diff --git a/CHANGELOG.md b/CHANGELOG.md index 51bc1e09d923..52df890d20ee 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,18 +1,28 @@ # Docs changelog -<<<<<<< changelog-update-1772664132 -**4 March 2026** +**17 March 2026** -We've published a new article to coincide with the public preview of the Copilot coding agent for Jira integration. +We published [Maintaining codebase standards in a GitHub Copilot rollout](https://docs.github.com/en/enterprise-cloud@latest/copilot/tutorials/roll-out-at-scale/maintain-codebase-standards). + +The guide shows how customers can create a strong governance framework for Copilot by leveraging GitHub's enterprise-grade platform alongside cultural best practices. + +
+ +We published [Resources for getting approval of GitHub Copilot](https://docs.github.com/enterprise-cloud@latest/copilot/get-started/resources-for-approval), a guide that collects resources for enterprise admins to send to legal, compliance, and cybersecurity teams in their company. + +
-See [Integrating Copilot coding agent with Jira](https://docs.github.com/copilot/how-tos/use-copilot-agents/coding-agent/integrate-coding-agent-with-jira). -======= **5 March 2026** We've updated our documentation to include a series of articles about the GitHub integration in Teams (previously, docs for the integration lived in a public repository). See [GitHub integration in Teams](https://docs.github.com/integrations/how-tos/teams). ->>>>>>> main + +**4 March 2026** + +We've published a new article to coincide with the public preview of the Copilot coding agent for Jira integration. + +See [Integrating Copilot coding agent with Jira](https://docs.github.com/copilot/how-tos/use-copilot-agents/coding-agent/integrate-coding-agent-with-jira).
@@ -34,7 +44,7 @@ We've added an article about the new `/research` slash command in Copilot CLI: **27 February 2026** -We've extended the reference information for Copilot CLI, adding much more detail. See [GitHub Copilot CLI command reference](https://docs.github.com/en/copilot/reference/cli-command-reference#custom-agents-reference). +We've extended the reference information for Copilot CLI, adding much more detail. See [GitHub Copilot CLI command reference](https://docs.github.com/copilot/reference/cli-command-reference#custom-agents-reference).
diff --git a/content/README.md b/content/README.md index 32d51d0bc330..4c2a3dc2aa1b 100644 --- a/content/README.md +++ b/content/README.md @@ -238,7 +238,7 @@ defaultTool: cli **Note: the featured track is set by a specific property in the learning tracks YAML. See that [README](../data/learning-tracks/README.md) for details.* ### `includeGuides` -- Purpose: Render a list of articles, filterable by `contentType` and `topics`. Only applicable when used with `layout: product-guides`. +- Purpose: Render a list of articles, filterable by `contentType`. Only applicable when used with `layout: product-guides`. - Type: `Array` - Optional. diff --git a/content/admin/monitoring-and-managing-your-instance/additional-nodes/configuring-additional-nodes.md b/content/admin/monitoring-and-managing-your-instance/additional-nodes/configuring-additional-nodes.md index af2fe0417ed1..b50ce050d481 100644 --- a/content/admin/monitoring-and-managing-your-instance/additional-nodes/configuring-additional-nodes.md +++ b/content/admin/monitoring-and-managing-your-instance/additional-nodes/configuring-additional-nodes.md @@ -5,10 +5,6 @@ intro: 'Add nodes to the primary high availability (HA) datacenter. This is inte versions: ghes: '>= 3.18' contentType: how-tos -topics: - - High availability - - Enterprise - - Infrastructure allowTitleToDifferFromFilename: true --- diff --git a/content/admin/monitoring-and-managing-your-instance/additional-nodes/index.md b/content/admin/monitoring-and-managing-your-instance/additional-nodes/index.md index 1f2d6dc84daa..a6f9aa634f99 100644 --- a/content/admin/monitoring-and-managing-your-instance/additional-nodes/index.md +++ b/content/admin/monitoring-and-managing-your-instance/additional-nodes/index.md @@ -3,8 +3,6 @@ title: Additional nodes intro: 'You can configure additional nodes to offload stateless workloads from the primary node in your {% data variables.product.prodname_ghe_server %} instance.' versions: ghes: '>= 3.18' -topics: - - Enterprise children: - /configuring-additional-nodes --- diff --git a/content/admin/upgrading-your-instance/index.md b/content/admin/upgrading-your-instance/index.md index 960a7629efec..ad6b74bff376 100644 --- a/content/admin/upgrading-your-instance/index.md +++ b/content/admin/upgrading-your-instance/index.md @@ -3,9 +3,6 @@ intro: 'Administrators can upgrade {% data variables.product.prodname_ghe_server %} to get the latest features and security updates.' versions: ghes: '*' - topics: - - Enterprise - - Upgrades children: - /preparing-to-upgrade - /performing-an-upgrade diff --git a/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-a-hotpatch.md b/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-a-hotpatch.md index 6ad96e4bdd38..be3966ecf3a3 100644 --- a/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-a-hotpatch.md +++ b/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-a-hotpatch.md @@ -6,9 +6,6 @@ redirect_from: - /admin/monitoring-managing-and-updating-your-instance/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server#upgrading-with-a-hotpatch versions: ghes: '*' -topics: - - Enterprise - - Upgrades shortTitle: Upgrade with a hotpatch contentType: how-tos --- diff --git a/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-an-upgrade-package.md b/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-an-upgrade-package.md index 3c326fd5b3a2..5c699c34e710 100644 --- a/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-an-upgrade-package.md +++ b/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-an-upgrade-package.md @@ -6,9 +6,6 @@ redirect_from: - /admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server#upgrading-with-an-upgrade-package versions: ghes: '*' -topics: - - Enterprise - - Upgrades shortTitle: Upgrade with an upgrade package contentType: how-tos --- diff --git a/content/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process.md b/content/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process.md index f655001086f8..18c44b1d5586 100644 --- a/content/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process.md +++ b/content/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process.md @@ -18,9 +18,6 @@ redirect_from: - /admin/monitoring-managing-and-updating-your-instance/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server versions: ghes: '*' -topics: - - Enterprise - - Upgrades shortTitle: Upgrading overview contentType: concepts --- diff --git a/content/admin/upgrading-your-instance/preparing-to-upgrade/taking-a-snapshot.md b/content/admin/upgrading-your-instance/preparing-to-upgrade/taking-a-snapshot.md index b188cd9742c9..2d08bab0e2bd 100644 --- a/content/admin/upgrading-your-instance/preparing-to-upgrade/taking-a-snapshot.md +++ b/content/admin/upgrading-your-instance/preparing-to-upgrade/taking-a-snapshot.md @@ -6,9 +6,6 @@ redirect_from: - /enterprise/admin/installation/upgrading-github-enterprise-server#taking-a-snapshot versions: ghes: '*' -topics: - - Enterprise - - Upgrades shortTitle: Take a snapshot contentType: how-tos --- diff --git a/content/admin/upgrading-your-instance/troubleshooting-upgrades/restoring-from-a-failed-upgrade.md b/content/admin/upgrading-your-instance/troubleshooting-upgrades/restoring-from-a-failed-upgrade.md index 12a7c9ab61dd..70f9faf69295 100644 --- a/content/admin/upgrading-your-instance/troubleshooting-upgrades/restoring-from-a-failed-upgrade.md +++ b/content/admin/upgrading-your-instance/troubleshooting-upgrades/restoring-from-a-failed-upgrade.md @@ -5,10 +5,6 @@ redirect_from: - /admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server#restoring-from-a-failed-upgrade versions: ghes: '*' -topics: - - Enterprise - - Upgrades - - Troubleshooting shortTitle: Restore from a failed upgrade contentType: how-tos --- diff --git a/content/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/configuring-private-vulnerability-reporting-for-a-repository.md b/content/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/configuring-private-vulnerability-reporting-for-a-repository.md index 7abb2d75c8ba..ce882fb7f7a3 100644 --- a/content/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/configuring-private-vulnerability-reporting-for-a-repository.md +++ b/content/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/configuring-private-vulnerability-reporting-for-a-repository.md @@ -33,18 +33,17 @@ The instructions