GitHub

As of today, June 5, 2026, we have deprecated the following models across most GitHub Copilot experiences (including Copilot Chat, inline edits, ask and agent modes, and code completions). Note that GPT-5.2 is still available as part of Copilot code review.

Model

Deprecation date

Suggested alternative

GPT-5.2

2026-06-05

GPT-5.5

GPT-5.2-Codex

2026-06-05

GPT-5.3-Codex

Please update your workflows and integrations to use supported models. Copilot Enterprise administrators may need to enable access to alternative models through their model policies in Copilot settings. As an administrator, you can verify availability by checking your individual Copilot settings and confirming that the policy is enabled for the specific model. Once enabled, you’ll see the model in the Copilot Chat model selector in VS Code and on github.com. No action is required to remove the deprecated models.

GitHub Enterprise customers with questions or concerns are encouraged to reach out to their account manager for further assistance.

Share your feedback

To learn more about the models available in Copilot, see our documentation on models and get started with Copilot today.

Join the GitHub Community to share your feedback.

The post GPT-5.2 and GPT-5.2-Codex deprecated appeared first on The GitHub Blog.

CodeQL is the static analysis engine behind GitHub code scanning, which finds and remediates security issues in your code. We’ve recently released CodeQL 2.25.6, which adds Swift 6.3.2 support, completes full coverage for C# 14 and .NET 10, and improves sensitive data detection across multiple languages.

Language and framework support

Swift

• CodeQL now supports analysis of apps built with Swift 6.3.2.

C#

• We’ve completed full support for C# 14 and .NET 10. The extractor now supports all new language features, and the data flow library now includes generated models for the .NET 10 runtime.

Java/Kotlin

• We’ve added source and sink models for org.apache.avro.

C/C++

• We’ve added flow source models for scanf_s and related functions.

Query changes

GitHub Actions

• We’ve adjusted actions/untrusted-checkout/critical so alerts now appear at the checkout point, aligning it with related untrusted resource queries. Note that this change will cause alerts that were previously closed from this query to reopen.
• The actions/unpinned-tag query now recognizes 64-character SHA-256 commit hashes as properly pinned references in addition to 40-character SHA-1 hashes, which may reduce false positives.
• The analysis now recognizes more Bash regex checks that restrict values to alphanumeric characters, including patterns that check for SHA-1 or SHA-256 hashes, which may reduce false positives where command output is validated before use.

JavaScript/TypeScript, Python, Swift, and Rust

• We’ve improved the sensitive data heuristics used to identify code handling passwords and private data, allowing CodeQL to detect more variations of established patterns. Queries such as js/clear-text-logging, py/clear-text-logging-sensitive-data, swift/cleartext-logging, and rust/cleartext-logging may now find more correct results and fewer false positives.

For a full list of changes, please refer to the complete changelog for version 2.25.6. Every new version of CodeQL is automatically deployed to users of GitHub code scanning on github.com. The new functionality in CodeQL 2.25.6 will also be included in a future GitHub Enterprise Server (GHES) release. If you use an older version of GHES, you can manually upgrade your CodeQL version.

The post CodeQL 2.25.6 adds Swift 6.3.2 support and improves C# coverage appeared first on The GitHub Blog.

Last month we launched a public preview with Copilot CLI that allows enterprise administrators the ability to configure and distribute plugins to GitHub Copilot CLI users across their enterprise. VS Code release version 1.122 adds support for this enterprise-managed capability. The baseline standards you set for your enterprise apply to every user’s Copilot CLI and VS Code clients.

Plugins support many extensibility types and can be automatically installed, helping improve developer onboarding and reduce setup time by broadly sharing custom agents and skills. You can also strengthen your governance strategy by defining hooks and MCP configurations that are always enabled across your enterprise.

Define plugin marketplaces in a settings.json file located at .github-private/.github/copilot/settings.json. Now both VS Code and Copilot CLI will automatically pull and apply these settings for users licensed through your enterprise account with Copilot Business or Copilot Enterprise. You can also specify plugins to be automatically installed whenever users authenticate from VS Code or Copilot CLI.

To learn more, see our documentation on Enterprise managed client settings docs.

Join the discussion within GitHub Community.

The post Enterprise-managed plugins in VS Code in public preview appeared first on The GitHub Blog.

When a GitHub Actions job fails, Copilot Pro, Pro+, and Max subscribers can now ask Copilot cloud agent to fix it in one click.

Click the Fix with Copilot button on the workflow run logs page, and Copilot will investigate the failure, push a fix to your branch, and tag you for review when it’s done. It does all this from its own cloud-based development environment.

