The next version of CSLA is out! Carl and Richard talk to Rocky Lhotka about his business objects framework that pre-dates .NET itself! Rocky discusses the surge in development that occurred for version 9, where a company heavily dependent on CSLA contracted developers to clear some of the backlog. The result is a few new long-term contributors, resulting in an increased development candence and a substantial modernization of the code base. The conversation also turns to AI and its role in development, as well as Rocky's experiments with making an MCP server for CSLA!



Download audio: https://dts.podtrac.com/redirect.mp3/api.spreaker.com/download/episode/68247228/dotnetrocks_1973_csla_9.mp3

Google is migrating all its internal workloads to run on both x86 and its custom Axion Arm chips, with major services like YouTube, Gmail, and BigQuery already running on both architectures. The Register reports: The search and ads giant documented its move in a preprint paper published last week, titled "Instruction Set Migration at Warehouse Scale," and in a Wednesday post that reveals YouTube, Gmail, and BigQuery already run on both x86 and its Axion Arm CPUs -- as do around 30,000 more applications. Both documents explain Google's migration process, which engineering fellow Parthasarathy Ranganathan and developer relations engineer Wolff Dobson said started with an assumption "that we would be spending time on architectural differences such as floating point drift, concurrency, intrinsics such as platform-specific operators, and performance." [...] The post and paper detail work on 30,000 applications, a collection of code sufficiently large that Google pressed its existing automation tools into service -- and then built a new AI tool called "CogniPort" to do things its other tools could not. [...] Google found the agent succeeded about 30 percent of the time under certain conditions, and did best on test fixes, platform-specific conditionals, and data representation fixes. That's not an enormous success rate, but Google has at least another 70,000 packages to port. The company's aim is to finish the job so its famed Borg cluster manager -- the basis of Kubernetes -- can allocate internal workloads in ways that efficiently utilize Arm servers. Doing so will likely save money, because Google claims its Axion-powered machines deliver up to 65 percent better price-performance than x86 instances, and can be 60 percent more energy-efficient. Those numbers, and the scale of Google's code migration project, suggest the web giant will need fewer x86 processors in years to come.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: New research coordinated by the European Broadcasting Union (EBU) and led by the BBC has found that AI assistants -- already a daily information gateway for millions of people -- routinely misrepresent news content no matter which language, territory, or AI platform is tested. The intensive international study of unprecedented scope and scale was launched at the EBU News Assembly, in Naples. Involving 22 public service media (PSM) organizations in 18 countries working in 14 languages, it identified multiple systemic issues across four leading AI tools. Professional journalists from participating PSM evaluated more than 3,000 responses from ChatGPT, Copilot, Gemini, and Perplexity against key criteria, including accuracy, sourcing, distinguishing opinion from fact, and providing context. Key findings: - 45% of all AI answers had at least one significant issue. - 31% of responses showed serious sourcing problems - missing, misleading, or incorrect attributions. - 20% contained major accuracy issues, including hallucinated details and outdated information. - Gemini performed worst with significant issues in 76% of responses, more than double the other assistants, largely due to its poor sourcing performance. - Comparison between the BBC's results earlier this year and this study show some improvements but still high levels of errors. The team has released a News Integrity in AI Assistants Toolkit to help develop solutions to these problems and boost users' media literacy. They're also urging regulators to enforce laws on information integrity and continue independent monitoring of AI assistants.

Read more of this story at Slashdot.

OpenBSD 7.8 has been released, adding Raspberry Pi 5 support, enhanced AMD Secure Encrypted Virtualization (SEV-ES) capabilities, and expanded hardware compatibility including new Qualcomm, Rockchip, and Apple ARM drivers. Phoronix reports: OpenBSD 7.8 also brings multiple improvements around enabling AMD Secure Encrypted Virtualization (AMD SEV) support with support for the PSP ioctl for encrypting and measuring state for SEV-ES, a new VMD option to run guests in SEV-ES mode, and other enablement work pertaining to that AMD SEV work in SEV-ES form at this point as a precursor to SEV-SNP. AMD SEV-ES should be working to start confidential virtual machines (VMs) when using the VMM/VMD hypervisor and the OpenBSD guests with KVM/QEMU. OpenBSD 7.8 also improves compatibility of the FUSE file-system support with the Linux implementation, suspend/hibernate improvements, SMP improvements, updating to the Linux 6.12.50 DRM graphics drivers, several new Rockchip drivers, Raspberry Pi RP1 drivers, H.264 video support for the uvideo driver, and many network driver improvements. The changelog and download page can be found via OpenBSD.org.