in this article refer to enablement at repository level. For in {% data reusables.security-advisory.private-vulnerability-reporting-configure-notifications %} Notifications depend on the user's notification preferences. You will receive an email notification if: -* You are watching the repository. -* You have enabled notifications for "All Activity". -* In your notification settings, under "Subscriptions", then under "Watching", you have selected to receive notifications by email. +* You are watching the repository with **All Activity** selected, or with **Security alerts** (available under **Custom**) selected. +* In your notification settings, under **Subscriptions**, then under **Watching**, you have selected to receive notifications by email. {% data reusables.repositories.navigate-to-repo %} 1. To start watching the repository, select **{% octicon "eye" aria-hidden="true" aria-label="eye" %} Watch**. ![Screenshot of the repository's main page. A dropdown menu, titled "Watch", is highlighted with an orange outline.](/assets/images/help/repository/repository-watch-dropdown.png) -1. In the dropdown menu, click **All Activity**. +1. In the dropdown menu, select **All Activity** to receive notifications for all activity, or select **Custom**, then **Security alerts** to receive notifications only for security alerts. 1. Navigate to the notification settings for your personal account. These are available at [https://github.com/settings/notifications](https://github.com/settings/notifications?ref_product=security-advisories&ref_type=engagement&ref_style=text). -1. On your notification settings page, under "Subscriptions," then under "Watching," select the **Notify me** dropdown. +1. On your notification settings page, under "Subscriptions," then under "Watching," click the **Notify me** dropdown. 1. Select "Email" as a notification option, then click **Save**. ![Screenshot of the notification settings for a user account. Under "Subscriptions" and "Watching" a checkbox, titled "Email", is outlined in orange.](/assets/images/help/notifications/repository-watching-notification-options.png) diff --git a/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md b/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md index 7d42c4be589c..4ad4174f24a5 100644 --- a/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md +++ b/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md @@ -24,7 +24,7 @@ You can add default community health files to a **public**{% ifversion ghec or g If no corresponding file is found in the current repository, {% data variables.product.github %} will use the default file from the `.github` repository, following the same order of precedence. ->[!NOTE] The `.github` repository must be **public**{% ifversion ghec or ghes %} or **internal**{% endif %} for templates to be applied organization-wide. Private `.github` repositories are not supported. +>[!NOTE] The `.github` repository must be **public**{% ifversion ghec or ghes %} or **internal**{% endif %} for most default community health files to be applied organization-wide. Private `.github` repositories are not supported.{% ifversion ghec or ghes %} However, **issue and pull request templates require a public `.github` repository** and will not be applied organization-wide from an internal repository.{% endif %} For example, anyone who creates an issue or pull request in a repository that does not have its own `CONTRIBUTING.md` file will see a link to the default `CONTRIBUTING.md` from the `.github` repository. However, if a repository has any files in its own `.github/ISSUE_TEMPLATE` folder, such as issue templates or a `_config.yml` file, none of the contents of the default `.github/ISSUE_TEMPLATE` folder will be used. This allows repository maintainers to override the default files with specific templates or content on per-repository basis. @@ -64,7 +64,7 @@ You can create defaults in your organization or personal account for the followi | _FUNDING.yml_ | A FUNDING file displays a sponsor button in your repository to increase the visibility of funding options for your open source project. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository). | | {% endif %} | | _GOVERNANCE.md_ | A GOVERNANCE file lets people know about how your project is governed. For example, it might discuss project roles and how decisions are made. | -| Issue and pull request templates and _config.yml_ | Issue and pull request templates customize and standardize the information you'd like contributors to include when they open issues and pull requests in your repository. For more information, see [AUTOTITLE](/communities/using-templates-to-encourage-useful-issues-and-pull-requests/about-issue-and-pull-request-templates).

If an issue template sets a label, that label must be created in your `.github` repository and any repositories where the template will be used. | +| Issue and pull request templates and _config.yml_ | Issue and pull request templates customize and standardize the information you'd like contributors to include when they open issues and pull requests in your repository. For more information, see [AUTOTITLE](/communities/using-templates-to-encourage-useful-issues-and-pull-requests/about-issue-and-pull-request-templates).

If an issue template sets a label, that label must be created in your `.github` repository and any repositories where the template will be used.{% ifversion ghec or ghes %} Organization-wide issue and pull request templates require the `.github` repository to be public.{% endif %} | | _SECURITY.md_ | A SECURITY file gives instructions on how to report a security vulnerability in your project and description that hyperlinks the file. For more information, see [AUTOTITLE](/code-security/getting-started/adding-a-security-policy-to-your-repository). | | _SUPPORT.md_ | A SUPPORT file lets people know about ways to get help with your project. For more information, see [AUTOTITLE](/communities/setting-up-your-project-for-healthy-contributions/adding-support-resources-to-your-project). | diff --git a/content/contributing/writing-for-github-docs/using-yaml-frontmatter.md b/content/contributing/writing-for-github-docs/using-yaml-frontmatter.md index 5b93dea57065..dad1318b0d0e 100644 --- a/content/contributing/writing-for-github-docs/using-yaml-frontmatter.md +++ b/content/contributing/writing-for-github-docs/using-yaml-frontmatter.md @@ -235,7 +235,7 @@ defaultTool: cli ### `includeGuides` -* Purpose: Render a list of articles, filterable by `type` and `topics`. Only applicable when used with `layout: product-guides`. +* Purpose: Render a list of articles, filterable by `type`. Only applicable when used with `layout: product-guides`. * Type: `Array` * Optional. diff --git a/content/copilot/concepts/agents/copilot-cli/chronicle.md b/content/copilot/concepts/agents/copilot-cli/chronicle.md new file mode 100644 index 000000000000..68d7f4115041 --- /dev/null +++ b/content/copilot/concepts/agents/copilot-cli/chronicle.md @@ -0,0 +1,94 @@ +--- +title: 'About {% data variables.copilot.copilot_cli %} session data' +shortTitle: Session data +allowTitleToDifferFromFilename: true +intro: '{% data variables.copilot.copilot_cli_short %} records every session locally. You can resume previous sessions, ask {% data variables.product.prodname_copilot_short %} questions about your interactions with the CLI, and use the `/chronicle` slash command for useful session-based insights.' +versions: + feature: copilot +contentType: concepts +category: + - Learn about Copilot # Copilot discovery page + - Learn about Copilot CLI # Copilot CLI bespoke page +--- + +## Introduction + +Every time you use {% data variables.copilot.copilot_cli_short %}, a complete set of data about your session—including your prompts, {% data variables.product.prodname_copilot_short %}'s responses, the tools that were used, and details of files that were modified—is recorded on your local machine. Over time, this builds up a rich history of what you've worked on, how you've worked, and what {% data variables.product.prodname_copilot_short %} has done for you. + +This session data powers several features: + +* **Resuming sessions**: You can pick up where you left off in any previous session. +* **Asking questions about your history**: You can ask {% data variables.product.prodname_copilot_short %} questions about your past work, and it will query your session data to answer them. +* **The `/chronicle` slash command**: A set of purpose-built subcommands that generate standup reports, personalized tips, and suggestions for improving your custom instructions—all derived from your session history. + +This conceptual article explains how session data is stored, and how you can leverage it to enhance your workflow. For a practical guide to resuming a session, asking {% data variables.product.prodname_copilot_short %} about your CLI sessions, and using the `/chronicle` slash command, see [AUTOTITLE](/copilot/how-tos/copilot-cli/chronicle). + +{% data reusables.copilot.copilot-cli.cli-experimental-chronicle %} + +## How session data is stored + +Every {% data variables.copilot.copilot_cli_short %} session is persisted as a set of files in the `~/.copilot/session-state/` directory on your machine. The data for each session contains a complete record of the session. These files allow you to resume an interactive CLI session. + +In addition to the session files, {% data variables.copilot.copilot_cli_short %} stores structured session data in a local SQLite database, referred to as the session store. This data is a subset of the full data stored in the session files. The session store is what powers the `/chronicle` slash command and it also allows {% data variables.product.prodname_copilot_short %} to answer questions you ask about your past work. + +### Privacy and data locality + +All session data is stored locally in your home directory and is only accessible to your user account. {% data variables.product.prodname_copilot_short %} reads this data on your machine when you ask questions about your interactions with the CLI, or when you use the `/chronicle` slash command. Session data such as your previous prompts, context data, and responses you received may be sent to the AI model, just as they would be in any normal {% data variables.copilot.copilot_cli_short %} interaction. + +If you want to remove data for a particular CLI session, you can delete the relevant session directory from `~/.copilot/session-state/`. You can clear all session data by deleting everything under `~/.copilot/session-state/`. After doing this you must manually reindex the session store. See the [Reindexing the session store](#reindexing-the-session-store) later in this article. + +## About the `/chronicle` slash command + +The `/chronicle SUBCOMMAND` command uses the data in the session store to provide insights and suggestions about your use of {% data variables.copilot.copilot_cli_short %}. + +You can enter the following commands in an interactive CLI session: + +* `/chronicle standup`: Generates a short report summarizing what you worked on in your recent CLI sessions, including branch names, pull request links, and status checks. +* `/chronicle tips`: Provides personalized tips for using {% data variables.copilot.copilot_cli_short %} more effectively. +* `/chronicle improve`: Analyzes your session history to identify patterns where {% data variables.product.prodname_copilot_short %} may have misunderstood your intent or where there was a lot of back-and-forth, and generates custom instructions to help {% data variables.product.prodname_copilot_short %} better understand you in the future. +* `/chronicle reindex`: Rebuilds the session store from your session history files. + +## Benefits of `/chronicle` and the session data + +* **Self-improving workflow**: The `improve` subcommand creates a feedback loop that helps you to refine your custom instructions. Over time, this makes the agent more effective for your specific project. + +* **Effortless standup reports**: Instead of manually reconstructing what you did yesterday, `/chronicle standup` generates a standup summary from your actual session data. + +* **Personalized coaching**: The `tips` subcommand acts as a personal productivity coach that knows both what {% data variables.copilot.copilot_cli_short %} can do and how you actually use it. It bridges the gap between available features and your current workflow. + +* **Talk to your coding history**: The session store lets {% data variables.product.prodname_copilot_short %} answer any question that your past sessions might help with—from recalling a bug fix you did last week to analyzing your prompting patterns over time. + +* **Local and private**: All session data—both the raw JSONL files and the SQLite session store—stays on your machine. Nothing is uploaded or shared beyond the normal AI model interactions that happen in any {% data variables.copilot.copilot_cli_short %} session. You have full control over your data and can delete it at any time. + +## When should you use these features? + +* **At the start of your day**: Run `/chronicle standup last 3 days` to generate a reminder of what you worked on recently and the CLI session you were working in. +* **Periodically, to level up**: Run `/chronicle tips` every week or two to discover features and workflow improvements you might be missing. +* **When {% data variables.product.prodname_copilot_short %} keeps making the same mistake**: Run `/chronicle improve` to identify the pattern and generate custom instructions to fix it. +* **To recall past work**: Ask a free-form question like "Have I worked on anything related to the payments API?" and {% data variables.product.prodname_copilot_short %} will search your history. +* **To continue previous work**: Use `copilot --continue` or `copilot --resume` to pick up where you left off. + +## Reindexing the session store + +The session store is populated incrementally during a CLI session. Data for a session is written to disk in a session-specific subdirectory of `~/.copilot/session-state/`. This also happens periodically during a session, and also when the session ends. + +You can reindex the session store from the session files on disk, although typically you will never need to do this. + +Situations where you might need to reindex include: + +* **Indexing old sessions**: If you have old session files on disk that were created before the session store existed, reindexing will populate the session store with data from those sessions. +* **Session deletion**: If you want to delete a session from your history you can delete the session directory and then reindex the session store. +* **Migrating/recovering sessions**: If you moved your session files to another machine, or restored them from a backup, without also moving/restoring the session store file (`~/.copilot/session-store.db`), you can use the reindex command to recreate the session store. +* **File corruption**: If the session store file (`~/.copilot/session-store.db`) becomes corrupted, or is accidentally deleted, you can recover the session store from the session files. +* **Unexpected termination**: If a session terminates unexpectedly (for example, due to a crash or power loss) before data held in memory has been flushed to the session store you may be able to populate the session store with the missing data if it was written to disk, in the session files, prior to the termination. + +To reindex the session store, use the following slash command in an interactive CLI session: + +```copilot copy +/chronicle reindex +``` + +## Further reading + +* [AUTOTITLE](/copilot/how-tos/copilot-cli/chronicle) +* [AUTOTITLE](/copilot/reference/cli-command-reference) diff --git a/content/copilot/concepts/agents/copilot-cli/index.md b/content/copilot/concepts/agents/copilot-cli/index.md index f4540cafe59a..de1510e4e8e6 100644 --- a/content/copilot/concepts/agents/copilot-cli/index.md +++ b/content/copilot/concepts/agents/copilot-cli/index.md @@ -12,5 +12,6 @@ children: - /autopilot - /fleet - /research + - /chronicle contentType: concepts --- diff --git a/content/copilot/get-started/index.md b/content/copilot/get-started/index.md index 3b657e59017a..540cc5031709 100644 --- a/content/copilot/get-started/index.md +++ b/content/copilot/get-started/index.md @@ -12,6 +12,7 @@ children: - /best-practices - /choose-enterprise-plan - /achieve-company-goals + - /resources-for-approval redirect_from: - /copilot/about-github-copilot contentType: get-started diff --git a/content/copilot/get-started/resources-for-approval.md b/content/copilot/get-started/resources-for-approval.md new file mode 100644 index 000000000000..10a8fb497c97 --- /dev/null +++ b/content/copilot/get-started/resources-for-approval.md @@ -0,0 +1,74 @@ +--- +title: Resources for getting approval of GitHub Copilot +shortTitle: Resources for approval +intro: 'Get ready to adopt {% data variables.product.prodname_copilot_short %} by sending resources to legal and security teams in your company.' +versions: + feature: copilot +contentType: get-started +category: + - Manage Copilot for a team +--- + +Before you can roll out a tool like {% data variables.product.prodname_copilot %} in your company, you will likely need signoff from legal, compliance, and cybersecurity teams. + +Your company's