Thursday, October 31, 2024

GitHub Copilot for Xcode

Frederic Lardinois (MacRumors, Hacker News):

Microsoft-owned GitHub is bringing Copilot to Apple’s Xcode environment for the first time. Now in public preview, this will allow developers who build apps in Apple’s IDE with the assistance of Copilot. For now, the focus here is on code completion, but Copilot Chat and its other features will likely make their way into Xcode over time.

Copilot already supports Apple’s preferred languages Swift and Objective-C, so there’s no surprise there. Copilot, like on other platforms, will offer multi-line suggestions when it can and users will be able to block suggestions that match public code.

[…]

All paying Copilot users on individual, business, and enterprise plans will have access to this public beta now. All they have to do to get started is install the Copilot extension for Xcode.

GitHub Copilot for Xcode:

GitHub Copilot is an AI pair programmer tool that helps you write code faster and smarter. Copilot for Xcode is an Xcode extension that provides inline coding suggestions as you type.

Matt Pfeiffer:

No way! I thought source editor extensions were too limited for an ai tool to be all that useful/efficient inside of the Xcode box.

Javi:

It also uses accessibility APIs

Which is why:

The installation instructions on this page make me sad for the state of macOS.

Mo Rajabi:

Github Copilot for Xcode overlays a window on top of the editor for completions as Xcode extensions can’t do it.

It’s like how SpamSieve officially has a Mail extension, but the most important stuff is all done via other APIs because extension support is so limited and buggy.

Thomas Ricouard:

I’ve tried it a bit on some sample code, and it’s better than Xcode’s new (local) predictive model. It’s faster, more accurate, and can generate more lines of code.

[…]

It seems to fall slightly short of the Copilot extension within VSCode and Cursor tab. I guess that it doesn’t index and embed your entire project, only the current file.

Jesse Squires:

Was the original author involved with the GH copy?

Marcin Krzyzanowski:

They made a deal with the original author (and paid for that).

See also: Alex Sidebar.

Samuel Axon:

The large language model-based coding assistant GitHub Copilot will switch from exclusively using OpenAI’s GPT models to a multi-model approach over the coming weeks, GitHub CEO Thomas Dohmke announced in a post on GitHub’s blog.

First, Anthropic’s Claude 3.5 Sonnet will roll out to Copilot Chat’s web and VS Code interfaces over the next few weeks. Google’s Gemini 1.5 Pro will come a bit later.

Hugh Langley (via Hacker News):

More than a quarter of new code created at Google is generated by AI, said CEO Sundar Pichai on Tuesday during the company’s Q3 earnings call.

Previously:

9 Comments RSS · Twitter · Mastodon


With regard to the simple ten step process to install the extension, I love it. It’s this kind of stuff that kept me employed as a Windows administrator for so long.

The Mac vs PC UAC commercial was peak Apple. Ever since then they have been steadily on the path to making macOS the very thing they mocked.


Remember the days where all you needed to do was enter your admin password, and an installer or script could do the rest?

Has anyone ever, even a little bit, demonstrated that forcing users to do something in ten awkward steps rather than one easy step hampers malware in any appreciable way?


It works with Obj-C?! Does Xcode?


@Bri it does a little bit.

Problem is the scammers are much more motivated than the legitimate companies to write really well working software and really effective end user instructions.

Installing software you want requires lots of hoops, meanwhile I've watched Powershell scripts encrypting workstations while antivirus etc sits blissfully on the sidelines letting it happen.

Users can't manage to get remote sessions started with legitimate tech support, but scammers make highly notated instruction pages with pictures pointing to the correct locations and everything.


@Bart I think that bolsters my point, though. Since now *everything* requires something akin to ten annoying steps, the scammers just trick users into following their own ten annoying steps to compromise their system. The users naively follow the steps because it's not at all out of the ordinary. And that's for malware that doesn't find exploits to get around the security in the first place, and as we've seen, there's been no shortage of exploitable bugs.

In the end, the same number of people get scammed, nothing is any more protected than it was before, but everyone is constantly annoyed, inconvenienced, and unable to configure their computer meaningfully any longer, not to mention developers having to put in so many days of extra work to get their software to jump through these hoops. It just seems to me like this approach is a total failure.

Saying it's a failure, though, is assuming that the reason for all this security theater is actually security. These days I'm inclined to think it's more about control.


@Bri It’s a huge tax on developers, because even after jumping through the hoops, you continually have customers who need extra help with the steps (or working around issues where the security features don’t work as advertised) and some number of them (especially for less developery products) will just give up.


Don't I know this! Part of my work involves a software product containing a DriverKit extension, two apps that require Accessibility permission, and one that needs screen recording permission. So many users can't navigate all of that properly. And then there's the times where the system bugs out and the permissions don't work...


"More than a quarter of new code created at Google is generated by AI, said CEO Sundar Pichai on Tuesday during the company’s Q3 earnings call."

I wonder what that actually means. If I type 'println("He' and Copilot suggests 'llo World");', did it just write 50% of my code? Because if that's how it's counted, then the number is both meaningless and oddly low.

"It’s a huge tax on developers"

That's the main issue, and another reason for just shipping a web app instead of dealing with this crap.


Aside from the misleading “Accessibility”
permission, I guess what’s sad here is that Apple doesn’t seem to be on any path to _improve_ their TCC UX.

They seem to mostly just look at their metrics, see various privacy and security abuses, and _re_act to those. But they _act_ very little.

Leave a Comment