Grit automatically fixes technical debt by combining static analysis and machine learning to generate pull requests that clean up code and migrate to the latest frameworks.
How Grit.io can help you:Â
Why choose Grit.io: Key featuresÂ
Who should choose Grit.io:
Categories
Better code quality starts with AI developer tools says Greptile
Artificial Intelligence Better code quality starts with AI developer tools says Greptile Thursday, July 31, 2025 Richard Harris Software teams are facing mounting challenges with bugs, security, and technical debt, and better code quality starts with AI developer tools says Greptile, urging companies to adopt intelligent solutions that boost productivity and maintainability. Greptile, the provider of AI-powered code review solutions, recently announced its vision for transforming software development through artificial intelligence (AI) developer tools, emphasizing the growing necessity of integrating these technologies into modern development workflows to improve code quality. Better code quality starts with AI developer tools says Greptile Greptile highlights that poor code quality is not merely an inconvenience, it represents a significant business risk. Issues such as bugs, security vulnerabilities, and technical debt can derail projects and inflate costs, with some industry estimates suggesting that the cost of fixing post-release defects can be up to 100 times higher than addressing them during development. Modern software teams face mounting challenges, including: Manual Reviews: Slow, human-driven reviews often miss critical issues. Inconsistent Standards: Without clear guidelines, team members produce mismatched code styles. Hidden Bugs and Vulnerabilities: Many issues only surface after deployment, leading to costly remediation. Accumulated Technical Debt: Quick fixes compound, making future maintenance harder and more expensive. To address these concerns, Greptile advocates for the adoption of AI-powered developer tools. The rise of AI developer tools for code quality AI developer tools combine traditional code quality practices, such as static analysis, with advanced machine learning and natural language processing. These tools are designed to: Provide real-time feedback as developers write code. Offer context-aware suggestions that understand code intent. Deliver automated code reviews to highlight potential issues. Conduct security scanning to detect vulnerabilities early. According to Greptile, the benefits of integrating these tools include improved code quality, faster debugging, enhanced security, better maintainability, increased productivity, and long-term cost savings. Spotlight on leading AI tools Greptile positions itself as a standout solution in the market, offering: Contextual Code Review: Understanding the codebase holistically, beyond just the pull request diff. Style and Standards Enforcement: Ensuring consistent code quality across teams. Actionable In-Line Suggestions: Providing concrete, easy-to-apply feedback. Continuous Learning: Adapting over time to the unique patterns of a team's codebase. Designed for fast-scaling teams, Greptile integrates directly into pull request workflows on platforms like GitHub and GitLab, offering value to both small and large engineering teams. Other notable tools in the space include: GitHub Copilot: An AI assistant offering advanced code autocompletion, multi-language support, automated documentation, and test case generation. Qodo: A collaborative AI coding assistant focused on precise code suggestions, automated test generation, Git integration, and multi-IDE support. Addressing reliability and privacy concerns Greptile acknowledges common industry concerns regarding AI reliability and data privacy. While AI tools are designed to assist, not replace, human judgment, teams are encouraged to review all AI-generated code, particularly in critical systems. For organizations with sensitive codebases, Greptile and other providers offer strict data handling policies or on-premises deployment options to ensure compliance with privacy standards. Looking ahead: The future of AI in development Greptile predicts that AI's role in software development will only deepen in the coming years, with newer tools offering even greater precision, customization, and value. The company urges development teams to begin adopting AI developer tools now, emphasizing that the improvements to code quality, team productivity, and cost management are too significant to ignore. Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks. MEMBERS GET ACCESS TO- Exclusive content from leaders in the industry - Q&A articles from industry leaders - Tips and tricks from the most successful developers weekly - Monthly issues, including all 90+ back-issues since 2012 - Event discounts and early-bird signups - Gain insight from top achievers in the app store - Learn what tools to use, what SDK's to use, and more Subscribe here Better code quality starts with AI developer tools says Greptile, AI Developer Tools, Code Quality Improvement, Software Development, Greptile Solutions Share
App Developer Magazine
Thu, 31 Jul, 5:25 PM UTC
GitHub rolls out new tool to fix code errors even before you see them
GitHub has announced the general availability of Copilot Autofix within its GitHub Advanced Security (GHAS) suite, designed to prevent new vulnerabilities from entering code before you even see them. The tool, announced by Chief Security Officer Mike Hanley in a blog post, will also tackle existing vulnerabilities in code, which was previously unmanageable without automation. Besides identifying code vulnerabilities, Copilot Autofix also promises to explain their significance and offer automated code suggestions to fix them. According to the company's research, the tool has already proven to be around three times more efficient than doing the process manually. Early adopters like Optum and Otto Group have also reported saving thousands of hours monthly on remediation tasks. Kevin Cooper, Principal Engineer at Optum, commented: "Since implementing Copilot Autofix, we've observed a 60% reduction in the time spent on security-related code reviews and a 25% increase in overall development productivity." In the announcement, Hanley was proud to highlight Copilot Autofix's ability to address the backlog of security debt - vulnerabilities that linger in software for extended periods, often going unnoticed. Tackling these types of vulnerabilities can significantly reduce the risk of costly security breaches. Hanley added: "Vulnerabilities can live forever, and the longer they've remained dormant, the harder and more expensive they are to fix." In addition to serving enterprise customers, GitHub will offer the tool to the open-source community for no cost from September 2024. Maintainers will be able to enhance the security of their own software, which aligns with the Microsoft-owned company's commitment to creating a safer software scene. Hanley concluded by stating that "AI agents can help relieve much of the burden" in a world of limited security talent, adding that Copilot Autofix will help ensure that "a vulnerability found means a vulnerability fixed."
TechRadar
Fri, 16 Aug, 12:04 PM UTC
GitHub taps AI to eradicate software vulnerabilities with Copilot-powered security updates
With Copilot Autofix, developers and security teams can keep new vulnerabilities out of code and confidently remediate their backlog security debt GitHub, the world's leading AI-powered developer platform, announced the general availability of AI-powered remediation with Copilot Autofix in GitHub Advanced Security (GHAS). Copilot Autofix analyses vulnerabilities in code, explains why they matter, and offers code suggestions that help developers fix vulnerabilities as fast as they are found. During the public beta, GitHub found that developers were fixing code vulnerabilities more than three times faster than those who do so manually, a powerful example of how AI agents can radically simplify and accelerate secure software development. Developers can keep new vulnerabilities out of their code with Copilot Autofix in the pull request, and now also pay down the backlog of security debt by generating fixes for existing vulnerabilities. "Code scanning tools detect vulnerabilities, but they don't address the fundamental problem: remediation takes security expertise and time, two valuable resources in critically short supply. In other words, finding vulnerabilities isn't the problem. Fixing them is," said Mike Hanely, CSO and SVP of Engineering at GitHub. "With Copilot Autofix, we are one step closer to our vision where a vulnerability found means a vulnerability fixed," Hanely added. Since its introduction in public beta in March 2024, developers have used Copilot Autofix in their pull requests to help them quickly fix vulnerabilities in new code before they get merged to production where they can impact customers. Fixes can be generated for dozens of classes of code vulnerabilities, such as SQL injection and cross-site scripting, which developers can dismiss, edit, or commit in their pull request. Based on customer data from public beta between May through July 2024, Copilot Autofix has already shown dramatic reductions in the amount of time between detection and successful remediation: 3x faster. Overall, the median time for developers to use Copilot Autofix to automatically commit the fix for a pull request-time alert was 28 minutes, compared to 1.5 hours to resolve the same alerts manually.7x faster. Cross-site scripting vulnerabilities: 22 minutes, compared to almost three hours.12x faster. SQL injection vulnerabilities: 18 minutes, compared to 3.7 hours. Early users of Copilot Autofix have also reported dramatic improvements in efficiency and productivity. "Since implementing Copilot Autofix, we've observed a 60% reduction in the time spent on security-related code reviews and a 25% increase in overall development productivity," says Kevin Cooper, principal engineer at Optum. "In the healthcare space, where security is critical, it helps us act on proven industry solutions quickly. This proactive approach to security helps us prevent potential issues, saving thousands of hours per month that would otherwise be spent on remediation." Just as GitHub Copilot helps developers code more quickly, Copilot Autofix accelerates the pace of remediation so security teams make real progress with the backlog of existing