requirements depend on your industry and location, but common queries include: + +* How does {% data variables.product.prodname_copilot_short %} use my company's data? +* Which compliance standards does {% data variables.product.prodname_copilot_short %} meet? +* Will I need to adjust my corporate network for {% data variables.product.prodname_copilot_short %}? + +This article collects resources that you can send to teams in your company to accelerate the signoff process. These resources apply to the {% data variables.copilot.copilot_business_short %} and {% data variables.copilot.copilot_enterprise_short %} plans. + +## Legal and privacy teams + +These teams need to know the terms that will govern your company's purchase of {% data variables.product.prodname_copilot_short %}. + +* If you purchase directly from {% data variables.product.github %}, you'll be governed by the [GitHub Generative AI Services Terms](https://github.com/customer-terms/github-generative-ai-services-terms). +* If you purchase through Microsoft, you'll be governed by [Microsoft's Product Terms](https://www.microsoft.com/licensing/terms). This includes both the [Microsoft Generative AI Service terms](https://www.microsoft.com/licensing/terms/product/ForOnlineServices/all), and terms specifically for [GitHub Offerings](https://www.microsoft.com/licensing/terms/productoffering/GitHubOfferings/allprograms). +* {% data variables.product.prodname_copilot_short %} also falls under the [GitHub Data Protection Agreement](https://gh.io/dpa). This applies to all generally available (GA) {% data variables.product.prodname_copilot_short %} features and to the preview features listed in [GitHub DPA-Covered Previews](https://gh.io/dpa-previews). + +## Compliance teams + +These teams need to know that {% data variables.product.prodname_copilot_short %} meets your company's regulatory requirements. + +The [GitHub Enterprise Trust Center](https://ghec.github.trust.page) answers common compliance questions in its FAQ, and lists attestations for compliance standards in the "Resources" section. + +Compliance teams may also want to know about the administrative features available to govern {% data variables.product.prodname_copilot_short %}, such as: + +* Policies for managing access to features and models +* Audit logs for monitoring changes to access and settings +* The ability to exclude sensitive content from {% data variables.product.prodname_copilot_short %}'s view + +For an overview of these features, see [AUTOTITLE](/copilot/get-started/features#github-copilot-features-for-administrators). + +### For new {% data variables.product.prodname_enterprise %} customers + +If your company is not already using {% data variables.product.prodname_enterprise %}, compliance teams may also want an overview of {% data variables.product.github %}'s general governance features for things like protecting branches or preventing leaked secrets. See [AUTOTITLE](/enterprise-cloud@latest/admin/overview/establishing-a-governance-framework-for-your-enterprise). + +## Cybersecurity and IT teams + +These teams need to know how {% data variables.product.prodname_copilot_short %} will work with your company's corporate network, authentication systems, and software distribution processes. They may need to learn about: + +* The allowlist required for a firewall or proxy to ensure {% data variables.product.prodname_copilot_short %} works as expected. See [AUTOTITLE](/copilot/reference/copilot-allowlist-reference). +* The network protocol that {% data variables.product.prodname_copilot_short %} operates on by default, and your company's options for routing traffic through a proxy server and intercepting traffic. See [AUTOTITLE](/copilot/concepts/network-settings). +* The clients where users will be using {% data variables.product.prodname_copilot_short %}. + * Your enterprise can enable or disable {% data variables.product.prodname_copilot_short %} in IDEs, on {% data variables.product.prodname_mobile %}, in the CLI, and on the {% data variables.product.github %} website. + * If your company distributes approved software for users, IT teams may need to approve the supported versions of IDEs. See [AUTOTITLE](/copilot/reference/copilot-feature-matrix). + +### For new {% data variables.product.prodname_enterprise %} customers + +If your company is not already using {% data variables.product.prodname_enterprise %}, cybersecurity teams may also need to learn about networking and authentication options on {% data variables.product.github %} as a whole: + +* The full list of IP addresses that will need to be allowed by your network. You can get a list of these from a public API. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses). +* Options for integrating with an identity provider and enforcing single sign-on for users. See [AUTOTITLE](/enterprise-cloud@latest/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals). +* Enterprise network features. Enterprises can enforce IP allow lists and, for {% data variables.product.prodname_emus %}, prevent developers from using their personal account on your corporate network. See [AUTOTITLE](/enterprise-cloud@latest/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list) and [AUTOTITLE](/enterprise-cloud@latest/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-access-to-githubcom-using-a-corporate-proxy). + +Even if you're only using {% data variables.product.github %} to grant access to {% data variables.product.prodname_copilot_short %}, developers will need to authenticate to {% data variables.product.github %} to use their {% data variables.product.prodname_copilot_short %} license. + +## Further questions + +If teams have questions that aren't addressed by these resources, contact your account manager or {% data variables.contact.contact_enterprise_sales %}. + +## Next steps + +Once teams have signed off on {% data variables.product.prodname_copilot_short %}, you can choose a plan for your enterprise. See [AUTOTITLE](/copilot/get-started/choose-enterprise-plan). diff --git a/content/copilot/how-tos/copilot-cli/chronicle.md b/content/copilot/how-tos/copilot-cli/chronicle.md new file mode 100644 index 000000000000..1ff12a17bb42 --- /dev/null +++ b/content/copilot/how-tos/copilot-cli/chronicle.md @@ -0,0 +1,194 @@ +--- +title: 'Using {% data variables.copilot.copilot_cli %} session data' +shortTitle: Use session data +allowTitleToDifferFromFilename: true +intro: 'Resume previous {% data variables.copilot.copilot_cli_short %} sessions, use the `/chronicle` slash command to get insights from your session history, and ask {% data variables.product.prodname_copilot_short %} questions about your CLI usage.' +versions: + feature: copilot +contentType: how-tos +category: + - Author and optimize with Copilot # Copilot discovery page + - Build with Copilot CLI # Copilot CLI bespoke page +--- + +{% data variables.copilot.copilot_cli_short %} stores the data from your CLI sessions locally on your machine. This session data allows you to: + +* Resume previous sessions and pick up right where you left off. +* Use the `/chronicle` slash command to generate standup reports, get personalized tips, and receive suggestions for improving your `.github/copilot-instructions.md` file. +* Ask {% data variables.product.prodname_copilot_short %} questions about your past interactions. + +This article explains how to use these features. For a deeper dive into how session data is stored, and the benefits of the `/chronicle` command, see [AUTOTITLE](/copilot/concepts/agents/copilot-cli/chronicle). + +## Resuming a previous session + +You can resume a previous interactive CLI session either from the command line, or during an active session. + +* **From the command line**, run `copilot --continue` to resume your most recent session. If you want to choose from a list of recent sessions, run `copilot --resume` to open a session picker that lists your recent sessions. Alternatively, if you know the session ID of the session you want to resume, you can run `copilot --resume SESSION-ID` to jump straight into it. + +* **During an interactive session**, type `/resume` to switch to a different session. A picker is displayed showing your recent sessions. Alternatively, you can enter `/resume SESSION-ID` to jump straight into a specific session. + +> [!NOTE] +> You can find the ID of a current interactive session by using the `/session` slash command. The session ID is also displayed when you exit an interactive session. + +When you resume a session, {% data variables.product.prodname_copilot_short %} loads the full conversation history, so you can continue exactly where you left off. + +## Renaming a session + +When you use the `--resume` command line option, or the `/resume` slash command, your recent sessions are listed. The final column of the list shows the session name, which helps you to identify the session you want to resume. If you have a session you return to frequently you might want to give it a custom name to make it easier to find in the list. + +To remame a session: + +1. In an interactive session, if you want to rename a session other than the current session use the `/resume` slash command to switch to the session you want to rename. +1. Type `/rename NEW_NAME` to rename the current session. You do not need to enclose the name in quotes. + + For example, `/rename Improve test coverage`. + +## Sharing a session + +You can save the content of the current session as either a Markdown file or a private gist on {% data variables.product.prodname_dotcom_the_website %}. This allows you to share your prompts and {% data variables.product.prodname_copilot_short %}'s responses with others, or store a record of your work outside of the CLI. + +To share a session as a gist, type the following in an interactive session: + +```copilot copy +/share gist +``` + +To export the session conversation as a Markdown file, type: + +```copilot copy +/share file [PATH-TO-FILE] +``` + +If you don't specify a file path, the Markdown file is saved in the current working directory with the name `copilot-session-SESSIONID.md`. + +## Using the `/chronicle` slash command + +{% data reusables.copilot.copilot-cli.cli-experimental-chronicle %} + +The `/chronicle` slash command provides a set of subcommands that generate specific types of insights from your session history. While you can ask {% data variables.product.prodname_copilot_short %} free-form questions about your sessions at any time, `/chronicle` subcommands provide a quick way to get specific insights. + +When you type `/chronicle` without arguments, a picker is displayed that lets you choose from the available subcommands: + +| Subcommand | Description | +| ---------- | ----------- | +| `standup` | Generate a standup report from your recent work. | +| `tips` | Get personalized tips based on your usage patterns. | +| `improve` | Suggest improvements to your {% data variables.product.prodname_copilot_short %} custom instructions file. | +| `reindex` | Rebuild the session store index from your session history. | + +You can also invoke a subcommand directly, without using the picker—for example, `/chronicle standup`. + +### `/chronicle standup` + +This generates a short report based on your {% data variables.copilot.copilot_cli_short %} sessions, by default from the last 24 hours. {% data variables.product.prodname_copilot_short %} looks at which branches you worked on, what you accomplished, and any {% data variables.product.github %} pull requests or issues you referenced. It groups the output by completion status, with each item labeled by its branch, and checks the current status of any linked pull requests. + +#### Example standup summary + +```text +Standup for March 13 2026: + +✅ Done + +myapp-repo repo maintenance (main branch) + + - Synced local, cleaned files, audited deps, reviewed architecture + - Session: 69a027e4-9b7b-493e-922e-107acd25abab + +🚧 In Progress + +MyApp configuration (suppress-start-message branch, myapp-repo) + + - Suppressing startup init prompt message + - Session: 3034d813-3e1f-413a-b3d9-15427ef8c19c +``` + +You can append additional context to the command to customize the output. For example, you can tell {% data variables.product.prodname_copilot_short %} to use a different time period, rather than the default last 24 hours: + +```copilot copy +/chronicle standup for the last 3 days +``` + +### `/chronicle tips` + +This analyzes your recent sessions to understand how you work and how you use {% data variables.copilot.copilot_cli_short %}. It then provides 3–5 personalized recommendations. {% data variables.product.prodname_copilot_short %} examines your actual prompts, the tools you use, and the features you haven't tried yet. It cross-references this with the full set of available CLI features—including any custom agents and skills you've set up in the repository—to find opportunities you might be missing. + +Tips are grounded in your real usage data, giving you specific suggestions rather than generic advice. + +#### Example tips + +The following is an example of the main points from a `/chronicle tips` response. In an actual response, each point is explained in more detail. + +```text +1. Use @ to mention files instead of pasting content +2. Iterate within a session — don't start over +3. Try /research for your exploration work +4. Turn recurring prompts into a custom agent +5. Use plan mode for multi-step work +``` + +You can focus the tips on a specific area by appending context after `/chronicle tips`. For example: + +```copilot copy +/chronicle tips for better prompting +``` + +### `/chronicle improve` + +This does a deep dive into your session history to find places where {% data variables.product.prodname_copilot_short %} struggled to provide the kind of response or results you were looking for, or where you had to course-correct by providing follow-up prompts. On the basis of this research, it suggests improvements to your `.github/copilot-instructions.md` custom instructions file. + +Capturing project-specific knowledge as custom instructions is a powerful way to improve {% data variables.product.prodname_copilot_short %}'s performance when working on your project. For more information, see [AUTOTITLE](/copilot/how-tos/copilot-cli/customize-copilot/add-custom-instructions). + +> [!NOTE] +> Unlike other times {% data variables.product.prodname_copilot_short %} uses your session data to answer questions or generate insights, the scope of the `improve` subcommand is limited to data for the current repository or working directory. This ensures the recommendations are relevant to the project you're currently working on. + +{% data variables.product.prodname_copilot_short %} looks for friction signals—repeated test failures, build errors that required multiple attempts, user messages that corrected or redirected the agent, and patterns that recur across sessions. It then presents 3–5 specific recommendations, each explaining the problem it found and the instruction that would address it. + +For example, {% data variables.product.prodname_copilot_short %} might find that it repeatedly tried to use `jest` for your project that uses `vitest`, or that it kept generating imports in a style that doesn't match your codebase conventions. The suggested instructions would prevent these mistakes in future sessions. + +After presenting its recommendations, {% data variables.product.prodname_copilot_short %} asks which ones you'd like to apply. By default all recommendations are selected but you can use the arrow keys on your keyboard to move to any of the recommendations then press the space bar to toggle the suggestion off. After choosing which recommendations to apply, press Enter. {% data variables.product.prodname_copilot_short %} then creates or updates the `.github/copilot-instructions.md` file. + +## Asking questions about your session history + +You don't need to use a slash command to take advantage of your session history. If {% data variables.product.prodname_copilot_short %} determines that you are asking about your use of the CLI it will automatically use the session store to provide the context for a response. + +> [!NOTE] +> By default, the answers to questions about your interactions with {% data variables.copilot.copilot_cli_short %} are based on all of your recorded sessions, irrespective of the repository or branch you are currently working in. + +Here are some examples of the kinds of questions you might ask: + +### Insights about tasks + +```copilot copy +Using what you know about my sessions, what type of tasks give me one-shot successes and which do I have to iterate on most? +``` + +{% data variables.product.prodname_copilot_short %} will analyze your conversations, looking for times when an initial response was not followed by related prompts, and times when there was a series of iterative prompts and responses. + +### Reduce premium request usage + +```copilot copy +Based on my previous CLI sessions, how could I prompt you in a way that would cost less? +``` + +{% data variables.product.prodname_copilot_short %} will look at your session patterns—prompt length, number of continuation steps, and tool call frequency—and suggest ways to achieve the same results with fewer interactions. + +### Find your most productive times + +```copilot