GitHub Copilot gets AI-based vulnerability filtering system, better code suggestions in new update

February 15, 2023

Is Copilot the best AI companion out there? Help us find out by answering a couple of quick questions!

To further promote Copilot, GitHub is giving it an update, which will bring a set of new capabilities. According to GitHub, this update will benefit both users in the Copilot for Individuals and Copilot for Business plans.

Copilot is an AI-based coding tool that offers autocomplete-style suggestions while the users code. It complements Visual Studio, Neovim, and JetBrains integrated development environments, making code writing easier and faster for developers. In December, GitHub announced its ‘Copilot for Business,’ which costs $19 per user monthly. Aside from the features in the single-license Copilot tier, the business plan includes license management and organization-wide policy management capabilities. This collection of capabilities is now getting an expansion with a new update GitHub is pushing for Copilot for Individuals and Copilot for Business plans.

First of these improvements are the corporate proxy support (including those with self-signed certificates) specifically for Copilot for Business and the better quality of code suggestions in the entire Copilot tool. According to GitHub, the latter is made possible through the upgraded AI Codex model, the new Fill-In-the-Middle paradigm, and a lightweight client-side model.

“To improve the quality of GitHub Copilot’s code suggestions, we have updated the underlying Codex model resulting in large scale improvements to the quality of code suggestions and reduction of time to serve those suggestions to the users,” shares Shuyin Zhao, senior director of product management at GitHub.

Aside from this, Copilot also now boasts AI-based vulnerability filtering. The system, which automatically blocks common insecure code suggestions, targets issues like hardcoded credentials, SQL injections, and path injections. According to GitHub, this should make Copilot’s suggestions to users more secure.

“The new system leverages LLMs to approximate the behavior of static analysis tools—and since GitHub Copilot runs advanced AI models on powerful compute resources, it’s incredibly fast and can even detect vulnerable patterns in incomplete fragments of code,” explains Zhao. “This means insecure coding patterns are quickly blocked and replaced by alternative suggestions.”

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}