Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 14 additions & 2 deletions content/copilot/reference/ai-models/model-hosting.md
Original file line number Diff line number Diff line change
Expand Up @@ -61,8 +61,6 @@ Used for:
> [!WARNING]
> When {% data variables.copilot.copilot_claude_fable_5 %} is used, Anthropic retains data, including prompts and outputs, to operate safety classifiers that detect harmful use. Other Claude models in {% data variables.product.prodname_copilot %} remain covered by {% data variables.product.github %}'s existing data retention agreements, as documented below. Enterprise and business users need to enable the {% data variables.copilot.copilot_claude_fable_5 %} model to make it available for your organization. You can read more about Anthropic's data handling practices for this model under section F of their [Service Specific Terms](https://www.anthropic.com/legal/service-specific-terms).

{% data reusables.copilot.model-fable-disabled %}

These models are hosted by Amazon Web Services, Anthropic PBC, and Google Cloud Platform. {% data variables.product.github %} has provider agreements in place to ensure data is not used for training. Additional details for each provider are included below:

* Amazon Bedrock: Amazon makes the [following data commitments](https://docs.aws.amazon.com/bedrock/latest/userguide/data-protection.html): _Amazon Bedrock doesn't store or log your prompts and completions. Amazon Bedrock doesn't use your prompts and completions to train any AWS models and doesn't distribute them to third parties_.
Expand Down Expand Up @@ -94,6 +92,20 @@ When using {% data variables.copilot.copilot_gemini %} models, input prompts and

{% data variables.copilot.copilot_mai_code_1_flash %} is a first-party Microsoft model hosted on Azure in {% data variables.product.github %}'s tenant.

## Open-weight models

Open-weight models have publicly available weights. {% data reusables.copilot.open-weight-model-hosting %}

### Moonshot AI models

Used for:

* {% data variables.copilot.copilot_kimi_k27_code %}

{% data variables.copilot.copilot_kimi_k27_code %} was developed by Moonshot AI. It is an open-weight model that may be less aligned than other {% data variables.product.prodname_copilot_short %} models, with an elevated risk of producing harmful content. {% data variables.product.github %}'s content filtering applies, but you should review the [{% data variables.copilot.copilot_kimi_k27_code %} model card](https://huggingface.co/moonshotai/Kimi-K2.7-Code) and conduct your own evaluations before enabling it.

When using {% data variables.copilot.copilot_kimi_k27_code %}, input prompts and output completions continue to run through {% data variables.product.prodname_copilot %}'s content filters for public code matching, when applied, along with those for harmful or offensive content.

## Inline suggestions

Inline suggestions, including ghost text and next edit suggestions, are powered by models hosted on Azure for {% data variables.copilot.copilot_business_short %} and {% data variables.copilot.copilot_enterprise_short %} plans. {% data variables.copilot.copilot_free_short %} and {% data variables.copilot.copilot_student_short %} user models are hosted on Fireworks AI.
6 changes: 1 addition & 5 deletions content/copilot/reference/ai-models/supported-models.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,6 @@ For all of the default AI models, input prompts and output completions run throu

This table lists the AI models available in {% data variables.product.prodname_copilot_short %}, along with their release status.

{% data reusables.copilot.model-fable-disabled %}

{% rowheaders %}

| Model name | Provider | Release status |
Expand Down Expand Up @@ -110,8 +108,6 @@ The following table lists AI models that are retired or scheduled for retirement

The following table shows which models are available in each client.

{% data reusables.copilot.model-fable-disabled %}

{% rowheaders %}

| Model | {% data variables.product.prodname_dotcom_the_website %} | {% data variables.copilot.copilot_cli_short %} | {% data variables.product.prodname_vscode %} | {% data variables.product.prodname_vs %} | Eclipse | Xcode | JetBrains IDEs |
Expand Down Expand Up @@ -161,7 +157,7 @@ The following table shows which AI models are available in each {% data variable
{% data reusables.copilot.available-models-per-plan %}

> [!NOTE]
> If you're an organization or enterprise owner, you can enable or restrict access to specific models for your members. See [AUTOTITLE](/copilot/how-tos/copilot-on-github/set-up-copilot/configure-access-to-ai-models#setup-for-organization-and-enterprise-use).
> * If you're an organization or enterprise owner, you can enable or restrict access to specific models for your members. See [AUTOTITLE](/copilot/how-tos/copilot-on-github/set-up-copilot/configure-access-to-ai-models#setup-for-organization-and-enterprise-use).

## Fallback and long-term support (LTS) models

Expand Down
10 changes: 8 additions & 2 deletions content/copilot/reference/copilot-billing/models-and-pricing.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,6 @@ All prices are **per 1 million tokens**.

Anthropic models include a cache write cost in addition to cached input.