Read more of this story at Slashdot.

Every developer has that project they build just for the fun of it. You know how it goes: you start by asking “what if?” and then you have something weird and wonderful hours later. 

This summer, we decided to celebrate that spirit with For the Love of Code, our first-ever competition for projects built purely for fun. More than 300 developers answered the call. Some leaned on GitHub Copilot to refactor ideas, fix bugs, and spark inspiration. Some teamed up. Others flew solo, guided only by caffeine and curiosity.

Entries spanned everything from a Breakout game powered by your GitHub graph, to a laugh-track that plays on every commit, a Yelp-style code reviewer in VS Code ★★★★☆, a Copilot you can literally see on camera, and even a comic strip made from your release notes.

We invited participants to build anything that sparks joy across six whimsical categories:

• 🔘 Buttons, beeps & blinkenlights: Hardware hacks, LEDs, sensors, and gadgets galore.
• 🖥️ Terminal talent: Command-line creations and retro computing love letters.
• 🌐 World wide wonders: Browser-based experiments, apps, and interactive art.
• 🤖 Agents of change: AI, bots, and automation with heart.
• 🕹️ Game on: Games big or small, serious or silly.
• 🃏 Everything but the kitchen sink: The wildcard (if it doesn’t fit anywhere else, it fits here).

Meet the winners: Open source experiments, AI side projects, and more

Here are the top three entries from each category.

🔘 Buttons, beeps & blinkenlights 

Plane Tracker: DIY radar on your desk

Plane Tracker by @cpstroum is a DIY radar that uses an Adafruit Circuit Playground, Bluetooth, and the ADS-B Exchange API to fetch live flight data. It turns nearby planes into a real-time mini radar display.

Copilot cameo: GitHub Copilot helped @cpstroum with Git itself and with structuring the initial project for their first real push to GitHub. Thanks, Copilot! And welcome aboard, @cpstroum!

Cadrephoto: The easy e-ink photo frame

Cadrephoto by @ozh is a Raspberry Pi and e-ink photo frame that displays pictures emailed to it (no app, no setup, perfect for less tech-savvy people). It checks an inbox, downloads the latest photo, and updates the screen automatically.

Copilot cameo: GitHub Copilot helped @ozh with their first Python project. It worked smoothly inside JetBrains IDEs and made code completion feel almost like magic.

BuildIn: Traffic-light builds for your repository

BuildIn by @SUNSET-Sejong-University and @lepetitprince99 is a real-life traffic light for your code that sits on your desk. Using an Arduino and the GitHub API, it lights up red, yellow, green, or blue to show your repository’s build status at a glance.

Copilot cameo: GitHub Copilot helped @SUNSET-Sejong-University debug and optimize their code. It saved time tracking down tricky hardware issues and made troubleshooting much easier.

🖥️ Terminal talent

RestoHack: A roguelike resurrected from 1984

RestoHack by @Critlist resurrects the 1984 roguelike game that inspired NetHack, rebuilt from the original source with modern tools and a preservationist’s touch. It compiles cleanly, runs faithfully, and proves that forty years later, permadeath still hits hard.

Jukebox CLI

Jukebox CLI by @FedeCarollo is a colorful, animated jukebox that runs right in your terminal. Built in Rust with Ratatui, it plays MP3s, shows floating musical notes, and color-codes each track in a scrollable playlist. You can play, pause, skip, and adjust the volume without ever leaving your command line.

Copilot cameo: GitHub Copilot helped @FedeCarollo explore unfamiliar Rust libraries and find their footing.

Tuneminal: Sing your commits from the command line

Tuneminal by @heza-ru turns your terminal into a full-blown karaoke stage with scrolling lyrics, live audio visualization, and scoring that rewards your inner rock star. It’s open source, cross-platform, and the perfect excuse to sing while that git clone takes a while.

🌐 World wide wonders

Netstalgia: Surf the ‘90s web on virtual dial-up

Netstalgia by @heza-ru (again!) is a fully functional ‘90s web fever dream built with modern tech, but visually stuck on virtual dial-up. It’s got dancing babies, popup ads, a fake BBS, and more CRT glow than your old Gateway 2000 ever survived.

In true retro internet spirit, it even ships with a fake GitHub Star Ransomware—a tongue-in-cheek “virus” that demands you star the repo to “decrypt your files.” A clever (and harmless) new twist on the eternal quest for GitHub stars. ⭐💾

Bionic Reader: Speed read your screen

Bionic Reader by @Awesome-XV rewires how you read by bolding the first few letters of each word so your brain fills in the rest. It’s like giving your eyes a speed boost without the caffeine jitters to read faster than ever.

