PROEVERYTHING & even more
Code Read the original on Github 2 min read 1

GitHub introduces new controls for Copilot code review

GitHub has launched a series of significant configuration updates for its Copilot code review tool to provide developers with greater administrative oversight. The update introduces organization-level runner controls, expanded content exclusion capabilities, and the removal of character limits on custom instructions. These changes allow enterprise teams to better manage how AI interacts with their private repositories while maintaining stricter security boundaries over sensitive data.

#GitHub #Copilot #Software Development #AI #DevOps
Силует логотипа GitHub у формі кота всередині синього кола з написом Changelog та позначкою Improvement на темному фоні з сіткою.
Силует логотипа GitHub у формі кота всередині синього кола з написом Changelog та позначкою Improvement на темному фоні з сіткою. · Image source: Github

According to Github, the latest updates to Copilot code review aim to provide organizations with more granular control over how the AI agent operates within their development workflows. By leveraging an agentic architecture powered by GitHub Actions, the platform now allows for deeper customization of infrastructure and security parameters.

Organization-level runner management

One of the primary technical shifts involves how Copilot code review handles execution environments. While the service defaults to standard GitHub-hosted runners, teams can now specify self-hosted or large runners to meet specific performance or compliance requirements. A key addition is the ability for organization administrators to set a default runner type that applies globally.

This centralized management simplifies deployment across multiple projects by allowing admins to:

  • Set a default runner automatically for all repositories within an organization.
  • Lock the runner setting to ensure the organization-level configuration overrides any individual repository settings.
  • Apply these configurations simultaneously to both Copilot code review and Copilot cloud agent services.

Enhanced content exclusion and instruction limits

To address security and relevance concerns, Github reports that Copilot code review now respects content exclusion settings at the repository, organization, and enterprise levels. This means administrators can define specific paths or directories that the AI is strictly prohibited from accessing during its analysis process.

Furthermore, the platform has removed a previous technical constraint regarding custom instructions. Developers can now provide more extensive guidance in copilot-instructions.md files without hitting the old 4000-character ceiling. This change allows for more nuanced prompting and complex rule definitions within the .github directory.

Strategic implications for enterprise AI

These updates reflect a broader trend toward making AI tools more 'enterprise-ready' by prioritizing governance over raw functionality. By providing mechanisms to exclude sensitive data and standardize infrastructure, Github is lowering the barrier for companies with strict regulatory requirements to adopt automated code auditing at scale.

FAQ

Can I use my own runners for Copilot code review?
Yes, teams can now specify self-hosted or large runners to meet performance or compliance requirements instead of using standard GitHub-hosted runners. Organization administrators can also set a default runner type that applies globally across all repositories.
How do I prevent Copilot from accessing sensitive directories?
Administrators can define specific paths or directories in content exclusion settings at the repository, organization, and enterprise levels. The AI is strictly prohibited from accessing these defined areas during its analysis process.
Telegram

Fresh news on our Telegram

Get instant alerts for new posts in «Code»

@procodeandevenmore