vulnerabilities, commonly known as security debt. When a developer is asked to fix vulnerabilities in code that they haven't seen in a while or aren't familiar with, it can take hours to assess the surrounding code and experiment with manual fixes. Copilot Autofix dramatically reduces this burden so developers can fix old vulnerabilities with more speed and confidence. Here's how it works. To initiate Copilot Autofix for vulnerabilities in existing code, a developer simply presses the "Generate fix" button on an alert in the GHAS code scanning alert. Copilot Autofix assesses the code and the vulnerability and returns an explanation and code suggestion for review. The developer can then press the "Create PR with fix" button to create a new pull request which includes code changes to fix the alert. With Copilot Autofix, teams can pay down years' worth of security debt-even those hard-to-prioritise low- and moderate-severity alerts-in just a matter of a few clicks. Behind the scenes, Copilot Autofix leverages the CodeQL engine, GPT-4o, and a combination of heuristics and GitHub Copilot APIs to generate code suggestions. Copilot Autofix builds an LLM prompt based on sources including CodeQL analysis and short snippets of code around the flow path. As the global home of the open source community, GitHub is uniquely positioned to help maintainers detect and remediate vulnerabilities so that open source software is safer and more reliable for everyone. GitHub believes that it's highly important to be both a responsible consumer of open source software and contributor back to it, which is why open source maintainers can already take advantage of GitHub's code scanning, secret scanning, dependency management, and private vulnerability reporting tools at no cost. Starting in September, GitHub will add Copilot Autofix in pull requests to this list and offer it for free to all open source projects. From GitHub Copilot Workspace to GHAS, GitHub is championing a future where AI doesn't just assist but helps transform businesses, from productivity and innovation to security and risk reduction. Within GHAS, GitHub is leveraging AI not only to help fix vulnerabilities in code, but also to improve the scope and accuracy of secret scanning, and with new workflows that scale Copilot Autofix for organisations with a high volume of security debt, all on the familiar platform that developers already know and love. About GitHub As the global home for all developers, GitHub is the world's leading AI-powered developer platform to build, scale, and deliver secure software. Over 100 million people, including developers from 90 of the Fortune 100 companies, use GitHub to build amazing things together across 420+ million repositories. With all the collaborative features of GitHub, it's never been easier for individuals and teams to write faster, better code.
CXOToday.com
Mon, 19 Aug, 2:08 PM UTC
How Cursor AI, GitHub Copilot, Devin, and Amazon Q Help Reduce Technical Debt
Recently, Amazon CEO Andy Jassy revealed that by leveraging Amazon Q, the company was able to save 4,500 developers-years of work. "Yes, the number is crazy, but real," he posted on X. With Amazon Q, the company has significantly cut down the time needed to update Java applications. "The average time to upgrade an application to Java 17 plummeted from what's typically 50 developer days to just a few hours," he said. He added that in under six months, the company has been able to upgrade more than 50% of its production Java systems to modernised Java versions at a fraction of the usual time and effort. "Our developers shipped 79% of the auto-generated code reviews without any additional changes." "The benefits go beyond how much effort we've saved developers. The upgrades have enhanced security and reduced infrastructure costs, providing an estimated $260 million in annualised efficiency gains," he claimed. Indeed, generative AI has made coding a breeze. Tools such as GitHub Copilot, Devin, and Amazon Q simplify the development process, making application creation easier and helping developers and enterprises reduce technical debt. Technical debt arises when an enterprise rushes a product to meet deadline requirements without properly checking the code quality and debugging. Incomplete documentation and insufficient testing can lead to errors and inefficiencies that add to the debt. Converting Legacy Code Base Amazon is not the only company reducing technical debt with AI. San Francisco-based Databricks, which uses generative AI to quickly analyse and understand its legacy code base -- something its CIO says has eased the burden on engineers. Seventy-five-year-old payroll-processing company ADP is also looking at generative AI to convert COBOL to Java. "A big problem that we, and other legacy companies face is that we have COBOL running in our systems," said Amin Venjara, the chief data officer of ADP. He added that today, very few programmers are familiar with COBOL. The Roseland, NJ-based company is exploring the use of generative AI to convert its mainframe code from COBOL -- a language developed in the 1950s and still widely used in banks and financial services -- into Java, a programming language that has been around since 1995. Wayfair, the online furniture retailer, is using generative-AI-based coding tools to update old code. Though Wayfair, established two decades ago, does not use COBOL, it does have "legacy code" in languages such as PHP and outdated database code in SQL. Additionally, there is code written by developers who are no longer with the company. GenAI to Assist in Tedious Tasks Generative AI acts as an intelligent assistant that automates tedious tasks, suggests improvements, and enhances code quality. Armand Ruiz, the VP of product at IBM, says that his favourite use case for generative AI is in software development. According to Ruiz, GenAI has several use cases in software development. It can convert plain English instructions into code in the preferred programming language. Code translation tools convert languages like COBOL to Java, and facilitate code modernisation and migration. Bug-fixing tools identify and suggest fixes for code errors, thereby enhancing code reliability. Notably, IBM recently announced the IBM watsonx Code Assistant for Enterprise Java Applications, expected to be generally available later this year. Generative AI also plays a significant role in streamlining code maintenance through refactoring. Generative AI automates refactoring by suggesting or implementing code transformations. It can identify common anti-patterns and propose more efficient alternatives, ensuring that refactoring adheres to coding standards and best practices. Generative AI Tools are Shaping Software Engineering Recently, AI coding tool Cursor AI has been generating buzz on social media. OpenAI co-founder Andrej Karpathy praised the AI-integrated code editor, saying, "Programming is changing so fast... I'm trying VS Code Cursor + Sonnet 3.5 instead of GitHub Copilot again, and I think it's now a net win." "Just empirically, over the last few days, most of my 'programming' is now writing English (prompting and then reviewing and editing the generated diffs) and doing a bit of 'half-coding', where you write the first chunk of the code you'd like, maybe comment on it a bit so the LLM knows what the plan is, and then tab tab tab through completions." Previously, software engineers used to take a substantial amount of time to deliver a product, but now this has drastically decreased. GitHub recently launched Models, a playground which will offer developers access to leading LLMs, including Llama 3.1, GPT-4o, GPT-4o Mini, Phi 3, and Mistral Large 2. "With GitHub models, developers can now explore these models on GitHub, integrate them into their dev environment in Codespaces and VS Code, and leverage them during CI/CD in Actions - all simply with their GitHub account and free entitlements," explained Github chief Thomas Dohmke. Then, there are AI software engineers like Genie and Devin. Genie is designed to emulate the cognitive processes of human engineers, enabling it to solve complex problems with remarkable accuracy and efficiency. "We believe that if you want a model to behave like a software engineer, it has to be shown how a human software engineer works," said Alistair Pullen, the cofounder of Cosine. Learn to use AI Tools if you are a Software Engineer "Software development companies will start hiring coders who can demonstrate in interviews that they master AI-assisted coding tools like Copilot or Cursor," said Andriy Burkov, machine learning lead at TalentNeuron. He added that claims that LLMs can't write reliable code are immature. "Most junior and mid-level coders can't write reliable code either. This is why software engineering has, over decades, equipped itself with automated and semi-automated tools to ensure that code is production-ready." He further explained that LLMs are already being fine-tuned specifically for coding. Companies are investing hundreds of millions of dollars to enhance these LLMs' coding capabilities because, if executed correctly, coding is the only use case where they can charge $10 or even $100 per million tokens from corporate clients. One issue that the developers face is the belief that AI-generated code may contain bugs. Many AI startups are emerging to address these concerns. One such startup is YC-backed CodeAnt AI. CodeAnt's AI-driven code review system can significantly reduce vulnerabilities by automating the review process and identifying potential issues before they reach the customer. With advancements in AI-driven coding tools and platforms such as IBM watsonx and GitHub Models, there is no doubt that developers are now better equipped to handle legacy code, streamline code maintenance, and enhance productivity.
Analytics India Magazine
Tue, 27 Aug, 10:00 AM UTC
GitHub Copilot Autofix Enhances Security with Third-Party Tool Integration
GitHub introduces new features for Copilot Autofix, integrating third-party tools to address security vulnerabilities more efficiently. This update aims to reduce security debt and streamline the development process.
2 Sources
Wed, 30 Oct, 12:08 AM UTC
Your Daily Dose of Curated AI News
Don’t drown in AI news. We cut through the noise - filtering, ranking and summarizing the most important AI news, breakthroughs and research daily. Spend less time searching for the latest in AI and get straight to action.
