惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Latest
Security Latest
D
DataBreaches.Net
The Register - Security
The Register - Security
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
F
Full Disclosure
Engineering at Meta
Engineering at Meta
The GitHub Blog
The GitHub Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
P
Proofpoint News Feed
D
Docker
Y
Y Combinator Blog
T
The Blog of Author Tim Ferriss
云风的 BLOG
云风的 BLOG
G
Google Developers Blog
I
InfoQ
H
Help Net Security
MongoDB | Blog
MongoDB | Blog
Recent Announcements
Recent Announcements
L
Lohrmann on Cybersecurity
T
The Exploit Database - CXSecurity.com
Recorded Future
Recorded Future
G
GRAHAM CLULEY
Microsoft Security Blog
Microsoft Security Blog
WordPress大学
WordPress大学
L
LINUX DO - 热门话题
阮一峰的网络日志
阮一峰的网络日志
The Cloudflare Blog
Help Net Security
Help Net Security
雷峰网
雷峰网
W
WeLiveSecurity
GbyAI
GbyAI
N
News and Events Feed by Topic
L
LINUX DO - 最新话题
T
Tailwind CSS Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
V
Vulnerabilities – Threatpost
V
V2EX
Application and Cybersecurity Blog
Application and Cybersecurity Blog
M
MIT News - Artificial intelligence
J
Java Code Geeks
Microsoft Azure Blog
Microsoft Azure Blog
Last Week in AI
Last Week in AI
Hugging Face - Blog
Hugging Face - Blog
Cisco Talos Blog
Cisco Talos Blog
Webroot Blog
Webroot Blog
AI
AI
S
Security @ Cisco Blogs
Jina AI
Jina AI
The Last Watchdog
The Last Watchdog
Google DeepMind News
Google DeepMind News

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
AI credits are the new lines of code metric
Paulo Victor Leite Lima Gomes · 2026-06-21 · via DEV Community

GitHub added a tiny field to the Copilot usage metrics API this week that is going to create a lot of very confident spreadsheets.

Enterprise and organization admins can now see ai_credits_used in the user-level Copilot usage reports. One field. Per user. Available for single-day and 28-day reports. It is not the invoice, and GitHub is careful to say it is a consumption signal rather than a billed total.

Still, the shape is obvious.

Now AI usage can sit next to adoption, activity, team, department, cost center, and whatever else the company already exports into a dashboard.

That is useful.

It is also exactly how a tool metric becomes a management metric.

And once that happens, the question is no longer "can we measure AI usage?"

The question is "what weird behavior will this metric create?"

every useful metric becomes a temptation

I understand why this field exists.

If a company is paying for Copilot, especially with usage-based pieces attached to more expensive models and premium features, it needs some way to understand consumption. Platform teams need budget signals. Engineering leaders need adoption signals. Procurement needs something more concrete than "people seem to like it." Finance will eventually ask why one org burns through credits much faster than another.

That is normal.

The problem starts when a consumption signal is treated as a productivity signal.

High AI credit usage might mean a developer is doing valuable work with agent mode, code review, test generation, refactoring, or research. It might also mean the developer is stuck, repeatedly asking the model to solve the wrong problem, generating code that gets deleted, or using a heavyweight model where a small one would have been fine.

Low AI credit usage might mean a developer does not need much help. It might mean the work is mostly design, review, debugging, incident response, mentoring, or architecture. It might mean the codebase is small and well understood. It might mean the developer is skeptical. It might also mean the developer has not learned the tool yet.

The number alone does not know.

That is the first trap.

AI credits are not output.

They are input.

we have seen this movie

Software has a long history of measuring the thing that is easiest to count and then pretending it represents the thing we actually care about.

Lines of code. Commits. Pull requests. Story points. Tickets closed. Test coverage percentage. Build count. Deploy count. Review comments. Meeting hours. Slack messages. Keyboard activity, if you work somewhere especially cursed.

Some of those metrics are useful in context. None of them are engineering quality.

Lines of code are the classic example because everyone knows they are silly and people still accidentally reinvent them. A developer who deletes 3,000 lines of unnecessary code may have done the most valuable work of the quarter. A developer who adds 3,000 lines may have created six months of maintenance work.

The metric is not evil. The interpretation is.

AI credits have the same smell.

If a team uses them to understand budget, adoption, and tool behavior, good. If a team uses them to ask why a workflow is expensive, also good. If a team uses them to decide whether a department needs training, maybe good.

If a manager starts asking why Alice used 10x more credits than Bob, or why Carol used almost none, without looking at the work, the code, the reviews, and the outcomes, we are back in lines-of-code land with better branding.

activity is not leverage

The most interesting AI work is not always the most visible AI work.

A senior engineer might use Copilot heavily for one hour to explore three possible designs, then write the final change mostly by hand. Another engineer might spend an afternoon in agent mode producing a large pull request that reviewers reject because it missed a domain constraint. A third might use chat as a rubber duck during a tricky production incident and ship no code at all.

Which one was productive?

The credit number cannot answer that.

The credit number can tell you something was consumed.

It cannot tell you whether the work got better.

