Copilot Chat on github.com now supports organization custom instructions! This feature allows Copilot Enterprise customers to set default instructions for all users in their organization, ensuring a consistent experience across teams.
Getting started
Navigate to your organization settings on github.com.
Select the Copilot tab.
Click Custom Instructions in the left sidebar.
Add your custom instructions in the provided text box.
That’s it! Copilot will now apply custom instructions to all chats by members of your organization.
Looking for inspiration? 💡
Here are some suggestions to get you started.
Set consistent standards: For questions related to security, always redirect to #ask-security on Slack.
Establish information architecture: Always refer to the Primer Knowledge Base when answering questions about frontend theming and components.
Steer response style: Never include code blocks in responses.
✕
Wait! Don't Go Yet 🚀
Get our FREE eBook "10 Programming Tips That Changed Everything" when you subscribe!
MAI-DS-R1 is an updated version of DeepSeek-R1, refined by Microsoft AI. It handles complex queries more effectively, works across multiple languages, and provides access to previously restricted information. The model maintains the reasoning strengths of the original while improving reliability.
Sharing a Copilot Chat used to mean screenshots and copy-paste. Now it’s as easy as sending a link. Shared conversations are now available in public preview.
Sharing Copilot Chats makes it easier to:
🕵 Troubleshoot with teammates—like this chat digging into a React onClick issue.
🧠 Showcase learning workflows with a friend. Here’s an example walking through Python interview prep, step by step.
🤗 Drop useful insights into a pull request review or team chat—like this example that clears up an open team debate.
🎬️ Demo cool Copilot tricks on social—like this one where Copilot asks smart follow-up questions before jumping in.
How sharing works
Start a conversation. Once you enter your first prompt, the Share button will appear.
Click Share and copy the generated link. Anyone with the link can view the conversation.
If the chat includes private repository content or other restricted GitHub data, viewers will need the appropriate permissions to see it.
As the conversation continues, recipients will see new messages appear in real time.
You can unshare a conversation at any time to revoke access.
Who can use it
Shared conversations are currently in public preview for individual users (not members of organizations or enterprises). We’re actively working on expanding access to all Copilot users soon.
Codespaces will be undergoing global maintenance from 16:30 UTC on Monday, April 21 to 16:30 UTC on Tuesday, April 22. Maintenance will begin in our Europe, Asia, and Australia regions. Once it is complete, maintenance will start in our US regions. Each batch of regions will take approximately three to four hours to complete.
During this time period, users may experience intermittent connectivity issues when creating new Codespaces or accessing existing ones.
To avoid disruptions, ensure that any uncommitted changes are committed and pushed before the maintenance starts. Codespaces with uncommitted changes will remain accessible as usual after the maintenance is complete.
✕
Wait! Don't Go Yet 🚀
Get our FREE eBook "10 Programming Tips That Changed Everything" when you subscribe!
Introducing AI-powered commit message generation with Copilot—available in the latest GitHub Desktop Beta. With a click of a new button in the commit message box, get your changes to upstream with speed, confidence, and an AI-crafted summary.
Copilot commit message generation is available to Copilot Free and all paid Copilot subscribers. Organizations and enterprises can enable it through the “Copilot in GitHub Desktop” policy.
Try it out today—download the GitHub Desktop v3.4.19-beta3 and see how Copilot can supercharge your commit process. Tell us what you think in the GitHub Desktop open source repo.
✕
Wait! Don't Go Yet 🚀
Get our FREE eBook "10 Programming Tips That Changed Everything" when you subscribe!
The latest AI models from Cohere, Command A and Embed 4, are now available on GitHub Models.
Command A is a multilingual model designed for business-critical applications like retrieval-augmented generation (RAG) and agentic tasks. It excels at supporting knowledge assistants, improving demand forecasting, and optimizing eCommerce search.
Embed 4 is a multilingual model that transforms text, images, and mixed formats into unified vector representations. It is well-suited for processing high-resolution images and extracting key details from files like PDFs, slides, and tables.
Try, compare, and implement Command A in your code for free in the playground. Both Command A and Embed 4 are also available through the GitHub API for seamless integration into your applications.