This means you can hand off simple but time-consuming work to Copilot (e.g., fixing tests or correcting linter failures) and stay focused on what you actually want to build.

To learn more, see “Starting GitHub Copilot sessions” in the GitHub docs.

The post Fix with Copilot for failing Actions now in Pro, Pro+, and Max appeared first on The GitHub Blog.

Copilot Pro, Pro+, and Max users can now programmatically start and track Copilot cloud agent tasks with the Agent tasks REST API, available in public preview.

Copilot cloud agent works in the background in its own development environment, where it can make and validate code changes, then open a pull request.

The API makes it easy to weave Copilot cloud agent into custom automations. For example, you could:

• Fan out refactors or migrations across many repositories from a simple script.
• Set up new repositories in one click from your company’s internal developer portal.
• Automatically prepare a new release each week, including release notes.

Once you’ve started a task, you can also track progress through the API. The API supports authentication with personal access tokens (classic and fine-grained) and OAuth tokens.

To learn more, head to the agent tasks REST API documentation.

The post Agent tasks REST API now available for Copilot Pro, Pro+, and Max appeared first on The GitHub Blog.

GitHub’s expanded billing APIs to programmatically manage budgets, track usage, and access cost center data are now generally available.

Manage budgets via APIs

You can now manage the full lifecycle of budgets via API. Previously, budgets could only be managed through the UI. Now, you can programmatically create, update, and delete budgets, as well as adjust the budget amount and alert notifications. There is currently a temporary limit of 50 budgets per account.

For more details, refer to our documentation on REST API endpoints for budgets.

Track usage with the new usage summary API

The new Usage summary API allows you to retrieve usage information for your entire account or filter by specific organizations, repositories, cost centers, products, or SKUs. Usage can be queried by year, month, or day.

For more details, refer to our documentation on the Usage summary REST API endpoint.

Additional improvements

• Cost center API improvement: The Get all cost centers for an enterprise API now includes an optional state parameter, which allows you to only get active cost centers by adding ?state=active when calling the endpoint.
• Usage report API changes: We’ve removed the hour parameter from the existing Usage report API and reduced the granularity of the response when using the day parameter to provide daily totals instead of hourly breakdowns. For more details, refer to our documentation on the Get billing usage report for an enterprise REST API endpoint.

Who can use these features

• Enterprise owners and billing managers on GitHub Enterprise plans
• Organization owners on GitHub Team plans
• Individuals on personal plans

Join the discussion within GitHub Community.

The post Budget and usage management APIs now generally available appeared first on The GitHub Blog.

The REST API for enterprise administrators to request and download billing usage reports in .csv format is now generally available. With this new capability, the same billing reports that are available in the UI can now be programmatically created.

For details on how to use the new endpoints and to provide feedback, refer to the GitHub Community discussion.

The post API access to billing usage reports now generally available appeared first on The GitHub Blog.

GitHub Copilot now supports larger context windows and configurable reasoning levels to help you tackle deeper, more complex work.

Leverage one-million-token context windows

A one-million-token context window means users can now work across larger codebases, longer documents, and complex multi-file projects without losing context. This capability is available now in VS Code, Copilot CLI, and the GitHub Copilot app, and is expanding to more surfaces soon.

Configurable reasoning levels

Configurable reasoning levels let you dial in the right balance of speed and depth and unlock extended thinking for your hardest architectural and debugging challenges. This capability is available in VS Code, Copilot CLI, and the GitHub Copilot app, and is expanding to more surfaces soon.

A note on AI credit consumption

Choosing a larger context window or higher reasoning level will consume more AI credits per interaction. We recommend using the default context window and reasoning level for everyday tasks, and reaching for extended context or higher reasoning when you’re tackling complex, multi-file problems.

Try it today

Select one of the supported models in VS Code, Copilot CLI or the GitHub Copilot app to try these new capabilities today. To get more information about either of these features, review our model documentation.

Join the discussion in GitHub Community.

The post Larger context windows and configurable reasoning levels for GitHub Copilot appeared first on The GitHub Blog.

May 2026 brought sharper tooling for planning, reviewing, and managing your work with GitHub Copilot in Visual Studio 2026.