{% data reusables.copilot.model-fable-disabled %}

| Model | Release status | Category | Input | Cached input | Cache write | Output |
| --- | --- | --- | ---: | ---: | ---: | ---: |
| {% for entry in tables.copilot.models-and-pricing %}{% if entry.provider == "anthropic" %} |
Expand Down Expand Up @@ -77,6 +75,14 @@ Anthropic models include a cache write cost in addition to cached input.
| {{ entry.model }} | {{ entry.release_status }} | {{ entry.category }} | {{ entry.input }} | {{ entry.cached_input }} | {{ entry.output }} |
| {% endif %}{% endfor %} |

### Moonshot AI

| Model | Release status | Category | Input | Cached input | Output |
| --- | --- | --- | ---: | ---: | ---: |
| {% for entry in tables.copilot.models-and-pricing %}{% if entry.provider == "moonshot_ai" %} |
| {{ entry.model }} | {{ entry.release_status }} | {{ entry.category }} | {{ entry.input }} | {{ entry.cached_input }} | {{ entry.output }} |
| {% endif %}{% endfor %} |

## Code completions

{% data reusables.copilot.tbb-completions %}
Expand Down
2 changes: 1 addition & 1 deletion data/release-notes/enterprise-server/3-17/17.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ date: '2026-06-30'
sections:
security_fixes:
- |
**HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments.
**MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program.
- |
**MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program.
- |
Expand Down
2 changes: 1 addition & 1 deletion data/release-notes/enterprise-server/3-18/11.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ date: '2026-06-30'
sections:
security_fixes:
- |
**HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments.
**MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program.
- |
**MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program.
- |
Expand Down
2 changes: 1 addition & 1 deletion data/release-notes/enterprise-server/3-19/8.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ date: '2026-06-30'
sections:
security_fixes:
- |
**HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments.
**MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program.
- |
**MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program.
- |
Expand Down
2 changes: 1 addition & 1 deletion data/release-notes/enterprise-server/3-20/4.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ date: '2026-06-30'
sections:
security_fixes:
- |
**HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments.
**MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program.
- |
**MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program.
- |
Expand Down
2 changes: 1 addition & 1 deletion data/release-notes/enterprise-server/3-21/2.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ sections:
You can now run the pre-upgrade stage of an upgrade outside the maintenance window using `ghe-upgrade --phase pre-upgrade -y UPGRADE-PACKAGE-FILENAME`. Running the pre-upgrade stage in advance can reduce in-maintenance upgrade time by up to 20 minutes. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-upgrade). Additional functionality and documentation will be available when you upgrade to 3.22 and later versions.
security_fixes:
- |
**HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments.
**MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program.
- |
**MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program.
- |
Expand Down
1 change: 1 addition & 0 deletions data/reusables/copilot/open-weight-model-hosting.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
These models are hosted on US-based Azure AI Foundry infrastructure managed by {% data variables.product.github %} and Microsoft. Customer prompts and responses are not sent to the original model developers.
6 changes: 6 additions & 0 deletions data/tables/copilot/model-comparison.yml
Original file line number Diff line number Diff line change
Expand Up @@ -110,3 +110,9 @@
task_area: General-purpose coding and writing
excels_at: Fast, accurate code completions and explanations
further_reading: 'Coming soon'

# Open-weight models
- name: Kimi K2.7 Code
task_area: General-purpose coding and agent tasks
excels_at: Fast, reliable answers to lightweight coding questions
further_reading: '[Kimi K2.7 Code model card](https://huggingface.co/moonshotai/Kimi-K2.7-Code)'
5 changes: 5 additions & 0 deletions data/tables/copilot/model-release-status.yml
Original file line number Diff line number Diff line change
Expand Up @@ -108,3 +108,8 @@
- name: 'Raptor mini'
provider: 'Fine-tuned GPT-5 mini'
release_status: 'GA'

# Open-weight models
- name: 'Kimi-K2.7-Code'
provider: 'Moonshot AI'
release_status: 'GA'
9 changes: 9 additions & 0 deletions data/tables/copilot/model-supported-clients.yml
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,15 @@
xcode: true
jetbrains: true

- name: Kimi-K2.7-Code
dotcom: true
cli: true
vscode: true
vs: true
eclipse: false
xcode: false
jetbrains: true

- name: Raptor mini
dotcom: false
cli: false
Expand Down
7 changes: 7 additions & 0 deletions data/tables/copilot/model-supported-plans.yml
Original file line number Diff line number Diff line change
Expand Up @@ -165,3 +165,10 @@
max: true
business: false
enterprise: false

- name: Kimi-K2.7-Code
pro: true
pro_plus: true
max: true
business: false
enterprise: false
9 changes: 9 additions & 0 deletions data/tables/copilot/models-and-pricing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -267,3 +267,12 @@
cached_input: $0.025
output: $2.00
notes: Uses GPT-5 mini pricing

# Open-weight models
- model: 'Kimi K2.7 Code'
provider: moonshot_ai
release_status: GA
category: Versatile
input: $0.95
cached_input: $0.19
output: $4.00
2 changes: 2 additions & 0 deletions data/variables/copilot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,8 @@ copilot_qwen_25: 'Qwen2.5'
copilot_mai_code_1_flash: 'MAI-Code-1-Flash'
# Microsoft fine-tuned:
copilot_raptor_mini: 'Raptor mini'
# Open-weight models:
copilot_kimi_k27_code: 'Kimi K2.7 Code'

## Current model used by Copilot cloud agent and Copilot CLI
cca_current_model: '{% data variables.copilot.copilot_claude_opus_46 %}'
Expand Down
Loading