Mistral Large is now deprecated in GitHub Models. Please transition to Mistral Large 24.11 to continue using the improved version with enhanced features.
OpenAI’s latest reasoning models, o3 and o4-mini, are now available in GitHub Copilot and GitHub Models bringing next-generation problem-solving, structured reasoning, and coding intelligence directly into your development workflow.
These models represent a major leap forward in capability and efficiency:
o3 is the most capable reasoning model in the o-series, ideal for deep coding workflows and complex technical problem solving.
o4-mini is the most efficient model in the series, combining low latency with high-quality output, full tools support, and multimodal inputs.
Both models are optimized for real-world development and support advanced features like function calling, structured outputs, and long-context handling (up to 200K tokens). Whether you’re building agentic tools, analyzing contracts, writing algorithms, or debugging across multiple layers, these models are designed to help you move faster with more accuracy and insight.
Availability in GitHub Copilot
o4-mini is now rolling out across all GitHub Copilot plans and o3 is available to Enterprise and Pro+ plans. You can access them through the model picker in Visual Studio Code and in GitHub Copilot Chat on github.com. To accelerate your workflow, whether you’re debugging, refactoring, modernizing, testing, or just getting started, select “o3” or “o4-mini” to begin using a new model. Stay tuned for updates on additional availability.
Enabling access
Copilot Enterprise administrators will need to enable access to these models through a new policy in Copilot settings. As an administrator, you can verify availability by checking your individual Copilot settings and confirming that policy is set to enabled for the specific model. Once enabled, you’ll see the model in the Copilot Chat model selector in VS Code and on github.com.
Both o3 and o4-mini will also be available through GitHub Models, enabling developers to experiment, build, and deploy AI-powered features faster than ever. In the GitHub Models playground, you can experiment with sample prompts, refine your ideas, and iterate as you build. You can also try them alongside other models, including those from Cohere, DeepSeek, Meta, and Microsoft.
You now have more choices when chatting with Copilot about images in VS Code, Visual Studio, and on the immersive mode on github.com. Starting today, you can use the vision capability with the Claude Sonnet 3.5, Claude Sonnet 3.7, Gemini 2.0 Flash, Gemini 2.5 Pro, and GPT-4o models.
Some ideas to get you started:
Add screenshots of errors with Copilot to have it interpret the image and suggest solutions for the issue.
Share mockups of new designs, and Vision will help you bring them to life.
Ask questions about architecture diagrams.
Currently, the supported image types are JPEG/JPG, PNG, GIF, and WEBP.
When using Vision on VS Code and Visual Studio, make sure you have the Copilot Editor Preview Features policy enabled to get access. On github.com, get started simply by selecting a Claude or Gemini model from the model picker.
When CodeQL scans repositories with Java and/or C# code that depend on packages in private registries—but don’t include those registry addresses in their Maven, Gradle, or NuGet configuration files—the analysis now uses private registry addresses configured at the organization level. This makes it even easier to roll out CodeQL’s Java and C# analysis at scale.
Last year we enabled CodeQL build-mode: nonescans to access private dependencies stored in private registries (e.g. Artifactory) for Java and C# projects. This required the addresses of the private registry to be defined in the project configuration. With this change, projects that relied on configurations defined in the build systems or locations external to the project will be able to use private registries.
This makes your scans more comprehensive, ensuring you receive all important alerts regardless of where your dependencies are stored.
This officially marks the end of the preview phase for CodeQL Java/C# private registry support; this feature is now generally available on GitHub.com. It will also roll out with GitHub Enterprise server version 3.18.
✕
Wait! Don't Go Yet 🚀
Get our FREE eBook "10 Programming Tips That Changed Everything" when you subscribe!
GitHub Copilot Chat is now generally available for Eclipse! If you’re an Eclipse user, you can take advantage of AI-powered assistance with both code completions and in-editor chat assistance today.
Key features of GitHub Copilot Chat for Eclipse
Chat view: Ask Copilot for help with coding tasks directly in the chat view. To learn more about this, see our documentation.
Model Selector for Chat: GitHub Copilot allows you to change the model during a chat. To learn more about this, see our documentation.