Copilot cameo: GitHub Copilot helped @Awesome-XV write project documentation and scaffold the initial codebase.

The Git Roast Show: Roast your GitHub profile… lovingly

Git Roast Show by @rawrnuck and @Anmol0201 is a full-stack web app that humorously “roasts” your GitHub profile. Built with React, Vite, and Express, it fetches live GitHub data to generate personalized, sound-enhanced, and animated comedy roasts.

Copilot cameo: GitHub Copilot helped @rawrnuck understand algorithms and handle the repetitive parts of their project.

Nightlio: a mood tracker you actually own

Nightlio by @shirsakm is a privacy-first mood tracker and daily journal you can self-host in minutes. Log how you feel on a 5-point scale, add Markdown notes, tag entries like #Sleep or #Productivity, then explore calendars, streaks, and simple stats to spot patterns. It runs anywhere with Docker, stores data in a local SQLite file, and keeps things clean with JWT-protected APIs, a React/Vite front end, and optional Google OAuth. No ads. No subscriptions. Your server, your rules.

Note: Because @heza-ru placed in two categories, we’ve added a fourth winner to this category.

Copilot cameo: GitHub Copilot helped @shirsakm with refactors, color palette updates, and codebase-wide changes that would have taken much longer by hand.

🤖 Agents of change

Neosgenesis: AI that thinks about thinking

Neosgenesis by @answeryt is a metacognitive AI framework that teaches machines to think about how they think. It runs a five-stage loop (think, verify, learn, optimize, decide) while juggling multiple LLMs, tools, and real-time feedback. A multi-armed bandit picks the best reasoning patterns, and when it stalls, an “aha” mode explores fresh paths.

MediVision Assistant: Accessible AI healthcare for all

MediVision Assistant by @omkardongre is an AI healthcare companion that helps elderly and disabled users manage their health through voice, image, and video. Users can scan medications, analyze skin conditions, log symptoms by voice, and chat with an AI doctor-like assistant.

Copilot cameo: GitHub Copilot helped @omkardongre generate React components, API templates, and AI integration code. It handled the boilerplate so they could focus on building features and improving the experience.

Quiviva: The résumé that talks back

Quiviva by @katawiecz is an interactive AI-powered CV that turns a job hunt into a chat adventure. Ask about skills or projects, or type “Gandalf” to unlock secret nerd mode. All this goes to show that even résumés can be fun.

🕹️ Game on

AI-Dventure: Infinite worlds, infinite choices

AI-Dventure by @FedeCarollo is an interactive text adventure built in Rust and powered by OpenAI’s models. Players explore dynamically generated worlds in fantasy, horror, sci-fi, or historical settings where every command shapes the story and no two runs are the same.

BeatBugging: Debug to the beat

BeatBugging by @sandra-aliaga, @Joshep-c, @RyanValdivia, and @tniia turns debugging into a rhythm game that converts your system logs into musical beats. Built in Python, it lets you fix bugs to the rhythm on a 5-by-5 grid and makes debugging sound unexpectedly good.

Copilot cameo: GitHub Copilot helped the team figure out next steps when they got stuck, offering helpful hints that kept development moving.

MuMind: A multiplayer battle of wits and vibes

MuMind by @FontesHabana is a web-based multiplayer version of the party game Herd Mentality, where players try to match the majority’s answers to score points. Built with React, Tailwind CSS, and Framer Motion, it offers multilingual support, lively animations, and a smooth, responsive experience.

🃏 Everything but the kitchen sink

GitFrag: Defrag your contributions graph

@chornonoh-vova built GitFrag to reorganize your contributions graph using classic sorting algorithms (bubble, merge, quick, and counting sort). Each is visualized with smooth progress animations, GitHub login, and dark mode support. There’s also a wonderful writeup of how the developer approached it.

Copilot cameo: GitHub Copilot helped @chornonoh-vova structure their understanding of algorithms and add thoughtful details that made their visualization shine.

Code Sensei: Meditate your way through VS Code

Code Sensei by @redhatsam09 turns your VS Code sessions into a zen pixel adventure where your focus fuels the fun. Type to walk, pause to hop—but stay away too long away and your sensei meets a dramatic, 8-bit demise.

Reviewer Karma: Good vibes for great reviews

Reviewer Karma by @master-wayne7 keeps your pull requests peaceful by rewarding reviewers for good vibes and great feedback. Every emoji, comment, and code critique earns points on a live leaderboard that turns pull request reviews into a friendly competition.