Highlights

Here’s what’s new for all GitHub Copilot users in Visual Studio 2026. Check the Insiders channel for the latest:

• Plan before you build with the Plan agent: The new Plan agent (labeled Plan in the agent picker) lets you collaborate with Copilot on an implementation plan before any code is written. Copilot explores your codebase with read-only tools, asks clarifying questions, and drafts a detailed plan saved as a markdown file at .copilot/plans/plan-{title}.md. When you’re ready, click Implement plan to hand it off to Agent mode.
• View and manage agent skills: A new Skills panel in the chat window lists every agent skill discovered from your workspace and user profile. You can edit a skill, open its file location, or search across skills by name or keyword, all from a single place.
• Multi-file summary diff for Copilot changes: After Copilot edits multiple files, click Open change summary view in the working set to see all changes in one tab. Accept or undo at the all-files, per-file, or per-chunk level, with controls to collapse files or step through diff chunks.
• Manage context window usage: A new ring icon at the top right of the Copilot Chat prompt shows how much of the context window you’ve used. Click to see a detailed breakdown and use Summarize conversation to compact earlier turns and free up space.
• Add commit to Copilot Chat: Right-click a commit in Git History, File History, or the Annotate (Blame) view and attach it directly as context in Copilot Chat. Multi-select is supported, so you can attach several commits at once.
• Commit message instructions moved: Commit message custom instructions now live in your repository’s Copilot custom instructions file instead of the old GitHub > Copilot > Source Control Integration setting, keeping all Copilot guidance in one place.
• Improved optimizations for iterative C++ builds: When @BuildPerfCpp detects a regression in full rebuild analysis, it now reruns a comparable incremental build. This better reflects the day-to-day gains from optimizations such as precompiled headers and header refactoring, which can look slower in rebuilds.

Download Visual Studio 2026 to experience all the new Copilot features today. To learn more about what’s new, check out the Visual Studio blog and release notes.

What’s next for Copilot in Visual Studio

Stay up to date on the latest Copilot features by following the Visual Studio blog, where you’ll find roadmap updates and opportunities to share feedback.

For the latest news, release notes, videos, and community conversations, visit the Visual Studio Hub, your central resource for all things Visual Studio.

The post GitHub Copilot in Visual Studio — May update appeared first on The GitHub Blog.

Enterprise Teams is now generally available on GitHub Enterprise Cloud. First announced in public preview last September, enterprise teams let enterprise admins define a group of users once at the enterprise account and assign that group to roles across every organization in the enterprise. There’s no longer a need to recreate or reconcile the same team in each org.

What this unlocks

• Route pull request reviews to the same SRE or security team across 50+ orgs without maintaining 50 copies of the team.
• Grant break-glass ruleset bypass to a platform team once, and have it applied to every repository they touch.
• Let your identity provider drive enterprise team membership end-to-end, with changes automatically flowing through to org-level permissions.
• Automate team lifecycle via GitHub Apps without relying on a single admin’s PAT.

What’s new since public preview

You can now:

• Scale to production limits, up to 2,500 teams per enterprise and 5,000 members per team. This is validated across your enterprise’s organizations.
• @mention enterprise teams in pull requests, issues, or discussions, and members get notified just like with organization teams.
• Request enterprise teams as pull request reviewers across every org they’re assigned to.
• Select enterprise teams as bypass actors when you configure repository rulesets.
• Drive enterprise team membership from your identity provider (e.g., Entra ID, Okta) via SCIM for Enterprise Managed Users.
• Discover enterprise and organization teams from a unified API view, so automation tools no longer have to query separate endpoints to assemble a full team picture.
• Manage enterprise teams programmatically with GitHub Apps and fine-grained personal access tokens using the new enterprise teams permission.
• Audit every change. Team CRUD actions, membership changes, role assignments, and ruleset bypass events are all captured in your enterprise audit log.

Get started

From your enterprise account, open the People tab, select Enterprise teams in the sidebar, and click Create enterprise team.

To learn more, see Creating enterprise teams and the Enterprise Teams REST API.

If you have feedback about these new features, join us on this discussion.

The post Enterprise Teams is now generally available appeared first on The GitHub Blog.

GitHub Copilot Chat now provides richer context and new capabilities when you’re working with diffs and pull requests on github.com. This feature was previously in public preview and is now generally available to anyone with a Copilot license.

Video

Code and chat are side-by-side

You can view your conversation directly alongside your conversation with Copilot. This allows for comments and inline edits without needing to toggle between the pull request and your chat window.

Chat pulls in context faster

This experience is powered by new abilities for pull request understanding, review, and summary. These abilities add relevant pull request and repository context to chat any time you ask about a diff or pull request. We’ve improved the performance of this feature so you get quality answers to your questions faster.