Slash commands: Use quick commands, like /explain for code explanations.
Reference code: Scope chats to specific files for more relevant assistance.
ABAP Enablement: GitHub Copilot for Eclipse has introduced enablement for ABAP, allowing users to leverage Copilot’s capabilities while working with ABAP code. GitHub Copilot for Eclipse uses the currently available models described in the documentation, without any specific fine-tuning for ABAP.
Try it out
To access GitHub Copilot Chat for Eclipse, you’ll need a Copilot license.
We’re introducing new controls for automation workflows, enhancing security and flexibility for teams. Additionally, we’ve released updates to Actions runner controller designed to improve performance, customization, and compatibility with evolving deployment strategies. As part of our commitment to maintaining up-to-date infrastructure, we’re retiring older images and encouraging users to transition to newer, more efficient options.
Copilot events not automatically triggering GitHub Actions workflows is in public preview
Copilot authored events will no longer automatically trigger GitHub Actions workflows – administrators will now need to approve these workflows to run.
The approval mechanism is the same as approving runs from forks. This means that a run requiring approval will be given the action_required conclusion before any jobs are started. Users with write access in the UI or actions:write fine-grained access through the API can approve any action_required run. Any triggered workflow runs associated with the same PR in the action_required state will show up in the PR merge box for approval.
If a run is not approved after 30 days, it will be deleted.
We’re beginning the process of closing down the Windows server 2019 hosted runner image, following our N-1 OS support policy. This image will be fully retired by June 30, 2025. We recommend updating workflows use windows-2022 or windows-2025.
To raise awareness of the upcoming removal, we’ll temporarily fail jobs using the windows-2019 label starting in June 2025. The brownouts will occur on the following dates and times:
June 3 13:00 – 21:00 UTC
June 10 13:00-21:00 UTC
June 17 13:00-21:00 UTC
June 24 13:00-21:00 UTC
Actions runner controller release 0.11.0
The latest ARC release (0.11.0) includes two major product enhancements and numerous quality-of-life improvements.
Customers can now set custom annotations and resources, enabling them to use deployment methods like ArgoCD and Helm.
In addition, ARC customers experienced performance issues due to high cardinality metrics, particularly around labels such as runner name, ID, job workflow ref, and others. This significantly impacted resource consumption in Prometheus instances. With this release, customers can now configure metrics, enabling them to choose elements relevant to their reporting strategy.
All included changes in this release can be found in the release notes.
Updates to the network allow list for Azure private networking
GitHub previously reported the network communication requirements for Azure private networks as they relate to the upcoming release of immutable actions. Please use the IPs listed in the NSG template within our documentation, as previous changelog communications contained overlapping CIDR ranges.
✕
Wait! Don't Go Yet 🚀
Get our FREE eBook "10 Programming Tips That Changed Everything" when you subscribe!
CodeQL version 2.21.0 has been released and includes TypeScript 5.8 support, a new Java query to detect exposed Spring Boot actuators, and support for new JavaScript libraries.
TypeScript 5.8 support
CodeQL can now analyze code written in TypeScript version 5.8, helping you find and automatically remediate security issues in the latest TypeScript projects, all without additional configuration.
Improved Java analysis
The community-contributed query java/spring-boot-exposed-actuators by @ggolawski has been promoted out of experimental status and is now included in the default code scanning query pack. This query helps you identify publicly accessible Spring Boot actuators, preventing unintended information disclosure.
Expanded JavaScript framework coverage
We’ve extended our JavaScript analysis to include popular modern frameworks and libraries:
Apollo Server: Added support for analyzing data coming from GraphQL when using @apollo/server.
React Relay: Added analysis support for React applications using the react-relay library.
SAP ecosystem: Added CodeQL support for analysis of SAP packages, including @sap/hana-client, @sap/hdbext, and hdb.
TanStack: Added support for analyzing applications using the @tanstack/angular-query-experimental package.
For a full list of changes, please refer to the complete changelog for version 2.21.0. Every new version of CodeQL is automatically deployed to users of GitHub code scanning on github.com. The new functionality in CodeQL 2.21.0 will also be included in GitHub Enterprise Server (GHES) version 3.18. If you use an older version of GHES, you can manually upgrade your CodeQL version.
✕
Wait! Don't Go Yet 🚀
Get our FREE eBook "10 Programming Tips That Changed Everything" when you subscribe!
On May 18, 2025, we’re deprecating the automatic watching of repositories and teams. We’re making this change in order to:
Reduce notification noise: You’ll receive fewer unexpected notifications, especially when joining large organizations with many repositories.
Improve efficiency: You’ll be able to focus on the notifications that matter most, without unnecessary subscriptions.
Minimize confusion: You won’t have automatic watching behavior that some users found unclear or overwhelming.
Existing repository subscriptions created through auto-watching will not be impacted. Users will remain subscribed to repositories or teams they were previously watching.
To review or adjust your current repository subscriptions, visit the Watching section. For more detailed notification preferences, head to Notification Settings.
✕
Wait! Don't Go Yet 🚀
Get our FREE eBook "10 Programming Tips That Changed Everything" when you subscribe!
Alongside the launch of GPT-4.1 in GitHub Models, we’re introducing GPT-4.1-mini and GPT-4.1-nano—lightweight variants of OpenAI’s latest model. Designed for high performance with lower cost and latency, these models are ideal for real-time applications and workloads that involve parallel or chained model calls.
Both inherit the core strengths of the GPT-4.1 series, including enhanced coding capabilities, improved instruction following, long-context understanding, and multimodal support (text and image). With features like parallel function calling and structured output generation, GitHub Models users can now choose the right-sized model for their specific needs—whether building chatbots, coding copilots, or AI-powered agents.
GPT-4.1-mini: Combines strong general-purpose reasoning with low cost and latency, supporting both text and vision use cases.
GPT-4.1-nano: Offers even lower cost and latency, ideal for lightweight tasks and high-frequency usage at scale.
Try, compare, and implement these models in your code for free in the playground (GPT-4.1-mini and GPT-4.1-nano) or through the GitHub API.
You can now use the built-in GITHUB_TOKEN from GitHub Actions to authenticate requests to GitHub Models. This simplifies your workflows by integrating AI capabilities directly into your actions, eliminating the need to generate and manage Personal Access Tokens (PATs).
With this update, creating and sharing AI-driven GitHub Actions has never been easier. Add AI to your workflows effortlessly, whether it’s generating issue comments or reviewing pull requests.
Try it out today and streamline your automation with integrated AI.
GitHub Models empowers every developer to effortlessly incorporate AI into their GitHub workflows.
GitHub regularly updates the default pattern set for secret scanning with new patterns and upgrades of existing patterns, ensuring your repositories have comprehensive detection for different secret types.
The following new patterns were added over the last few months. Secret scanning automatically detects any secrets matching these patterns in your repositories. See the full list of supported secrets in the documentation.
Provider
Token
Partner
User
Push protection
Bitrise
bitrise_personal_access_token
✓
✓
✓
Bitrise
bitrise_workspace_api_token
✓
✓
✓
Buildkite
buildkite_user_access_token
✓
✓
LinkedIn
linkedin_client_secret
✓
Mailersend
mailersend_smtp_password
✓
Naver Cloud
navercloud_gov_access_key
✓
✓
Naver Cloud
navercloud_gov_access_key_secret
✓
✓
Naver Cloud
navercloud_gov_sts
✓
✓
Naver Cloud
navercloud_gov_sts_secret
✓
✓
Naver Cloud
navercloud_pub_access_key
✓
✓
Naver Cloud
navercloud_pub_access_key_secret
✓
✓
Naver Cloud
navercloud_pub_sts
✓
✓
Naver Cloud
navercloud_pub_sts_secret
✓
✓
Neon
neon_api_key
✓
Neon
neon_connection_uri
✓
Pangea
pangea_token
✓
Planning Center
planning_center_oauth_access_token
✓
✓
✓
Planning Center
planning_center_oauth_app_secret
✓
✓
✓
Planning Center
planning_center_personal_access_token
✓
✓
✓
Ramp
ramp_client_id
✓
✓
Ramp
ramp_client_secret
✓
✓
Ramp
ramp_oauth_token
✓
✓
RunPod
runpod_api_key
✓
✓
✓
Sourcegraph
sourcegraph_access_token
✓
✓
Sourcegraph
sourcegraph_dotcom_user_gateway
✓
✓
Sourcegraph
sourcegraph_instance_identifier_access_token
✓
✓
Sourcegraph
sourcegraph_license_key_token
✓
✓
Sourcegraph
sourcegraph_product_subscription_token
✓
✓
The following existing patterns were upgraded to be included in push protection. When push protection is enabled, secret scanning automatically blocks any pushes that contain a secret matching these patterns.
