that match your abilities and interests, providing instant fee...

A  few weeks ago I got contacted by someone(Hi Chris!) who was trying to get my Semantic Kernel demo's up and running on his machine. Chris tried to get the application up and running but got some error messages. I used his input to improve the readme file and updated the main branch to simplify the getting started experience. However there was one specific error he shared that I want to talk about a little more. Here is the screenshot he shared with me:   The reason that he got this error is because ‘auto function calling’ was enabled in the code and the model he was using didn’t support this feature. Remark: I updated the code to disable auto function calling after I got his email. A good excuse to talk a little more about this feature… What is (auto) function calling in Semantic Kernel? With function calling, you give the LLM the option to interact with your existing code. You can do this quite explicit as I explained in my OllamaSharp post but with Semanti...

Yesterday I talked about how we used Docker Compose to build and run an node.js/PostgreSQL application locally.We were using the build section inside the docker compose file to build the container image when running docker compose avoiding the need to build the container image separately. However when using this approach we noticed that if we made changes to the code, those changes were not picked up by Docker Compose and we were running using an outdated image. This turned out not to be a bug but requires a better understanding of the different Docker Compose commands. Docker Compose commands Docker Compose provides multiple commands and flags and it is important to understand the nuances between each command. docker compose up The command that we used so far was docker compose up , This builds the container image if the images does not exist and starts the containers. This already explains the behavior I described above docker compose build Another option is docker ...

Docker Compose allows you to easily define and run multi-container applications. My team just 'inherited' a node.js with a PostgreSQL application. As this is not our main technology stack, debugging and running this through Docker Compose sounds like a perfect pit. We already had a DOCKERFILE created for the Node.js app so the only thing left to do was create our Docker Compose file: Nothing special. However, when we tried to start the containers through docker compose up , it failed with the following error message: >docker compose up [+] Building 0.0s (0/0) listing workers for Build: failed to list workers: Unavailable: connection error: desc = "transport: Error while dialing unable to upgrade to h2c, received 404" After some trial and error, we were able to pinpoint the issue to the 'build' part of the docker compose file: services:   app: build: . If we replaced the build context by a pre-created image instead everything worked....

A key element in building an RAG(Retrieval Augmented Generation) is the usage of a vector database. The list of vector databases is growing every day and even SQL Server now supports vectors. In this post I focus on Qdrant (pronounced as "quadrant") a vector similarity search engine and database written in Rust. It's specifically designed to handle vector embeddings and payload, making it perfect for modern machine learning applications. The goal of this post is not to make you a Qdrant expert(neither am I) but to provide you with enough information to start using it correctly. What is Qdrant? Qdrant is an AI-native vector database and semantic search engine designed to handle high-dimensional vectors. It provides a production-ready service with a convenient API to store, search, and manage vectors with additional payloads.  A vector database is designed to store and query high-dimensional vectors efficiently. Unlike traditional databases that organize data in rows a...