Try it out

You can access this functionality by clicking the Ask about this diff button on the top of each diff, the Copilot button in the top navigation bar, or by highlighting the line of code you want to ask about and navigating to Copilot in the dropdown.

The post Copilot Chat brings richer context to pull requests appeared first on The GitHub Blog.

VS Code continues with weekly stable releases. This changelog covers releases v1.120 through v1.123, the releases we shipped throughout May and early June 2026.

In May, we made the Agents window available in VS Code Stable as a preview, giving users an agent-first experience focused on completing tasks rather than editing code. We also improved support for remotely controlling longer-running, more complex agent sessions.

VS Code supports bring-your-own-key (BYOK) models, letting you use your own language model API keys. This month, we expanded BYOK to air-gapped environments and added controls to specify which models handle utility tasks like commit message generation.

Agents window

• Agents window in Stable (preview): Work agent-first across multiple projects with a dedicated surface for faster navigation and change review.
• Remote agents (preview): Run sessions on remote machines over SSH or Dev Tunnels, with sessions continuing even when the client disconnects.
• Agent Host Protocol (AHP): Continued investment in an open protocol for synchronizing agent session state across multiple clients.
• Session preferences persist in new sessions: New sessions keep your recent choices, including agent harness and isolation mode.
• Sessions and Git flow improvements: New sessions can pull base branch updates before the agent starts edits, the Agents window refreshes Git state automatically after commits, syncs, and related operations, and agents can trigger tasks on remote machines.
• Session sync: Chat sessions now sync automatically to your GitHub account, giving you a searchable history of your work across machines and workspaces.
• Chronicle: Use /chronicle commands to query past sessions, generate standup reports, and get personalized productivity tips.
• Multiple sessions side-by-side: Open more than one agent session at the same time in the Agents window. Drag, Alt-click, or use Open to the Side to compare or review work in parallel.
• Retry network-dependent commands in sandbox: Terminal commands that require network access are automatically retried with broader network permissions, while keeping filesystem protections in place.

Language models and BYOK

• Air-gapped BYOK: Bring-your-own-key models can run in isolated environments without GitHub authentication.
• Custom Endpoint provider: Add endpoints compatible with chat completions, responses, or messages from one provider flow.
• Model picker by provider: Find and switch models more easily in multi-provider environments.
• BYOK token visibility: The context window now reports real token usage for bring-your-own-key models.
• Reasoning effort controls: Configure thinking effort directly from the model picker to balance quality, latency, and cost.
• Configurable utility models: Choose which models handle titles, summaries, rename suggestions, commit messages, and intent detection.

Terminal safety and efficiency

• Expanded terminal output compression: More verbose output patterns from tests, builds, linters, Docker, and package managers are compressed before reaching the model to optimize token usage and help reduce costs.
• Command risk assessment (experimental): Terminal confirmations include AI-generated risk levels and short safety explanations.
• Sensitive prompts stay in terminal: Passwords, passphrases, PINs, and verification codes are entered directly in the terminal and are not shared with the LLM.
• Better background command UX: There are now clearer running-state indicators in chat, plus automatic cleanup of completed background agent terminals to help save resources on your machine and keep things more manageable.
• Agent-aware terminal commands: The VSCODE_AGENT environment variable lets CLIs adapt behavior for agent-initiated commands.

Also new

• Integrated browser: Adds device emulation to test your website’s responsiveness. New screenshot options let you capture the viewport, a selected area, or the full page and attach any of them as chat context to help reproduce and explain UI issues. You can also save favorite pages for quick access alongside open tabs.
• HTML file preview: Preview local HTML files directly in the integrated browser without installing an extension. Right-click a file in the Explorer or editor tab and select Open in Integrated Browser.
• Search only in changed files: There’s a new search panel toggle that can scope results to locally modified, uncommitted files.
• Markdown preview improvements: Mermaid diagram rendering and YAML front matter display are now built in, without requiring separate extensions. You can also view Markdown diffs as rendered preview instead of raw source when opening files from Source Control.
• Quick suggestions default tuning: Experience reduced noise when inline completions are available.
• Issue reporter wizard: New issue filing flow with support for screenshots and video recordings.
• Accessibility and UX updates: Ongoing improvements across editor surfaces.

Happy coding!

Join the discussion within GitHub Community.

The post GitHub Copilot in Visual Studio Code, May releases appeared first on The GitHub Blog.

We have deprecated GPT-4.1 across all GitHub Copilot experiences (including Copilot Chat, inline edits, ask and agent modes, and code completions), June 1, 2026.

Model

Deprecation date

Suggested alternative

GPT-4.1

2026-06-01

GPT-5.5

Please update your workflows and integrations to use supported model. Copilot Enterprise administrators may need to enable access to the alternative model through their model policies in Copilot settings. As an administrator, you can verify availability by checking your individual Copilot settings and confirming that the policy is enabled for the specific model. Once enabled, you’ll see the model in the Copilot Chat model selector in VS Code and on github.com. No action is required to remove the deprecated model.

GitHub Enterprise customers with questions or concerns are encouraged to reach out to their account manager for further assistance.

Share your feedback

To learn more about the models available in Copilot, see our documentation on models and get started with Copilot today.

Join the GitHub Community to share your feedback.

The post GPT-4.1 deprecated appeared first on The GitHub Blog.

The GitHub Copilot app technical preview is now available to all existing Copilot Pro, Pro+, Business, and Enterprise customers. Download the Copilot app for Windows, macOS, or Linux to get started.

Copilot Free users and customers not yet on Copilot can join the waitlist to be notified when broader access becomes available. Existing Pro+ customers can upgrade to the new Copilot Max plan for greater included usage.

This release is also where the app’s center of gravity shifts. As agents do more per session, the work that falls to you changes into managing their output: reading chat transcripts, hunting for the diff that matters, and repeating yourself to course-correct. The headline addition in this release, canvases, is our answer to that shift. Canvases give agent work a place to take shape, become visible, and get verified. All this happens alongside the chat where you steer it.

A quick recap

The Copilot app is the desktop home for agent-native software development on GitHub. In one app you can:

• Start a session from an issue, pull request, prompt, or prior session, across all your connected repositories from a single My work view.
• Run parallel agent sessions, each on its own git worktree and branch, with isolated files, conversation, and task state.
• Start from any local folder, not just a git repository, and use it as context for new agent sessions, prototypes, explorations, or workflows.
• Review the plan and diff, then validate behavior in an integrated terminal and browser.
• Open a pull request that uses your team’s existing reviews, checks, and merge requirements, and let Agent Merge address review comments, fix failing checks, and merge when your conditions are met.
• Choose the model behind each session, connect external tools via MCP servers, and package recurring work as reusable skills and scheduled automations.

What’s new in this release

🎨 Canvases

Canvases are bidirectional work surfaces for humans and agents. The agent updates the canvas as it works, and you can edit, reorder, approve, or redirect work directly on that same surface.

This is the beginning of agent experience (AX) in the Copilot app: interfaces designed not only for people to use, but for people and agents to operate together. The agent session remains where you instruct, discuss, and reason through ambiguity. Canvases are where that intent becomes visible work you can inspect, steer, and verify.

A canvas is a structured, interactive surface over a work object. That work object might be a plan, pull request, browser session, terminal, release checklist, migration board, incident, spreadsheet, dashboard, cloud console, or workflow state. The canvas does not replace the conversation. It gives the conversation somewhere to land.

Three participants share a canvas:

• Users inspect state, steer direction, make edits, and verify progress.
• Agents read canvas state, take structured actions, update the surface, and use it as evidence of completion.
• The app connects the canvas to the underlying artifact or runtime and enforces what actions are allowed.

That loop makes agentic work more grounded, more steerable, more inspectable, and more continuous. Progress is no longer buried in a transcript. It is visible as changes to the work object itself.

More in this release

• Voice conversations: Talk to Copilot using on-device speech-to-text, so no audio leaves your machine. This is the same approach we shipped in Copilot CLI.
• Cloud sessions: Run an agent session in the cloud directly from the app, the same capability behind copilot --cloud, now in the app UI.
• Cloud automations: Schedule an automation to run in the cloud, so recurring work doesn’t depend on your machine being awake.
• Copilot CLI sessions in the app: Sessions started in Copilot CLI now appear in your My work view, so both surfaces share one source of truth.
• Agentic browsing: The agent can now drive the integrated browser (e.g., click, type, take screenshots) to verify its own UI changes end to end.
• Rubber duck: A built-in skill that talks through a problem with you before you commit to an approach. Useful for the moments when the issue is your thinking, not your code.
• /chronicle: Query data from any of your Copilot agent sessions, including ones you started outside the app. Useful when you need something from a session that isn’t in front of you.

Get started today

Download the Copilot app to start your first agent session.

Read the docs to get started quickly.

Join the discussion within GitHub Community.

The post Expanded technical preview availability for the GitHub Copilot app appeared first on The GitHub Blog.

