About policies for GitHub Copilot
Organization owners can set policies to govern how GitHub Copilot can be used within the organization. For example, an organization owner can enable or disable the following Copilot features (unless an enterprise owner has blocked access to these features at the enterprise level):
- Copilot in GitHub.com (if your organization has a Copilot Enterprise subscription)
- Copilot Chat in the IDE
- Copilot Chat in GitHub Mobile
- Copilot in the CLI
- Suggestions matching public code
The policy settings selected by an organization owner determine the behavior of GitHub Copilot for all organization members that have been granted access to Copilot through the organization.
Copilot policies are also managed at the enterprise level. If your organization is part of an enterprise, and explicit settings have been selected at the enterprise level, you cannot override those settings at the organization level. For more information on managing policies at the enterprise level, see "Managing policies and features for Copilot in your enterprise."
Policies for suggestion matching
Organization settings include an option to either allow or block code completion suggestions that match publicly available code. If you choose to block suggestions matching public code, GitHub Copilot will check potential code completion suggestions and the surrounding code of about 150 characters against public code on GitHub. If there is a match, or a near match, the suggestion is not shown.
If your enterprise admin has selected No policy for suggestion matching at the enterprise level, you can set a suggestion matching policy for your organization.
If an organization member is assigned a seat by multiple organizations with different suggestion matching policies under the same enterprise, GitHub Copilot will use the most restrictive policy.
Enabling Copilot features in your organization
-
In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
-
Next to the organization, click Settings.
-
In the sidebar, under "Code, planning, and automation", click Copilot, and then click Policies.
-
Use the dropdown options to the right of each feature to enable or disable that feature for your organization.
For example, to enable or disable suggestion matching, in the "Suggestions matching public code" dropdown, select Allowed or Blocked.
-
If your organization has a Copilot Enterprise subscription and you enable Copilot in GitHub.com, two additional options are displayed. Depending on your enterprise settings, you may be able to change the settings for these options.
-
Opt in to user feedback collection: If enabled, users can provide feedback on Copilot pull request summaries. For more information, see "Creating a pull request summary with GitHub Copilot."
-
Previews of Copilot features: If enabled, users can test new Copilot features that are not yet generally available. Be aware that previews of features may have flaws, and the features may be changed or discontinued at any time. Current previews of Copilot features include:
- Copilot text completion. For more information, see "Using Copilot text completion."
- Asking Copilot why a workflow has failed. For more information, see "Asking GitHub Copilot questions in GitHub.com."
- The ability for Copilot to plan a strong response by asking for additional information when a prompt is unclear, then determining which skills it should use to respond. For more information on skills, see "Asking GitHub Copilot questions in GitHub.com."
-
Setting a policy for GitHub Copilot Extensions in your organization
Note
GitHub Copilot Extensions is in public beta and subject to change.
GitHub Copilot Extensions integrate external tools with GitHub Copilot Chat. See "Using extensions to integrate external tools with Copilot Chat."
Before you install Copilot Extensions in your organization, you should set a usage policy for your organization. Setting a usage policy allows you to enable or disable Copilot Extensions for all members of your organization, limiting your security risk.
If Copilot Extensions have not been enabled or disabled at the enterprise level, you can set a Copilot Extensions policy for your organization.
- In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
- Next to the organization, click Settings.
- In the sidebar, under "Code, planning, and automation", click Copilot, and then click Policies.
- In the "Copilot Extensions" section, select the dropdown menu, then enable or disable Copilot Extensions for your organization.
Managing permissions for a GitHub Copilot Extension in your organization
After you have installed a Copilot Extension in your organization, you can view the permissions the extension has in your organization, and why those permissions are necessary. If you do not want the Copilot Extension to have the listed permissions, you can suspend or uninstall the extension.
- In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
- Next to the organization, click Settings.
- In the sidebar, under "Third-party Access," click GitHub Apps. A list of the GitHub Apps installed on your organization will be displayed.
- Optionally, to filter your installed GitHub Apps for Copilot Extensions, select the Filter: dropdown menu, then click Copilot Extensions.
- Next to the Copilot Extension you want to review or modify, click Configure.
- In the "Permissions" section, review the permissions listed for the Copilot Extension. Optionally, you can block the Copilot Extension's access to your organization in one of two ways:
- To indefinitely suspend the Copilot Extension's access to resources in your organization while keeping the extension installed, in the "Danger zone" section, click Suspend.
- To uninstall a Copilot Extension completely, in the "Danger zone" section, click Uninstall.