Copilot cameo: GitHub Copilot helped @master-wayne7 write efficient Go code for the GitHub API, structure logic for assigning karma points, and handle repetitive tasks like error checking and markdown generation. It kept the project flowing smoothly from start to finish.

---

These projects show what’s possible when we let our curiosity take center stage

Remember these are hackathon projects. They might not be feature complete, there may be bugs, spaghetti code, and the occasional rogue program escaped from the Grid. But they are clear examples of what we can accomplish when we do something just for the love of it.

All of our category winners get 12 months of GitHub Copilot Pro+.

If For the Love of Code proved anything, it’s that creativity and code thrive best together—especially with Copilot lending a hand.

Shoutout to the makers

Congratulations to all of our winners: @Anmol0201, @answeryt, @Awesome-XV, @chornonoh-vova, @cpstroum, @Critlist, @FedeCarollo, @FontesHabana, @heza-ru, @joshep-c, @katawiecz, @lepetitprince99, @master-wayne7, @omkardongre, @RyanValdivia, @ozh, @rawrnuck, @redhatsam09, @sandra-aliaga, @shirsakm, @SUNSET-Sejong-University, @tniia.

Massive thank you to our judges, which included a mix of GitHub Stars, Campus Experts, and GitHub Developer Relations friends: @Ba4bes, @colbyfayock, @j0ashm, @JuanGdev, @howard-lio, @luckyjoseph, @metzinaround, @Taiwrash, and @xavidop.

And thank you Copilot for your assistance!

Now back to work everyone! Playtime is over.

💜 If you enjoyed For the Love of Code, stay tuned… Game Off 2025 begins this November!

The post From karaoke terminals to AI résumés: The winners of GitHub’s For the Love of Code challenge appeared first on The GitHub Blog.

Proposed solution:

One way to achieve this result is by integrating few pieces of available technology. It sounds like a lot of moving parts but we do not need

• App registration in EntraID
• MS Graph API
• Defender API
• Powershell scripting language.
• File encryption

App registration in EntraID:

What this does is to provide a connection point between PowerShell and the information you want to access. Since creating an app registration creates a client secret and appId we can leverage these two pieces of information on the PowerShell script.

For reference from our documentation: How to register an application in EntraID.

1.- Jump into your EntraID tenant --> manage --> App registrations and click on “New registration” (Figure 1)

Figure 1. EntraID App registration process

 

2.- This is a simple app registration process, nothing complicated, it is just to obtain that AppID and ClientSecret value we need for the PowerShell script. For the purpose of the test, I called the app “DefenderEntraQueryApp” and configured with the following settings:

Authentication settings:

Fig 2. Authentication settings of app registration.

 

Certificates & Secrets:

 

 

Fig 3. Certificates and App client secret.

NOTE: remember when you create the app registration the client secret (Value) is shown only that time, after you move away from the app registration creation screen, the client secret will not be shown again. If you cannot grab the ClientSecret during registration of the app, you can click on the “New client secret” button from the view, create a new client secret and delete the previous one.

API Permissions:

 

Fig 4. API permissions.

After these parameters are configured in EntraID, you need to grab the following parameters from EntraID and insert this in the PowerShell script:

$tenantId   = "MY-TENANT-ID"

$clientId   = "MY-CLIENT-ID"

$secretPath = "C:\certs\clientSecret.dat"

$deviceList = Get-Content "C:\temp\devices.txt"

NOTE: The $deviceList variable is the text file where you will input the computer names you want to interrogate. Adjust the path for the text file to your preferred path and file name but be sure to reflect that in the script logic.

 

Encrypting client secret EntraID Application:

Since the client secret generated when registering the application in EntraID is in plain text, we cannot allow this information to be passed on in the script in plain text.

For this, we encrypt the client secret information into a .dat file using Windows DPAPI encryption and the script will pull it from a location on the user’s computer.

It is worth noting that the .dat file is bound to the user creating it, so, if you try to export this .dat file to another computer, the script will fail. Below is the one-time setup needed to create the .dat encrypted file the script will use.

 

To encrypt the client secret from your EntraID registered application, do the following:

The first line on the code sequence below adds the assemblies for System.Security that will instruct PowerShell this is an encryption operation. Run each of these lines, one by one in a PowerShell window with elevated privileges.

NOTE: change the path in line 6 of this piece of code to the path where you want the .dat file generated.