The GitHub Copilot SDK is now generally available. You can embed GitHub Copilot’s agentic engine into your own applications, services, and developer tools with a stable API and production-ready support.

The Copilot SDK gives you direct, programmatic access to the same agent runtime behind GitHub Copilot—planning, tool invocation, file edits, streaming, and multi-turn sessions, so you don’t have to build your own orchestration layer.

Since entering public preview, the SDK has been used to build everything from CI/CD assistants and internal developer tools to customer-facing AI features.

Available in six languages

• Node.js / TypeScript: npm install @github/copilot-sdk
• Python: pip install github-copilot-sdk
• Go: go get github.com/github/copilot-sdk/go
• .NET: dotnet add package GitHub.Copilot.SDK
• Rust: cargo add github-copilot-sdk — new at General Availability
• Java: Available via Maven and Gradle. — new at General Availability

Key capabilities

• Custom tools and MCP: Register tools the agent can invoke autonomously, connect to Model Context Protocol (MCP) servers, or override built-in tools like grep and edit_file.
• Fine-grained system prompt customization: Edit individual sections of the Copilot system prompt (e.g., identity, tone, tool instructions, and safety rules) without rewriting it from scratch.
• OpenTelemetry tracing: W3C trace context propagation across CLI startup, JSON-RPC calls, session operations, and tool execution.
• Flexible authentication: GitHub OAuth, GitHub Apps, environment tokens, and BYOK for OpenAI, Microsoft Foundry, Anthropic, and other providers.
• Cloud and remote sessions: Create cloud-backed sessions with repository metadata or enable remote session URLs on demand.
• Hook system: Intercept agent behavior at pre/post tool use, session start, MCP tool calls, and permission requests.

What’s new since public preview

• A new Rust SDK that bundles the Copilot CLI binary by default.
• The SDK now offers better support for multi-client workflows, so different clients can contribute tools and permissions to the same session.
• Slash commands and interactive input prompts are now available across all SDKs.
• The API surface is now stable and production-ready after coordinated cleanup based on preview feedback.
• Improved diagnostics for debugging slow or failing connections.

Pricing and availability

The GitHub Copilot SDK is available to all existing GitHub Copilot subscribers, including Copilot Free for personal use, and to non-Copilot users via BYOK.

Get started

• Read the Getting Started Guide to build your first Copilot-powered app.
• Browse the cookbook for practical recipes across all languages.
• Explore the documentation for setup, authentication, and feature walkthroughs.

The post Copilot SDK is now generally available appeared first on The GitHub Blog.

GitHub Copilot CLI is getting a major refresh at Microsoft Build 2026. Rubber duck, prompt scheduling, and voice input are generally available today, and a new experimental terminal interface—including tabs for working with issues, pull requests, and gists—is available to try via /experimental.

A new terminal experience (experimental)

We’re previewing a redesigned terminal interface for Copilot CLI. You get a cleaner layout, theme-aware semantic colors, and responsive components that adapt to narrow terminals without truncating the things you need to read.

The biggest visible change is the introduction of tabs. When you use the CLI in a GitHub repository, you can press Tab to switch between the default Session view, tabs for the repository’s Issues and Pull requests, and a tab for your personal Gists. This lets you view issues, pull requests, and gists without leaving Copilot CLI.

The redesign also makes Copilot CLI more accessible:

• Pick from new color modes (e.g., default, github, dim, high-contrast, and colorblind) to match your terminal and your eyes.
• Screen reader support is on by default when a screen reader is detected, with labeled icons and animations that automatically disable.
• Dialogs, tables, lists, and headings render consistently across every screen in the CLI.

The new terminal experience is available in /experimental mode. Run /experimental on to opt in. The new experience is still evolving, and we’d love your feedback as we move toward general availability.

Get a second opinion with rubber duck

Rubber duck is a built-in CLI agent that acts as a constructive critic. While working on a task, the main CLI agent for a session can pass its current plan, design, implementation, or tests over to the rubber duck agent for review. The rubber duck agent looks for blind spots, design flaws, and substantive issues, and reports back with concrete, actionable feedback. Copilot then takes that critique into account before continuing.

For some tasks, two heads are better than one, and the CLI decides when getting a second opinion may be beneficial.

Read more about rubber duck.

Schedule prompts with /every and /after

The new /every and /after slash commands let you schedule a prompt or skill within the current CLI session.

Use /every to schedule a prompt to run repeatedly at the specified interval:

• /every 30m run the frontend tests
• /every 1h how many tokens have I used during the past hour

Use /after to schedule a prompt to run just once, after the specified interval:

• /after 2h /example-skills:docx create a new file summarizing recent changes to this repo

Run /every or /after with no arguments to open the schedule manager, where you can see active schedules and delete any you no longer want to run.

