MindByte Issue #111: Copilot Expands, Secure Your APIs, and .NET 9 Network Updates

Author

Michiel van Oudheusden
February 18, 2025

In partnership with

Welcome back, tech enthusiasts! šŸš€

This weekā€™s edition is packed with updates on GitHub Copilot, secure authentication, and Azure networking costs. From expanding Copilot to any editor to new testing strategies with Test Containers, thereā€™s a lot to explore.

Before we dive in, a quick heads-up: Iā€™ll be skipping next weekā€™s edition due to a holiday, but Iā€™ll be back in two weeks!

Hereā€™s whatā€™s in store this week:

  • šŸ¤– GitHub Copilot expands with Workspace updates and a Language Server SDK

  • šŸ› ļø Improve your integration testing with Test Containers

  • šŸ” Strengthen authentication in Azure with best practices and API security

  • šŸ“” A deep dive into Azure data transfer pricing and cost optimization

  • āš” .NET 9 networking improvements and Aspireā€™s AWS integration

Plenty of insights to keep you busyā€”letā€™s dive in!

New here? Subscribe here to stay updated.

Sending out this newsletter is something I do with love, but it does cost money as well. It would really help me if you visit my sponsor:

The gold standard of business news

Morning Brew is transforming the way working professionals consume business news.

They skip the jargon and lengthy stories, and instead serve up the news impacting your life and career with a hint of wit and humor. This way, youā€™ll actually enjoy reading the newsā€”and the information sticks.

Best part? Morning Brewā€™s newsletter is completely free. Sign up in just 10 seconds and if you realize that you prefer long, dense, and boring business newsā€”you can always go back to it.

Thereā€™s a reason 400,000 professionals read this daily.

Join The AI Report, trusted by 400,000+ professionals at Google, Microsoft, and OpenAI. Get daily insights, tools, and strategies to master practical AI skills that drive results.

Interested in sponsoring this newsletter? Contact me by replying!

GitHub Digest

Static code analysis using CodeQL is the easiest way to get your code scanned and analysed directly from within GitHub. It can help you find security vulnerabilities. There has been some recent releases with some interesting changes:

CodeQL performance and coverage improvements in recent releases Ā· GitHub Changelog

CodeQL performance and coverage improvements in recent releases

github.blog/changelog/2025-02-12-codeql-performance-and-coverage-improvements-in-recent-releases

This is such a cool feature; GitHub Copilot Workspace. From describing your task, to generating code, tests, workflows etc, Workspace can do it all. In the below blog, you can find what kind of new features are introduced.

Copilot Workspace: Follow ups and file search improvements Ā· GitHub Changelog

Copilot Workspace: Follow ups and file search improvements

github.blog/changelog/2025-02-14-copilot-workspace-follow-ups-and-file-search-improvements

You can already use Copilot in many IDEs and editors, but if that is not enough? With the language server SDK, you can integrate Copilot into any editor.

Copilot Language Server SDK is now available Ā· GitHub Changelog

Copilot Language Server SDK is now available

github.blog/changelog/2025-02-10-copilot-language-server-sdk-is-now-available

Coding Corner

There is almost no excuse anymore for not building integration tests nowadays. You can use test containers to build up local databases, queues etc. Allowing you to test your application with all the dependencies needed. Read more to see how you can use docker to run a SQL server container for testing purposes.

Simplify Your Integration Testing with Test Containers

Learn how to implement Test Containers in .NET for robust integration testing. Discover best practices, practical examples, and advanced implementation techniques using Docker.

goatreview.com/test-containers-dotnet-simplify-integration-testing

Using DefaultAzureCredential in your code in production? Then you might need to tweak this a bit to be more secure. This and more tips can be found at the below link.

Authentication best practices with the Azure Identity library for .NET - .NET

This article describes authentication best practices to follow when using the Azure Identity library for .NET.

learn.microsoft.com/en-us/dotnet/azure/sdk/authentication/best-practices?tabs=aspdotnet

Azure Updates & Insights

Want to secure your API using API Management? API keys alone might not be sufficient enough, so what about leveraging Entra to add an additional layer.

Securing API to API calls in Azure with Entra and API Management - Rios Engineer

Contents Introduction Entra Setup API Management Gateway Policy Policy In Action Code Snippet Code run ā€“ NO MORE SECRETS! Testing in an Azure App Services Token Conclusion Introduction Iā€™ve been diving deep into API Management policies and exploring security around API access recently. It became clear that subscription keys are not secureā€”they can be easily ...

An extensive list of data transfer pricing between different Azure services and regions. I wrote about network cost in one of my Azure FinOps Essentials editions as well.

A Guide to Azure Data Transfer Pricing

Understanding Azure networking charges is essential for businesses aiming to manage their budgets effectively. Given the complexity of Azure networking pricing, which involves various influencing factors, the goal here is to bring a clearer unrios.engineer/securing-api-to-api-calls-in-azure-with-entra-and-api-managementderstanding of the associated data transfer costs by breaking down the pricing models into the following use cases:

techcommunity.microsoft.com/blog/AzureNetworkingBlog/a-guide-to-azure-data-transfer-pricing/4374538

.NET Nook

The latest .net 9 version contains a lot of improvements, also on the network side. Performance improvements, QUIC, connection pooling etc. See the full list:

.NET 9 Networking Improvements - .NET Blog

Introducing new networking features in .NET 9 including HTTP space, HttpClientFactory, security and more!

devblogs.microsoft.com/dotnet/dotnet-9-networking-improvements

Of course, Aspire works closely with Azure, but now also with AWS. It can provision resource for development time and generate cloud formation files. Read more to see how to use a local dynamodb setup.

Integrating AWS with .NET Aspire | Amazon Web Services

.NET Aspire is a new way of building cloud-ready applications. In particular, it provides an orchestration for local environments in which to run, connect, and debug the components of distributed applications. Those components can be .NET projects, databases, containers, or executables. .NET Aspire is designed to have integrations with common components used in distributed applications. [ā€¦]

aws.amazon.com/blogs/developer/integrating-aws-with-net-aspire

Closing Thoughts

Thank you for reading this weekā€™s edition!

Your feedback is invaluable, so if you have any thoughts, questions, or suggestions, please don't hesitate to reach out by simply replying to this mail.

If you enjoyed this update and want to continue receiving more, make sure to subscribe here.

I appreciate your time and look forward to hearing from you!

Did you like this edition?

Login or Subscribe to participate in polls.

Reply

or to participate.