Over the past few years I’ve been building a collection of open source tools focused on GitHub, DevOps automation, and more recently AI tooling. Some have hundreds of dependents, others are still in the planning phase. I wanted to share an overview of these projects in one place, both to highlight the work I’ve been doing and to hopefully inspire others to contribute or build their own tools in this space. Here’s a quick rundown of each project, with links to the repos and a brief description of what they do. Feedback / ideas / and submissions are always welcome!

DevEx Metrics

Repo: devex-metrics/devex-metrics

DevEx Metrics is a developer experience reporting and dashboarding tool for GitHub organisations and users. It collects a broad set of metrics — open, merged and closed pull requests, lines of code changed, comments and commits per PR, estimated GitHub Actions minutes consumed, unique committers and reviewers over the last 90 days, and dependent repository counts — and turns them into a Markdown report and an HTML dashboard you can host on GitHub Pages.

You can run it locally or schedule it as a GitHub Actions workflow for daily snapshots. Both Personal Access Token and GitHub App authentication are supported, and results are JSON-cached so you’re not hammering the API on every run.

The live dashboard is available with my own OSS data at devex-metrics.github.io/devex-metrics.

AI Engineering Fluency

Repo: rajbos/ai-engineering-fluency

Previously known as the “GitHub Copilot Token Tracker”, AI Engineering Fluency helps you track your AI token usage and fluency score across a lof of different AI coding tool out there: VS Code + GitHub Copilot, JetBrains IDEs, Visual Studio, Claude Code, Gemini CLI, Cursor, Continue, and more. All data is read from local session logs — nothing leaves your machine unless you explicitly opt in.

The extension shows near real-time token usage in the status bar alongside a fluency score dashboard. There’s also a JetBrains plugin, a Visual Studio extension, and a CLI (npx @rajbos/ai-engineering-fluency stats) for headless environments. Teams who want to aggregate data across engineers can spin up the self-hosted sharing server — a Docker + SQLite container that authenticates via GitHub sessions, with no Azure account required.

Alternative GitHub Actions Marketplace

Repo: devops-actions/alternative-github-actions-marketplace

The official GitHub Actions Marketplace is functional but limited — no meaningful filtering, no dependents count, no easy way to evaluate community adoption. This project is my attempt at a better version.

It’s a React frontend backed by an Azure Functions API and Azure Table Storage, indexing 20,000+ GitHub Actions with search by name or owner, filtering by action type (Node/JavaScript, Docker, Composite), and showing the dependents count for each action so you can actually judge real-world adoption. Stack is Azure Static Web Apps (free tier) for the frontend, Azure Functions on a consumption plan for the API, and a companion npm package (@devops-actions/actions-marketplace-client) to push metadata into the store.

devops-actions Organisation

Org: github.com/devops-actions

The devops-actions organisation groups a set of GitHub Actions I’ve built for common CI/CD automation tasks. All actions follow supply-chain security best practices and are tracked with OpenSSF Scorecards.

Action	Dependents	What it does
action-get-tag	679 ⭐	Read the current Git tag during a workflow run
actionlint	319 ⭐	Lint your GitHub Actions workflow files with actionlint
issue-comment-tag	196	Create or update a tagged comment on an issue or PR
variable-substitution	73	Substitute environment variables into config files
json-to-file	58	Write JSON content to a file in the workspace
load-used-actions	18	Scan a repo or org for all GitHub Actions in use
load-available-actions	17	List all public actions available in an org or user account
azure-appservice-settings	6	Push settings to an Azure App Service from a workflow
load-runner-info	5	Retrieve runner details (labels, OS, status) for an org
github-copilot-pr-analysis	2	Run GitHub Copilot PR analysis as a workflow step
load-dependents-count	1	Count how many repos depend on a given action or package
secure-action-inputs	0	Validate and sanitise inputs passed to an action

The two most widely adopted are action-get-tag (679 dependents) — a simple utility for reading the current Git tag inside a workflow — and actionlint (319 dependents), which wraps the actionlint tool to lint your workflow YAML files in CI.