Talk to Copilot

Video

Copilot CLI now includes hands-free dictation. Hold the space bar on your keyboard and talk to input a prompt. Alternatively, press Ctrl+X followed by V to start recording, speak your prompt, then press any key to stop recording and insert the transcription.

Voice input runs locally, so all audio you record stays on your machine. The first time you enable voice input, the CLI guides you through downloading the runtime and picking a speech-to-text model.

Update and share feedback

Update GitHub Copilot CLI by running copilot update in your terminal. We’d love to hear what you think—share feedback with the /feedback command in a CLI session or open an issue in our public repository.

The post Copilot CLI: Improved UI, rubber duck, prompt scheduling, and voice input appeared first on The GitHub Blog.

GitHub Copilot can now run inside secure, isolated sandboxes, both locally on your machine and in the cloud. Sandboxed Copilot experiences provide isolated environments for Copilot’s tool execution locally as well as fully isolated cloud sandboxes hosted by GitHub.

This gives Copilot a safe place to interact with your code, tools, filesystem, and network, all within the policies you define, so developers and enterprises can adopt agentic workflows without giving up isolation or control.

Why it matters for agentic development

Copilot is evolving from an in-editor assistant into an agentic coding partner that runs tools, executes commands, and modifies files on a developer’s behalf. As Copilot takes more actions, developers and enterprises need stronger guarantees around security, isolation, and control.

Agentic development is interactive, stateful, and parallel, and it needs an execution layer built for that reality. Cloud and local sandboxes for GitHub Copilot provide that layer natively, with consistent identity, governance, and policy controls built in. As AI agents become a larger part of the software development lifecycle, secure execution environments become foundational infrastructure, and sandboxes provide that layer for Copilot.

Local sandboxes for GitHub Copilot

Inside any Copilot session, enable sandboxing with /sandbox enable. Shell command execution initiated by Copilot for that session runs with restricted access to your filesystem, network, and system capabilities, so you can experiment with agentic workflows while staying in control of what Copilot can touch on your machine. Local sandboxing is built on Microsoft MXC technology for a consistent isolation experience across macOS, Linux, and Windows. Enterprise teams can also centrally configure and enforce local sandbox policies through Microsoft Intune and other MDM platforms. Local sandboxes are included in the standard GitHub Copilot seat.

This release focuses on isolating shell command execution initiated by Copilot, laying the foundation for broader CLI-level isolation as agentic workflows mature.

Key use cases developers and teams can unlock

• Safely run agent-generated code on your machine through isolated tool execution, without giving Copilot unrestricted access to the filesystem, network, or system.
• Standardize isolation across macOS, Linux, and Windows with a consistent sandboxing experience built on Microsoft MXC.
• Apply enterprise policy to local Copilot execution by centrally configuring and enforcing sandbox policies through Microsoft Intune and other MDM platforms.

Cloud sandboxes for GitHub Copilot

Launch a fully isolated, ephemeral Linux sandbox hosted by GitHub directly from Copilot with copilot --cloud. Each session inherits your existing Copilot cloud agent policies, so the security controls your org already trusts apply on day one with no additional setup.

Key use cases developers and teams can unlock

• Run Copilot tasks in fully isolated cloud environments for stronger security boundaries around agent execution.
• Continue Copilot sessions across devices, picking up where they left off regardless of where a session was started.
• Offload compute-intensive workflows and run multiple Copilot tasks in parallel without consuming local resources.

Get started

To get started, read the docs for sandboxes for GitHub Copilot in local environments and cloud environments, see pricing for sandboxes for GitHub Copilot in cloud environments, or join the discussion in the GitHub Community. Learn more at our Microsoft Build demo session.

The post Cloud and local sandboxes for GitHub Copilot now in public preview appeared first on The GitHub Blog.

Copilot code review adapts to your team’s tools and standards and scales its depth to the complexity of each change. Today we’re shipping two public previews:

• Agent skills and MCP support that bring your organization’s context into every review
• A new medium analysis tier that routes complex pull requests to a higher-reasoning model

Bring your tools and standards into every review with skills and MCP

A lot of what reviewers need to know lives in other tools, not in the diff itself. Agent skills and MCP bring that context into Copilot’s reviews, ensuring that reviews don’t stall on questions already answered elsewhere. This means senior engineers stop being the bottleneck for consistency across repositories.

• Custom agent skills invoke your team’s internal tools and standards during a review, extending Copilot beyond its built-in analysis.
• MCP server connections, once configured, pull context directly into the review from the third-party platforms and internal systems your team already uses, including issue tracking, documentation, service catalogs, and incident tooling.
• Configurable Actions workflows give you control over the compute and environment Copilot uses for review.
• Shared configuration across review and cloud agent means platform teams invest once and get consistent behavior across both agents.

Match review depth to complexity with the new medium analysis tier

Review depth should scale with the complexity of the change. The new Medium tier routes pull requests to a higher-reasoning model purpose-built for deeper analysis of complex logic, security-sensitive code, and cross-service changes. Low remains a fast, cost-efficient default for straightforward work like docs and small repositories. This enables you to invest compute where it matters most and conserve it everywhere else.

• Admins set Low or Medium per repository to align review intensity with code complexity and business value.
• Medium delivers more actionable comments with fewer false positives and catches subtle bugs lighter reviews miss.
• Medium consumes more AI Credits than Low, with clear cost signals so admins can manage spend under usage-based billing.

Getting started

These features are available in public preview for existing Copilot Pro, Pro+, Business, and Enterprise users. Copilot code review can also be enabled for non-Copilot users via Direct Org Billing.

Setting up MCP servers for Copilot code review

1. Add your desired JSON MCP configuration under repository settings → Copilot → MCP servers.
2. Store your token required for MCP authentication under repository settings → Secrets and variables → Agents.

Note: Any existing MCP configurations for Copilot cloud agent will now apply to Copilot code review automatically.

Read the docs to find examples of common MCP configurations you can get started with.

Setting up agent skills for Copilot code review

1. If one does not exist within your repository, create a .github/skills directory.
2. Under .github/skills, create a code-review or similarly named directory to ensure that Copilot code review will read and utilize the skill.
3. Create a SKILL.md file containing the relevant context and instructions you want Copilot code review to utilize.

Note: Existing agent skills within the .github/skills directory will automatically be available to use by Copilot code review if relevant to the review.

For more information, read our docs on agent skills.

View and change your review tier

1. Navigate to repository settings → Copilot → Code review → Review effort level.
2. Select your desired review depth in the dropdown.

For more details, read our docs on medium tier reviews.

Join the discussion within GitHub Community.

The post Shape Copilot code review around your team appeared first on The GitHub Blog.

GitHub Copilot code review for Azure Repos is now available in technical preview, bringing on demand pull request reviews directly into your Azure DevOps workflow.

How it works

Once enabled at both the organization and repository level, users can request a Copilot code review directly from a pull request in Azure Repos. Copilot adds review comments inline with the code changes, suggests improvements when appropriate, and helps identify potential issues earlier in the development process—all without leaving Azure DevOps.

Who can use this feature

Copilot code review for Azure Repos is available to all Azure DevOps customers who sign up for the technical preview. No GitHub Copilot license is required to use the feature.

Billing

• Usage bills as GitHub AI credits
• Usage doesn’t draw down included AI credits from existing GitHub Copilot plans
• Billing starts on June 2, 2026
• This is preview billing and pricing may change at general availability

Key benefits

• Catch issues earlier with on demand pull request reviews inside Azure Repos
• Keep your team in their existing Azure DevOps workflow
• Get started without provisioning GitHub Copilot licenses for your developers
• Pay only for what you use through GitHub AI credits

Learn more about Copilot code reviews.

The post GitHub Copilot code review for Azure Repos is now in technical preview appeared first on The GitHub Blog.

Agent apps are AI agents from GitHub partners, installable from the GitHub Marketplace, and integrated directly into GitHub.

You install an agent app just like any other GitHub App from the Marketplace. Once it’s installed and enabled by an administrator, the agent becomes available inside your GitHub workflows, with three entry points:

• Assign an issue to the agent
• @mention the agent in a pull request comment
• Select the agent in the Agents UI and give it a prompt

The first wave of agent apps is available today from:

• Amplitude
• Bright Security
• Endor Labs
• LaunchDarkly
• Miro
• Sonar
• PagerDuty
• Packfiles
• Octopus Deploy

Over the coming months, we’ll open up access to allow anyone to build agent apps, whether you’re a developer tools provider or just building an internal tool for your team.

If you’re a partner interested in building your own agent app, you can join the waitlist to get access.

To learn more, see “About agent apps” in the GitHub Docs.

Join the discussion within GitHub Community.

The post Extend GitHub with agent apps appeared first on The GitHub Blog.