The Copilot extension for GitHub Models now requires the models:read permission in order to access GitHub Models APIs. Users will need to reauthorize the extension by accepting the new permission via the email notification sent from GitHub.
This change follows our March 18 changelog, which announced that GitHub Apps and fine-grained PATs accessing GitHub Models would require the models:read permission.
If the updated permission is not granted, functionality like @models in chat may stop working.
Now in public preview, Windows arm64 hosted runners are available for free in public repositories. This runner comes with a Windows 11 Desktop image, fully equipped with all the tooling you need to quickly get started running your workflows. Following the release of linux arm64 hosted runners in January, this now extends to Windows support for the open source-community. These four vCPU runners provide a power-efficient compute layer for your Windows workloads. Arm-native developers can now build, test, and deploy entirely within the arm64 architecture without the need for virtualization on your actions runs.
How to use the runners
To leverage the arm64 hosted runners, add the following labels in your public repository workflow runs:
windows-11-arm
Please note that this label will not work in private repositories—the workflow will fail if you add it. All runs in public repositories will adhere to our standard runners usage limits, with maximum concurrencies based on your plan type. While the arm64 runners are in public preview, you may experience longer queue times during peak usage hours.
Images for arm64 larger runners
In partnership with Arm, there is now a Windows 11 desktop arm64 image with preinstalled tools available for all GitHub runner sizes, including both the new free offering and our existing arm64 larger runners. To use the new image on larger runners, you can create a new runner and select the Microsoft Windows 11 Desktop by Arm Limited image in the Images console.
To view the list of installed software, give feedback on the image, or report issues, visit the partner-runner-images repository.
Get started today!
To get started building windows on arm64 for free, simply add the new label to the runs-on syntax in your public actions workflow file. For more information on arm64 runners and how to use them, see our documentation and join the conversation in the Community discussion.
✕
Wait! Don't Go Yet 🚀
Get our FREE eBook "10 Programming Tips That Changed Everything" when you subscribe!
OpenAI’s latest model, GPT-4.1, is now available in GitHub Copilot and GitHub Models, bringing OpenAI’s newest model to your coding workflow. This model outperforms GPT-4o across the board, with major gains in coding, instruction following, and long-context understanding. It has a larger context window and features a refreshed knowledge cutoff of June 2024.
OAI has optimized GPT-4.1 for real-world use based on direct developer feedback about: frontend coding, making fewer extraneous edits, following formats reliably, adhering to response structure and ordering, consistent tool usage, and more. This model is a strong default choice for common development tasks that benefit from speed, responsiveness, and general-purpose reasoning.
Copilot
OpenAI GPT-4.1 is rolling out for all Copilot Plans, including Copilot Free. You can access it through the model picker in Visual Studio Code and on github.com chat. To accelerate your workflow, whether you’re debugging, refactoring, modernizing, testing, or just getting started, select “GPT-4.1 (Preview)” to begin using it.
Enabling access
Copilot Enterprise administrators will need to enable access to GPT-4.1 through a new policy in Copilot settings. As an administrator, you can verify availability by checking your individual Copilot settings and confirming the policy for GPT-4.1 is set to enabled. Once enabled, users will see GPT-4.1 in the Copilot Chat model selector in VS Code and on github.com.
GitHub Models users can now harness the power of GPT-4.1 to enhance their AI applications and projects. In the GitHub Models playground, you can experiment with sample prompts, refine your ideas, and iterate as you build. You can also try it alongside other models including those from Cohere, DeepSeek, Meta, and Microsoft.