GHAzDoWidget

Repo: rajbos/GHAzDo-widget

GHAzDoWidget is an Azure DevOps extension that shows GitHub Advanced Security alert counts directly in your Azure DevOps dashboards. If your source code lives in GitHub but your project management lives in Azure DevOps, this gets those alert totals — Dependabot, secret scanning, and code scanning — in front of you without having to switch context.

The extension ships in multiple widget sizes: a 2×1 combined overview, individual 1×1 tiles per alert type, and larger 2×2–4×2 widgets with trend lines, severity pie charts, open/dismissed/fixed status timelines, grouped-by-repo views, and a time-to-close scatterplot to visualise how quickly alerts get resolved.

Available on the Azure DevOps Marketplace.

Jarvis

Repo: rajbos/Jarvis

Jarvis is my personal, locally-hosted AI assistant — an Electron + TypeScript desktop app that lives in the system tray, starts automatically on boot, and sends all prompts to a local Ollama instance so nothing leaves my machine. New capabilities come in via MCP (Model Context Protocol) servers without needing to touch the core app.

The planned feature set reflects my own GitHub-heavy day-to-day:

• Guided onboarding to discover local Ollama models and connect GitHub via OAuth
• Automated GitHub maintenance tasks (secrets scanning, fork analysis, stale repo detection, dependency audits)
• Cross-repo activity tracking with weekly summary generation
• Async background jobs with rate-limit awareness
• Encrypted local SQLite store for config and conversation history

The project is currently in the first phases — the full architecture specification is in the repo if you want to follow along or contribute ideas.

Once you have your Microsoft Agent Framework (MAF) agent or workflow happily running locally on your dev machine, it’s time to decide how to deploy your agent to production, monitor it, evaluate it and version it. These decisions are just as important as getting the agent running. Hosted Agents in Foundry Agent Service is the easiest way to deploy Agent Framework agent to the cloud – with built-in identity, automatic scaling, managed session state, observability, and versioning.

What are Foundry Hosted Agents?

Foundry Hosted Agents are containerized applications that run inside Foundry Agent Service. Foundry Hosted Agents brings agent-optimized compute and services designed for production-grade enterprise agents, giving agents secure per-session sandboxes with filesystem persistence, integrated identity, and scale-to-zero economics. They are your own code, packaged as a container image and deployed to Foundry-manage infrastructure.

Core Capabilities:

• Predictable cold starts — spin up agent sessions and harnesses in your custom environment virtually instantly
• Scale to zero — pay nothing while your agent is idle, with an agent that will scale down on its own during inactivity
• Resume with filesystem intact — files, disk state, and session identity persist across scale-to-zero events. Your agent restarts with its full working directory exactly where it left off
• Per-session isolation is automatic — Every single agent session gets its own VM-isolated sandbox with persistent session state. Use isolation keys to easily manage and namespace your end users’ sessions
• BYO VNet Support – drive your agents’ outbound traffic via your VNet
• Production-ready agent endpoints – built-in agent versioning with stable endpoints for easy integration, weighted rollouts across versions
• Multiple protocols out of the box – OpenResponses protocol support with automatic mapping to/from Activity Protocol for one-click publish to Microsoft 365. Flexible Invocations protocol for custom application integrations, AG-UI support

When you deploy your MAF agent to Foundry Hosted Agents using azd it:

• (Optional) Creates all necessary resources, including a Foundry project and deploys a model.
• Packages your code, builds an image, and pushes it to Azure Container Registry (ACR).
• Pulls the image from ACR and provisions compute.
• Assigns a dedicated Entra ID to the agent.
• Expose a dedicated endpoint at, for example https://{project_endpoint}/agents/{agent_name}.
• Handles scaling, session state persistence, observability, and lifecycle management.

If unused, sessions persist for up to 30 days; idle compute is deprovisioned after 15 minutes and seamlessly restored on the next request. Read more about sessions in the here.

Choose your protocol: Responses or Invocations

Hosted agents speak one or both of two protocols:

• Responses: An OpenAI-compatible /responses endpoint. The platform manages conversation history, streaming events, and background execution.
• Invocations: A generic invocations endpoint where you define the request/response schema, giving you flexibility for any non-conversational workflow that doesn’t fit a chat-shaped contract.

We recommend starting with `/responses` if you are not sure which one to use. Read more about supported protocols in the here.

Foundry Hosted Agents + Microsoft Agent Framework

Microsoft Agent Framework gives you a clean programming model for building agents – chat clients, tools, MCP integrations, context providers, middleware, and multi-step workflows, with the same concepts and APIs across .Net and Python. Foundry Hosted Agents give that code a production-grade home. Using MAF and Foundry Hosted Agents together enables a bunch of exciting capabilities

• Bring your code as-is: The same agents and workflows you run locally are the ones running in the sandbox.
• First class identity: Each agent gets its own Entra ID, allowing your agent to call Foundry models, Foundry toolbox, and any other Azure services, without the need to store secrets in the image.  Read more about Agent Identity in the here.
• Version and safe rollout: Every deployment is an immutable version snapshot of your agent. Split traffic between versions for canary or blue/green rollout, and roll back instantly.
• Built-in observability: `APPLICATIONINSIGHTS_CONNECTION_STRING` is injected at runtime, so MAF’s OpenTelemetry traces flow into Application Insights with zero extra wiring.
• Stateful sessions: persist files and state to sessions and the platform restores them when a session resumes, even after idle scale-down.
• Foundry Toolbox: Connect to a Foundry Toolbox provisioned in the same Foundry project to use a wide variety of existing tools.

From local agent to hosted agent

To turn an agent into an agent host, it only takes a few lines of code.

In .Net:

using Microsoft.Agents.AI.Foundry.Hosting;

var builder = WebApplication.CreateBuilder(args);
builder.Services.AddFoundryResponses(agent);

var app = builder.Build();
app.MapFoundryResponses();

app.Run();

In Python:

server = ResponsesHostServer(agent)
server.run()

Get started today by exploring our samples:

• .Net samples
• Python samples

Each sample contains detailed instructions to run the agent locally and as a Foundry Hosted Agent.

Wrapping up

Microsoft Agent Framework lets you focus on agent logic. Foundry Hosted Agents give that logic a managed home with identity, scaling, sessions, versioning, and observability handled for you. Together, they shorten the distance between a prototype agent and a production agent. If you already have a local agent built using Microsoft Agent Framework, now it is the time to try hosting it in Foundry and experience the production benefits firsthand!

Our teams are working hard to bring Foundry Hosted Agent and MAF integration to General Availability soon. Stay tuned for more!

Further reading:

• Hosted Agent Announcement
• Foundry Hosted Agent Docs
• Foundry Models Docs
• Foundry Hosted Agent .Net Samples
• Foundry Hosted Agent Python Samples
• MAF Hosted Agent Integration Doc
• MAF .Net Samples
• MAF Python Samples

 

The Microsoft Agent Framework team is dedicated to empowering developers by providing access to the latest advancements in the industry. We encourage you to leverage your creativity and build remarkable solutions with MAF! Please reach out if you have any questions or feedback through our Agent Framework GitHub Discussion Channel. We look forward to hearing from you! We would also love your support, if you’ve enjoyed using Agent Framework, give us a star on GitHub.

The post From Local to Production: Deploy Your Microsoft Agent Framework Agent with Foundry Hosted Agents appeared first on Microsoft Agent Framework.

At Replit, we want all users to be able to build secure applications. In addition to features like Security Agent and Auto Protect, you can restrict access to your apps with Private Publishing. Private Publishing is ideal for apps that should only be accessible to a specific set of users — whether that’s a personal tool, an internal app for teammates, or an early prototype shared with close collaborators. Today, we’re introducing two updates that expand secure access for Replit builders: Private Publishing is now available to Core and Starter plan users. Previously, private deployments were limited to Pro and Enterprise plans. External Access Tokens are now available for all private apps. External Access Tokens let trusted external services securely access private apps without exposing the entire application to the public internet. Private Publishing works at the network level. When publishing, simply choose your desired access level and Replit will prevent unauthorized user requests from ever reaching your app.

Devin Review and Quick Review bring verification into the same workspace where you write code.

Deep integrations that bring the apps you use every day directly into Grok.