copy +Look at data for previous sessions. What time of day am I most and least effective at getting good results from Copilot? +``` + +{% data variables.product.prodname_copilot_short %} will query session timestamps and outcomes to identify when your interactions tend to be most efficient. + +### Recall past work + +```copilot copy +Have I worked on anything related to authentication in the last month? +``` + +{% data variables.product.prodname_copilot_short %} uses full-text search across your session history to find relevant sessions, then summarizes what you did. + +## Further reading + +* [AUTOTITLE](/copilot/concepts/agents/copilot-cli/chronicle) +* [AUTOTITLE](/copilot/reference/cli-command-reference) diff --git a/content/copilot/how-tos/copilot-cli/cli-getting-started.md b/content/copilot/how-tos/copilot-cli/cli-getting-started.md index df38e4c8fbfe..8e464b5de448 100644 --- a/content/copilot/how-tos/copilot-cli/cli-getting-started.md +++ b/content/copilot/how-tos/copilot-cli/cli-getting-started.md @@ -124,3 +124,4 @@ Find out more about {% data variables.copilot.copilot_cli_short %}: * [AUTOTITLE](/copilot/concepts/agents/about-copilot-cli) * [AUTOTITLE](/copilot/how-tos/use-copilot-agents/use-copilot-cli) * [AUTOTITLE](/copilot/how-tos/copilot-cli/cli-best-practices) +* [Get started with {% data variables.copilot.copilot_cli %}: A free hands-on course](https://developer.microsoft.com/blog/get-started-with-github-copilot-cli-a-free-hands-on-course) diff --git a/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-creating.md b/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-creating.md index b29ac0985f06..f7e3bf3645ee 100644 --- a/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-creating.md +++ b/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-creating.md @@ -16,7 +16,7 @@ contentType: how-tos Plugins are packages that extend the functionality of {% data variables.copilot.copilot_cli_short %}. See [AUTOTITLE](/copilot/concepts/agents/copilot-cli/about-cli-plugins). -{% data reusables.copilot.cli-help-note %} +{% data reusables.copilot.copilot-cli.cli-help-note %} ## Plugin structure @@ -43,7 +43,7 @@ my-plugin/ **Example `plugin.json` file** - {% data reusables.copilot.cli-example-plugin-file %} + {% data reusables.copilot.copilot-cli.cli-example-plugin-file %} For details of the full set of fields you can include in this file, see [AUTOTITLE](/copilot/reference/cli-plugin-reference#pluginjson). diff --git a/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-finding-installing.md b/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-finding-installing.md index cdc6cfe3229b..d91a6697e43a 100644 --- a/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-finding-installing.md +++ b/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-finding-installing.md @@ -18,7 +18,7 @@ Plugins are packages that extend the functionality of {% data variables.copilot. For more information, see [AUTOTITLE](/copilot/concepts/agents/copilot-cli/about-cli-plugins). -{% data reusables.copilot.cli-help-note %} +{% data reusables.copilot.copilot-cli.cli-help-note %} ## Finding plugins diff --git a/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-marketplace.md b/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-marketplace.md index 9603310b185b..9158e63e12a3 100644 --- a/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-marketplace.md +++ b/content/copilot/how-tos/copilot-cli/customize-copilot/plugins-marketplace.md @@ -16,7 +16,7 @@ contentType: how-tos Plugin marketplaces are registries of plugins for {% data variables.copilot.copilot_cli_short %}. They can be located on {% data variables.product.prodname_dotcom_the_website %}, in any other online Git hosting service, or on your local or shared file system. By creating a marketplace and adding your plugins to it, you can make it easy for other users to find and install your plugins. -{% data reusables.copilot.cli-help-note %} +{% data reusables.copilot.copilot-cli.cli-help-note %} ## Prerequisite @@ -31,7 +31,7 @@ You have created one or more plugins that you want to share. See [AUTOTITLE](/co **Example `marketplace.json` file** - {% data reusables.copilot.cli-example-marketplace-file %} + {% data reusables.copilot.copilot-cli.cli-example-marketplace-file %} Online examples: @@ -40,13 +40,13 @@ You have created one or more plugins that you want to share. See [AUTOTITLE](/co The top-level `plugins` field is an array of plugin objects, each containing metadata about a plugin, including its name, description, version, and source. - {% data reusables.copilot.cli-path-to-plugins %} + {% data reusables.copilot.copilot-cli.cli-path-to-plugins %} For details of the full set of fields you can include in this file, see [AUTOTITLE](/copilot/reference/cli-plugin-reference#marketplacejson). 1. Add the `marketplace.json` file to the `.github/plugin` directory of a repository. - {% data reusables.copilot.cli-claude-plugin-dir %} + {% data reusables.copilot.copilot-cli.cli-claude-plugin-dir %} 1. For each plugin defined in the `marketplace.json` file, add the relevant plugin directory to the appropriate location in the repository. diff --git a/content/copilot/how-tos/copilot-cli/index.md b/content/copilot/how-tos/copilot-cli/index.md index 4ee33224e5b4..66f076f253f7 100644 --- a/content/copilot/how-tos/copilot-cli/index.md +++ b/content/copilot/how-tos/copilot-cli/index.md @@ -22,12 +22,15 @@ children: - /use-copilot-cli-agents - /administer-copilot-cli-for-your-enterprise - /speeding-up-task-completion + - /chronicle - /content/copilot/concepts/agents/copilot-cli/about-copilot-cli - /content/copilot/concepts/agents/copilot-cli/comparing-cli-features + - /content/copilot/concepts/agents/about-agent-skills - /content/copilot/concepts/agents/copilot-cli/about-cli-plugins - /content/copilot/concepts/agents/copilot-cli/autopilot - /content/copilot/concepts/agents/copilot-cli/fleet - /content/copilot/concepts/agents/copilot-cli/research + - /content/copilot/concepts/agents/copilot-cli/chronicle - /set-up-copilot-cli/install-copilot-cli - /set-up-copilot-cli/configure-copilot-cli - /automate-copilot-cli/quickstart @@ -41,7 +44,6 @@ children: - /customize-copilot/plugins-marketplace - /customize-copilot/overview - /customize-copilot/use-hooks - - /content/copilot/concepts/agents/about-agent-skills - /content/copilot/reference/copilot-cli-reference/cli-command-reference - /content/copilot/reference/copilot-cli-reference/cli-plugin-reference - /content/copilot/reference/copilot-cli-reference/cli-programmatic-reference @@ -61,4 +63,3 @@ includedCategories: - Build with Copilot CLI - Administer Copilot CLI --- - diff --git a/content/copilot/how-tos/use-copilot-agents/coding-agent/configuring-agent-settings.md b/content/copilot/how-tos/use-copilot-agents/coding-agent/configuring-agent-settings.md index 306c20a082fc..8f35bca9eaa8 100644 --- a/content/copilot/how-tos/use-copilot-agents/coding-agent/configuring-agent-settings.md +++ b/content/copilot/how-tos/use-copilot-agents/coding-agent/configuring-agent-settings.md @@ -4,8 +4,6 @@ shortTitle: Configuring agent settings intro: 'Learn how to configure settings for {% data variables.copilot.copilot_coding_agent %}' versions: feature: copilot -topics: - - Copilot contentType: how-tos category: - Configure Copilot diff --git a/content/copilot/reference/copilot-cli-reference/cli-plugin-reference.md b/content/copilot/reference/copilot-cli-reference/cli-plugin-reference.md index 5d6261a2a668..0c7aa646287b 100644 --- a/content/copilot/reference/copilot-cli-reference/cli-plugin-reference.md +++ b/content/copilot/reference/copilot-cli-reference/cli-plugin-reference.md @@ -12,7 +12,7 @@ redirect_from: - /copilot/reference/cli-plugin-reference --- -{% data reusables.copilot.cli-help-note %} +{% data reusables.copilot.copilot-cli.cli-help-note %} ## CLI commands @@ -81,7 +81,7 @@ These tell the CLI where to find your plugin's components. All are optional. The ### Example `plugin.json` file -{% data reusables.copilot.cli-example-plugin-file %} +{% data reusables.copilot.copilot-cli.cli-example-plugin-file %} ## `marketplace.json` @@ -91,17 +91,17 @@ You can create a plugin marketplace—which people can use to discover and insta copilot plugin marketplace add /PATH/TO/my-marketplace ``` -{% data reusables.copilot.cli-claude-plugin-dir %} +{% data reusables.copilot.copilot-cli.cli-claude-plugin-dir %} For more information, see [AUTOTITLE](/copilot/how-tos/copilot-cli/customize-copilot/plugins-marketplace). ### Example `marketplace.json` file -{% data reusables.copilot.cli-example-marketplace-file %} +{% data reusables.copilot.copilot-cli.cli-example-marketplace-file %} > [!NOTE] -> {% data reusables.copilot.cli-path-to-plugins %} +> {% data reusables.copilot.copilot-cli.cli-path-to-plugins %} ### `marketplace.json` fields diff --git a/content/copilot/tutorials/roll-out-at-scale/index.md b/content/copilot/tutorials/roll-out-at-scale/index.md index cd311745caa3..9445c192d71e 100644 --- a/content/copilot/tutorials/roll-out-at-scale/index.md +++ b/content/copilot/tutorials/roll-out-at-scale/index.md @@ -10,6 +10,7 @@ children: - /enable-developers - /drive-downstream-impact - /measure-success + - /maintain-codebase-standards redirect_from: - /copilot/rolling-out-github-copilot-at-scale - /copilot/tutorials/rolling-out-github-copilot-at-scale/planning-your-rollout diff --git a/content/copilot/tutorials/roll-out-at-scale/maintain-codebase-standards.md b/content/copilot/tutorials/roll-out-at-scale/maintain-codebase-standards.md new file mode 100644 index 000000000000..25124d794b45 --- /dev/null +++ b/content/copilot/tutorials/roll-out-at-scale/maintain-codebase-standards.md @@ -0,0 +1,87 @@ +--- +title: Maintaining codebase standards in a GitHub Copilot rollout +intro: 'Stay in control of your enterprise''s code with rulesets, security features, and effective training.' +permissions: Enterprise owners +versions: + feature: copilot +shortTitle: Maintain codebase standards +contentType: tutorials +--- + +Most enterprises are aware of the productivity benefits that AI coding tools can bring. However, many worry that improper usage in their company, such as malicious prompts or developers accepting AI suggestions without review, will lead to their codebase's standards being compromised. + +You can mitigate these risks by setting up your {% data variables.product.github %} environment and work culture for effective governance. A major benefit of {% data variables.product.prodname_copilot %} is that it is built into the {% data variables.product.github %} platform, which already contains a range of features for enterprise-grade code governance. + +## 1. Require pull requests and reviews + +Developers and bad actors should never be able to unilaterally apply unvetted AI suggestions or agent work directly to sensitive codebases. You should require an **approved pull request** before users can merge code into production codebases and other important branches. + +To do this, create a ruleset: + +1. Identify organizations or repositories that contain the codebases you want to protect, and **apply a custom property** to them. This will allow you to easily target those resources in a ruleset. See [AUTOTITLE](/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization) or [AUTOTITLE](/enterprise-cloud@latest/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organizations). + + Alternatively, you can add these protected resources to a ruleset manually, or target them based on a naming convention. + +1. Create a branch ruleset for your enterprise. See [AUTOTITLE](/enterprise-cloud@latest/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-governance#creating-a-branch-or-tag-ruleset). + + * Enable at least the **Require a pull request before merging** and **Block force pushes** rules. Under the "Require a pull request" rule, ensure you require at least one approval. + * Enable other rules if required. For example, if you're concerned about bad actors hijacking pull requests, make sure you **dismiss stale pull request approvals** when new commits are pushed. + +1. Encourage repository administrators to set up CODEOWNERS files for specific files in repositories. This will automatically request a review from the code owners when those files are modified. + + Then, you can go back to your ruleset and enable the **Require review from Code Owners** rule. + +1. Encourage organization owners and repository administrators to create more specific rulesets, as they're likely to have more awareness of requirements for their own code. + + These rulesets will add to the baseline that you define at the enterprise level, but will never override it. + +## 2. Test your code + +Good DevOps practices ensure that your code is automatically tested before being merged and deployed, minimizing the risks of errors entering your default branches and surfacing in production environments. + +1. Enable {% data variables.product.prodname_actions %} or another CI/CD system. +1. Encourage developers to write tests for all features and integrate tests into {% data variables.product.prodname_actions %} workflows. +1. Encourage organization owners or repository owners to create rulesets and add important workflows to the **Require workflows to pass before merging** rule. + +## 3. Scan code for vulnerabilities + +{% data variables.product.prodname_copilot_short %} is already designed to avoid introducing vulnerabilities into your codebase. For example, code created by {% data variables.copilot.copilot_coding_agent %} is automatically scanned for vulnerable patterns and secrets such as API keys. + +However, it is good practice to regularly scan all code for vulnerabilities and secrets, and to prevent developers from introducing vulnerabilities in the first place. + +1. As a starting point, apply and enforce the **{% data variables.product.github %}-recommended security configuration** on your organizations. This is a collection of enablement settings for security features including {% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_secret_scanning %}, and secrets push protection. See [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-organization-security/establish-complete-coverage/applying-the-github-recommended-security-configuration-in-your-organization). +1. As you learn more about your needs, create custom configurations or apply granular settings at the repository level. +1. To enforce {% data variables.product.prodname_code_scanning %} on pull requests, go back to your ruleset and enable the **Require {% data variables.product.prodname_code_scanning %} results** rule. + +## 4. Create guidelines for {% data variables.product.prodname_copilot_short %} + +To improve the quality of {% data variables.product.prodname_copilot_short %}'s suggestions in the first place, you should create custom instructions. These instructions add context to all prompts that tells {% data variables.product.prodname_copilot_short %} to follow your company's coding standards. + +1. To establish a good baseline, create **custom instructions at the organization level**. These can be high-level standards that are likely to apply to any repository. However, note that these instructions only apply on the {% data variables.product.github %} website. See [AUTOTITLE](/copilot/how-tos/configure-custom-instructions/add-organization-instructions). +1. For more complete coverage, encourage developers and repository administrators to **write custom instructions for specific repositories**. These apply in more places than organization instructions, and can go into more detail about each project and its requirements. See [AUTOTITLE](/copilot/how-tos/configure-custom-instructions/add-repository-instructions). + +## 5. Encourage best practices + +With strong guardrails in place, developers should already be enabled to use AI effectively. However, it is important to provide training on AI tools and create a culture where best practices are encouraged, rather than just enforced. + +1. Communicate your governance settings and your company's expectations for how developers should use {% data variables.product.prodname_copilot_short %}. For example, if all agent work should be thoroughly reviewed, ensure this process is established and communicated. +1. Create onboarding resources such as internal documentation or videos. For a starting point, share existing resources like [AUTOTITLE](/copilot/using-github-copilot/best-practices-for-using-github-copilot) and [AUTOTITLE](/copilot/copilot-chat-cookbook). +1. Offer ongoing training and support, such as workshops. In successful rollouts, many companies identify "champions" who can train others on how to use {% data variables.product.prodname_copilot_short %} effectively. + +## 6. Plan for the worst + +Even with the strictest guardrails in place, it is always possible that vulnerable or error-prone code will be merged, regardless of whether your developers are using AI tools. + +To prepare for these scenarios, you should plan for how you will address problems and communicate this plan with developers. For example: + +1. Revert a bad pull request and roll back a deployment. +1. Create a discussion post analyzing what went wrong and how to avoid it in the future. +1. Check audit logs for things like ruleset bypasses, incorrect permissions, or