Add-Type -AssemblyName System.Security

$plainText = "your-client-secret"

$secureBytes = [System.Text.Encoding]::UTF8.GetBytes($plainText)

$encrypted = [System.Security.Cryptography.ProtectedData]::Protect($secureBytes, $null, [System.Security.Cryptography.DataProtectionScope]::CurrentUser)

[System.IO.File]::WriteAllBytes("C:\temp\clientSecret.dat", $encrypted)

Now that the app registration and client secret encryption  is out of the way you can populate the text file with the list of computers you want to check, for example:

For the example, I am assuming the path for the text file is c:\temp

 

 

Fig 5. devices.txt file used as input to target multiple computers

 

Single entry per line, no space at the end. As you can see based on the device names from Fig 5. the script works for any supported OS as long as the machine is registered in EntraID.

After the text file is saved, open a Powershell windows with elevated privileges and proceed to connect your EntraID tenant for authentication purposes.

Use this command to connect to EntraID: Connect-AzureAD validate your credentials and them switch to the path where the script is, if you are not already there, and then execute the script in the PowerShell window:

Fig 6. Running the PS Script

 

Fig 7. Authenticating to EntraID:

 

Fig 8. Output of the script:

The script also exports the list to a .csv file, by default the path for the .csv file is c:\temp\DeviceStatus.csv

High level execution of the script:

PowerShell scripting code:

Code disclaimer:

The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.

NOTE: When using your scripting editing tool of choice, be aware of any additional spaces added as a result of the copy/past operation into your editing tool.

=== CONFIGURATION ===

#This script loops through a list of devices to check if the device is enabled or disabled in EntraID

#It uses the MS Graph API and a simple app registration in EntraID with consent granted to access

#Defender via Defender API

#Steps to define the pre-requisites for the script to run will be provided in a separate doc guide #Author: Edgar Parra - Microsoft v1.2

$tenantId = "MY-TENANT-ID"

$clientId = "MY-CLIENT-ID"

$secretPath = "C:\certs\clientSecret.dat"

$deviceList = Get-Content "C:\temp\devices.txt"

=== LOAD ENCRYPTED CLIENT SECRET ===

Add-Type -AssemblyName System.Security if (-not (Test-Path $secretPath)) { Write-Host "Encrypted client secret file not found at $secretPath." return } try { $encryptedSecret = [System.IO.File]::ReadAllBytes($secretPath) $decryptedBytes = [System.Security.Cryptography.ProtectedData]::Unprotect( $encryptedSecret, $null, [System.Security.Cryptography.DataProtectionScope]::CurrentUser ) $clientSecret = [System.Text.Encoding]::UTF8.GetString($decryptedBytes) } catch { Write-Host "Error decrypting client secret: $($_.Exception.Message)" return }

=== AUTHENTICATION ===

$body = @{ grant_type = "client_credentials" scope = "https://graph.microsoft.com/.default" client_id = $clientId client_secret = $clientSecret } try { $tokenResponse = Invoke-RestMethod -Method Post -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -Body $body $accessToken = $tokenResponse.access_token } catch { Write-Host "Error retrieving token: $($_.Exception.Message)" return } $headers = @{ Authorization = "Bearer $accessToken" "Content-Type" = "application/json" Accept = "application/json" }

=== LOOP THROUGH DEVICES ===

$results = @() foreach ($deviceName in $deviceList) { $escapedDeviceName = $deviceName -replace "'", "''" $uri = "https://graph.microsoft.com/v1.0/devices?`$filter=displayName eq '$escapedDeviceName'" try { $response = Invoke-RestMethod -Uri $uri -Headers $headers -Method Get if ($response.value.Count -eq 0) { Write-Host "Device '$deviceName' not found." $results += [PSCustomObject]@{ DeviceName = $deviceName Status = "Not Found" } } else { $device = $response.value[0] $status = if ($device.accountEnabled) { "Enabled" } else { "Disabled" } Write-Host "$($device.displayName): $status" $results += [PSCustomObject]@{ DeviceName = $device.displayName Status = $status } } } catch { $errorMessage = $.Exception.Response.GetResponseStream() | % { New-Object System.IO.StreamReader($) } | % { $_.ReadToEnd() } Write-Host "Error querying '$deviceName': $errorMessage" $results += [PSCustomObject]@{ DeviceName = $deviceName Status = "Error" } } }

=== EXPORT RESULTS TO CSV ===

$results | Export-Csv -Path "C:\temp\DeviceStatus.csv" -NoTypeInformation

Explore additional resources:

For further insights and guidance on data protection encryption and app registrations in EntraID, consider reviewing these related articles:

• Using Windows Data Protection API in Windows 11
• App registration in EntraID