GitHub Copilot Enterprise is now generally available

GitHub Copilot Enterprise is now generally available

GitHub Copilot Enterprise, our most advanced AI offering to date, is now generally available. With GitHub Copilot Enterprise, you can:

  • Gain a deeper understanding of your organization’s unique codebase: Copilot Chat in GitHub.com understands your code and streamlines code navigation and comprehension for developers.
  • Quickly access organizational knowledge and best practices: By letting developers attach knowledge bases (formerly known as docsets) to conversations, Copilot Chat in GitHub.com can answer questions based on your Markdown documentation stored on GitHub.
  • Review pull requests faster: With pull request summaries generated by GitHub Copilot and the ability to chat about changes in a pull request, reviewers can get up to speed on a pull request quickly and spend more time providing valuable feedback.

Following on from our limited public beta, we are bringing the following improvements to GitHub Copilot Enterprise today to make Copilot even smarter:

  • GitHub Copilot can now search Bing within chat conversations in GitHub.com to answer questions and find information outside of its general knowledge or your codebase (public beta).
  • You can now access your knowledge bases (formerly known as docsets) from any Copilot Chat conversation in GitHub.com with the “Attach knowledge” button. Organization owners can create knowledge bases from an organization’s settings.
  • GitHub Copilot knows about code as you browse, so you no longer have to be explicit about exactly what file, symbol or snippet you want to chat about.

Example conversation demonstrating how GitHub Copilot can access the code you are currently looking at

  • GitHub Copilot generates pull request summaries that are now more structured, with a “Summary” section that gives a high-level overview, and an “Outline” section that walks through the code.
  • GitHub Copilot can now analyze and explain any pull request diff, making it easier for pull request reviewers to understand changes and share great feedback.

Example conversation demonstrating how GitHub Copilot can explain and improve pull request diffs

Ready to give Copilot Chat in GitHub.com a try? Here are some suggested prompts to get you started:

  • Ask a question about recent events to trigger a Bing search: What updates were there in Node.js v20?
  • Open GitHub Copilot Chat on a repository and ask a question about the repository: Where is the turnOn function defined?
  • Open a file on GitHub.com and ask a question about that file: Draft unit test cases for each of the functions in the file I’m currently viewing

Enterprise Managed Users can now enable secret scanning on their user namespace repositories. Owners of user repositories will receive secret scanning alerts when a supported secret is detected in their repository. User namespace repositories can also enable push protection.

In the enterprise level list of secret scanning alerts, enterprise owners can view all secrets detected in user namespace repositories. Enterprise owners can temporarily access user namespace repositories to view the secret details.

User namespace repositories are included in the security risk and coverage pages.

Secret scanning will also be supported on Enterprise Server personal repositories starting on GHES 3.13.

See more

As a proactive measure to protect Github.com availability, GitHub Apps that attempt to create high-complexity scoped installation tokens will receive failures if they would individually reference too many repositories. At the time of release, no GitHub App is above these limits – the limit is approximately 8 times higher than what any app is consuming. See below for details on how complexity is calculated.

Scoped tokens allow a GitHub App to create an installation token that has just a subset of the privileges that the app has within an organization – both a reduced set of repositories, as well as permissions.
In this way, an application with many permissions and access to many repositories can still safely request a token that’s good for just the access that’s currently required, a useful least-privilege feature.

When requesting a scoped token, applications can indicate both the permissions and repositories that are desired. Both parameters are optional, and if either is omitted the full corresponding access will be given to the token, either all granted permissions or all accessible repositories.

The first limit being added is when the repositories are included in the token request – now, no more than 500 individual repositories can be listed.

The second limit is if the repositories are not listed but permissions are, and the application is installed on some repositories in the organization – as in, it has not been explicitly granted access to all repositories in the organization.
In that case, the limit is based on the number of permissions being requested and the number of repositories the application has access to. If the complexity limit is exceeded, the application will recieve an error: Too many repositories for installation, and provides the maximum number of repositories the application can have access to in order to succeed, as well as other options to reduce the complexity of your token, which are provided here as well.

To reduce the complexity of your token request, you can do one of the following:
1. Reduce the number of repositories that the application has access to in the organization.
2. Reduce the number of permissions requested for the token.
3. Set the application to have access to “all” of the organization’s repositories.
4. Not request a scoped token at all, and instead request a standard installation token.

Any of these options will reduce the complexity of the token and allow the application to fetch tokens for that organization once again.

To learn more about GitHub App scoped token issuance and installation, see our documentation:

  • “Generating an installation access token for a GitHub App”
  • “Reviewing and modifying installed GitHub Apps”
  • REST API: “Create an installation access token for an app”
  • See more