changes to governance settings. + +## 7. Check code quality + +If you're confident in your governance model but still concerned that {% data variables.product.prodname_copilot_short %} will reduce the quality of your codebase over time, you can measure this over the course of a rollout. If enabled, {% data variables.product.prodname_code_quality %} provides metrics on the code health of your repositories. See [AUTOTITLE](/code-security/concepts/about-code-quality). + +## Next steps + +Understand how your enterprise can use the audit log to monitor changes to configuration settings and license assignment. See [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-organization/review-activity/review-audit-logs). diff --git a/content/issues/planning-and-tracking-with-projects/understanding-fields/about-issue-fields.md b/content/issues/planning-and-tracking-with-projects/understanding-fields/about-issue-fields.md index 486979c4b342..d8f60230b164 100644 --- a/content/issues/planning-and-tracking-with-projects/understanding-fields/about-issue-fields.md +++ b/content/issues/planning-and-tracking-with-projects/understanding-fields/about-issue-fields.md @@ -5,9 +5,6 @@ intro: 'Learn how to use organization-level issue fields in your projects to tra versions: feature: issue-fields contentType: tutorials -topics: - - Projects - - Issues --- {% data reusables.issues.issue-fields-public-preview-note %} diff --git a/content/issues/tracking-your-work-with-issues/using-issues/adding-and-managing-issue-fields.md b/content/issues/tracking-your-work-with-issues/using-issues/adding-and-managing-issue-fields.md index d07a19dd4ef9..1a271dc13c3b 100644 --- a/content/issues/tracking-your-work-with-issues/using-issues/adding-and-managing-issue-fields.md +++ b/content/issues/tracking-your-work-with-issues/using-issues/adding-and-managing-issue-fields.md @@ -4,8 +4,6 @@ intro: 'You can set, edit, and clear issue field values on individual issues to versions: feature: issue-fields contentType: how-tos -topics: - - Project management shortTitle: 'Using issue fields' permissions: 'People with triage access or greater to a repository can set and edit issue field values.' --- diff --git a/content/issues/tracking-your-work-with-issues/using-issues/managing-issue-fields-in-your-organization.md b/content/issues/tracking-your-work-with-issues/using-issues/managing-issue-fields-in-your-organization.md index 72a09a4fd1f8..7dd224a90bf6 100644 --- a/content/issues/tracking-your-work-with-issues/using-issues/managing-issue-fields-in-your-organization.md +++ b/content/issues/tracking-your-work-with-issues/using-issues/managing-issue-fields-in-your-organization.md @@ -6,8 +6,6 @@ redirect_from: versions: feature: issue-fields contentType: concepts -topics: - - Project management shortTitle: 'Managing issue fields' permissions: 'Organization owners can create and manage issue fields.' --- diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles.md index 0c15a26b07a8..214e7452d78e 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles.md @@ -5,8 +5,6 @@ redirect_from: - /organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles versions: feature: 'custom-org-roles' -topics: - - Organizations shortTitle: Custom roles permissions product: 'Organizations on {% data variables.product.prodname_ghe_cloud %}{% ifversion ghes %} and {% data variables.product.prodname_ghe_server %}{% endif %}' diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-predefined-organization-roles.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-predefined-organization-roles.md index 4aec5d077937..0bd7547e008f 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-predefined-organization-roles.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-predefined-organization-roles.md @@ -3,8 +3,6 @@ title: Permissions of predefined organization roles intro: "Learn about the predefined organization roles and the permissions each role grants in your organization." versions: feature: 'org-pre-defined-roles' -topics: - - Organizations shortTitle: Predefined roles permissions product: 'Organizations on {% data variables.product.prodname_ghe_cloud %}{% ifversion ghes %} and {% data variables.product.prodname_ghe_server %}{% endif %}' --- diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md index 9679a8dc872a..c7592498de2d 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md @@ -10,9 +10,6 @@ versions: fpt: '*' ghes: '*' ghec: '*' -topics: - - Organizations - - Teams shortTitle: Roles in an organization --- diff --git a/content/rest/issues/issue-field-values.md b/content/rest/issues/issue-field-values.md index b00fff186f11..4f422e719adb 100644 --- a/content/rest/issues/issue-field-values.md +++ b/content/rest/issues/issue-field-values.md @@ -6,8 +6,6 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖 fpt: '*' ghec: '*' ghes: '*' -topics: - - API autogenerated: rest allowTitleToDifferFromFilename: true --- diff --git a/content/rest/orgs/issue-fields.md b/content/rest/orgs/issue-fields.md index 6f2c2cf4d100..f96b822402b3 100644 --- a/content/rest/orgs/issue-fields.md +++ b/content/rest/orgs/issue-fields.md @@ -5,8 +5,6 @@ intro: Use the REST API to create and manage issue fields for an organization. versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖 fpt: '*' ghec: '*' -topics: - - API autogenerated: rest allowTitleToDifferFromFilename: true --- diff --git a/data/reusables/copilot/cli-claude-plugin-dir.md b/data/reusables/copilot/copilot-cli/cli-claude-plugin-dir.md similarity index 100% rename from data/reusables/copilot/cli-claude-plugin-dir.md rename to data/reusables/copilot/copilot-cli/cli-claude-plugin-dir.md diff --git a/data/reusables/copilot/cli-example-marketplace-file.md b/data/reusables/copilot/copilot-cli/cli-example-marketplace-file.md similarity index 100% rename from data/reusables/copilot/cli-example-marketplace-file.md rename to data/reusables/copilot/copilot-cli/cli-example-marketplace-file.md diff --git a/data/reusables/copilot/cli-example-plugin-file.md b/data/reusables/copilot/copilot-cli/cli-example-plugin-file.md similarity index 100% rename from data/reusables/copilot/cli-example-plugin-file.md rename to data/reusables/copilot/copilot-cli/cli-example-plugin-file.md diff --git a/data/reusables/copilot/copilot-cli/cli-experimental-chronicle.md b/data/reusables/copilot/copilot-cli/cli-experimental-chronicle.md new file mode 100644 index 000000000000..44243b89899e --- /dev/null +++ b/data/reusables/copilot/copilot-cli/cli-experimental-chronicle.md @@ -0,0 +1,2 @@ +> [!NOTE] +> The `/chronicle` command, and {% data variables.product.prodname_copilot_short %}'s ability to answer questions about your session history, are currently experimental features and are only available if you have used the `/experimental on` slash command, or the `--experimental` command line option. diff --git a/data/reusables/copilot/cli-help-note.md b/data/reusables/copilot/copilot-cli/cli-help-note.md similarity index 100% rename from data/reusables/copilot/cli-help-note.md rename to data/reusables/copilot/copilot-cli/cli-help-note.md diff --git a/data/reusables/copilot/cli-path-to-plugins.md b/data/reusables/copilot/copilot-cli/cli-path-to-plugins.md similarity index 100% rename from data/reusables/copilot/cli-path-to-plugins.md rename to data/reusables/copilot/copilot-cli/cli-path-to-plugins.md diff --git a/data/reusables/security-advisory/private-vulnerability-reporting-configure-notifications.md b/data/reusables/security-advisory/private-vulnerability-reporting-configure-notifications.md index 581606345512..59d98f119f10 100644 --- a/data/reusables/security-advisory/private-vulnerability-reporting-configure-notifications.md +++ b/data/reusables/security-advisory/private-vulnerability-reporting-configure-notifications.md @@ -1,4 +1,4 @@ -When a new vulnerability is privately reported in a repository, {% data variables.product.github %} notifies repository maintainers and security managers if: +When a new vulnerability is privately reported in a repository, {% data variables.product.github %} notifies repository administrators and security managers if: -* They're watching the repository for all activity. +* They're watching the repository for all activity or are subscribed to “Security alerts” notifications. * They have notifications enabled for the repository. diff --git a/src/content-pipelines/state/copilot-cli.sha b/src/content-pipelines/state/copilot-cli.sha index 6f86da6e6ace..5671fd0b5642 100644 --- a/src/content-pipelines/state/copilot-cli.sha +++ b/src/content-pipelines/state/copilot-cli.sha @@ -1 +1 @@ -5dbbfe04bd3b818bd9aafc4e0f53bd94d701aea5 +c083556df9c00259ca1dfb752cd9d926d0b30041