Press "Enter" to skip to content

GitHub Copilot update includes security vulnerability filtering

GitHub Copilot, the controversial tool that provides AI-assisted coding to developers, has been enhanced with algorithms to improve the quality and security of its coding suggestions.

The improvements introduced on February 14 include an update to the underlying OpenAI Codex AI model to support large-scale improvements to code quality hints. Suggestion delivery time has also been reduced. These enhancements are available for both Copilot for Home and Copilot for Business.

Additionally, AI-based vulnerability filtering in Copilot now blocks insecure coding patterns in real time. Common vulnerable coding patterns that are targeted include hard-coded credentials, path injections, and SQL injections. Vulnerable patterns can even be detected in incomplete snippets, GitHub said.

An AI pair programming tool trained with code from public repositories, Copilot offers autocomplete style suggestions in a variety of programming languages. Copilot can be accessed through extensions to Visual Studio Code, Visual Studio, Neovim, and the JetBrains IDE suite. Users can sign up for a free trial of Copilot at

GitHub this week also announced the general availability of Github Copilot for Business to all companies, even those that don’t use GitHub. This announcement follows a beta phase that began in December. Businesses can sign up for Copilot and assign seats immediately. Also included in GitHub Copilot for Business is VPN proxy support, so you can use Copilot in any work environment.

Since its introduction in June 2021, Copilot has been the subject of criticism and questions have been raised about the advisability of using publicly available code to train the AI. These concerns prompted a lawsuit and protests from the Free Software Foundation. But GitHub said this week that more than 400 organizations are already using Copilot and that the tool is helping developers code faster.

Also Read:  How is Creatio integrating ChatGPT into its Atlas low-code platform?

Copyright © 2023 IDG Communications, Inc.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *