GitHub CoPilot Upgrades Generative AI Coding Suggestions and Security
GitHub has augmented its Copilot AI assistant to offer higher-quality suggestions for programmers more quickly than before. The update enables Copilot to write code that better fits the larger project and reduces unwanted and insecure coding suggestions.
GitHub introduced Copilot as an AI pair programmer last year after an extended technical preview. Copilot performs as the junior partner to a developer, offering ideas, spotting errors, and generally improving coding projects. GitHub developed the service from a variation of OpenAI’s GPT-3 large language model called Codex and designed it to adapt to individual programmer styles. The latest update builds on the initial design by upgrading the Codex model to respond more quickly and with better suggestions.
The company claims the Copilot released in June would provide a little over a quarter of developers’ code files. The latest iteration writes 46% of the code, rising to 61% if the programmer writes in Java. Copilot also now employs a “new paradigm” referred to as Fill-In-the-Middle that uses not only the initial code prefix but any code suffixes to provide ideas for prompt suggestions that leave a gap for Copilot to fill in. Meanwhile, the new Copilot client-side model can consider factors like previously accepted or rejected suggestions to refine recommendations and reduce future rejections.
Copilot’s other major upgrade uses AI to prevent “insecure coding patterns” from appearing. That means stopping the AI from inserting keys, credentials, passwords, and other insecurities that might cause problems later on for programmers. The AI spots and replaces any insecure patterns even as it generates them. Doing so also stops potential long-term attacks on programs via public datasets used to train Copilot’s AI that are deliberately filled with vulnerabilities for later exploitation.
Copilot had already been making programmers happy, making them likely to code faster and feel “more fulfilled with their job,” according to a survey of over 2,000 programmers that GitHub ran last year. Nearly three-quarters said Copilot enabled them to “focus on more satisfying work” because the AI helped dispatch the more tedious and repetitive elements of coding. The company is also working on adding voice controls to Copilot. These upgrades will probably continue the current run of generative AI success stories for OpenAI.
“Since we first launched GitHub Copilot, we have worked to improve the quality and responsiveness of its code suggestions by upgrading the underlying Codex model. We also developed a new security vulnerability filter to make GitHub Copilot’s code suggestions more secure and help developers identify insecure coding patterns as they work,” GitHub senior director of product management Shuyin Zhao wrote in a blog post announcing the update. “With GitHub Copilot, we’re enabling developers to reach that magical flow state—which includes delivering fast, accurate vulnerability prevention right from the editor. This, combined with GitHub Advanced Security’s vulnerability detection and remediation capabilities, provides an end-to-end seamless experience for developers to secure their code.”