This distinction matters because AI tools make activity look very busy. Agents run commands. They edit files. They summarize. They retry. They generate tests. They open diffs. They can burn tokens while looking like they are making progress.

Sometimes they are.

Sometimes they are pacing around the same mistake with a nicer transcript.

If managers only see consumption, they will mistake motion for leverage.

The better question is not "who used the most AI?"

The better question is "where did AI usage change the work in a way we can defend?"

Did review time go down without defects going up? Did boring migrations become cheaper? Did flaky dependency upgrades get less painful? Did junior engineers get better feedback earlier? Did senior engineers spend less time on boilerplate and more time on design? Did incidents resolve faster? Did the team ship maintainable changes with fewer abandoned branches?

Those are harder questions.

That is why they are better.

cost visibility is still good

I do not want to sound like the answer is "never measure this."

Please measure it.

AI cost has to become visible. Otherwise teams will discover the bill after habits have already formed.

If a new coding-agent workflow costs $4 per successful dependency upgrade, that might be wonderful. If it costs $180 because the agent keeps running the full integration suite, calling the largest model, and regenerating the same patch, someone should notice. If one repository burns credits because its build is slow, its tests are noisy, or its instructions are bad, that is useful platform feedback.

Per-user and per-team metrics can also reveal adoption gaps. Maybe one team is getting real value because it built good repository instructions and narrow workflows. Maybe another team is paying for seats nobody uses. Maybe a third team is using AI constantly but still rejecting most generated work.

All of that is worth knowing.

But the metric needs to stay attached to a workflow, not a moral judgment about the person.

The useful unit is often not "Paulo used 1,200 credits."

It is "the weekly dependency update workflow for service X used 1,200 credits, produced three pull requests, passed tests twice, needed one human rewrite, and saved roughly half a day of maintenance work."

That is an engineering conversation.

"Why did Paulo use 1,200 credits?" is a trap unless you already know what he was doing.

make credits part of the review trail

For agentic coding, I would like credit usage to show up next to the rest of the evidence.

Not as a leaderboard.

As a cost line in the work record.

An agent session should have an ID. It should link to the issue, branch, pull request, logs, tool calls, model choices, retries, test runs, and human approvals. Credit usage belongs there. It helps the team understand the actual cost of a workflow and compare it with the outcome.

For example:

  • small lint migration: low credits, high acceptance, safe to automate
  • dependency upgrade: medium credits, medium acceptance, needs better tests
  • feature implementation: high credits, low acceptance, keep human-led
  • incident research: variable credits, valuable summaries, retain evidence carefully
  • code review assistance: low credits, noisy comments, improve repository instructions

That kind of measurement changes behavior in a good way. It pushes teams to design better workflows.

The bad version pushes teams to rank developers by how much AI they consumed.

One is platform engineering.

The other is cargo-cult management with an API.

incentives will arrive quietly

The dangerous thing about metrics is that nobody has to announce the bad incentive.

At first, the dashboard is just informational. Then a leader asks why one team uses less Copilot than another. Then someone adds a target. Then managers start nudging people to "adopt AI more." Then a developer leaves the model running more often because the organization has made usage feel like modernity.

Or the incentive goes the other way.

Finance notices high consumption. A manager starts asking people to justify AI use. Engineers stop using the tool for exploratory work because it looks expensive. The team saves credits and loses leverage.

Both failures come from the same mistake: treating usage as the goal.

Usage is not the goal.

Better software is the goal.

Cheaper maintenance is the goal.

Faster feedback is the goal.

Less boring toil is the goal.

More reliable systems are the goal.

If AI credits help you understand those things, great. If they replace those things, you have built a productivity theater with nicer telemetry.

what i would measure instead

If I were responsible for an engineering org using Copilot broadly, I would still collect AI credit usage. I would just refuse to let it stand alone.

I would join it with workflow outcomes:

  • pull request acceptance rate
  • review cycle time
  • defect rate after merge
  • test failure patterns
  • reverted changes
  • abandoned agent sessions
  • human rewrite frequency
  • cost per successful task template
  • model choice by workflow
  • repository instruction changes over time

I would also look for places where high AI usage is a symptom.

Maybe the documentation is bad. Maybe the test suite is too slow. Maybe the service boundaries are unclear. Maybe onboarding is painful. Maybe the agent keeps rereading the same files because the repo has no useful map. Maybe developers are using chat to compensate for architecture nobody understands.

That is the part I find interesting.

AI credit usage may become a weird new observability signal for the developer experience itself.

Not "who is productive?"

"Where is the work expensive to understand?"

That is a much better question.

the punchline

GitHub exposing ai_credits_used is a reasonable product feature. Enterprises need budget visibility. Platform teams need consumption data. AI-assisted development cannot stay a mysterious line item forever.

But we should be honest about what the metric means.

AI credits measure consumption. They do not measure judgment, maintainability, leverage, taste, review quality, incident response, mentoring, or whether the final system got simpler.

So use the number.

Just do not worship it.

The teams that handle this well will treat AI credits like cloud cost: useful when tied to services, workflows, outcomes, and ownership.

The teams that handle it badly will reinvent lines of code, except this time the line goes through a model bill.

To test my projects, I use Railway. If you want $20 USD to get started, use this link.