April ‘26 enterprise roundup

April 10, 2026

Events

While GitHub hosts our own marquee events like Universe and Galaxy each year, you will also find GitHub participating in other industry events. Here is the latest news about upcoming conferences and webinars.

📅 GitHub Universe - Universe is coming. So is your chance to be on stage. GitHub Universe 2026 heads back to San Francisco on October 28–29 and The GitHub Universe Call for Sessions is open April 8 to May 1. Share practical lessons on what you shipped, how you scaled, what broke, and what worked. You’ll share your work with developers, open source maintainers, and security leaders, plus enterprise engineering and platform teams evaluating what to adopt next. No full session idea? No problem. We're also accepting speaker nominations, so you can throw your hat in the ring (or someone else's) without a complete proposal.
📺 GitHub Roadmap Webinar, Q1 2026 - GitHub is evolving from AI-assisted tools to an agentic, end-to-end AI-powered SDLC platform. In this 60‑minute Q1 2026 roadmap session, GitHub’s chief product officer connects recently shipped features with near-term investments across GitHub and GitHub Copilot, demonstrating how agentic AI accelerates workflows, improves quality and efficiency, and enables enterprise-grade governance. The session highlights how these capabilities work together as an integrated platform that delivers speed, quality, and control at scale—while preserving developer choice across IDEs, the CLI, and diverse workflows without locking organizations into a single model.
📅 KUWC: Making AI a Developer Team Sport – May 28, Join us online for a look at the next wave of AI-powered software delivery, AI-assisted collaboration. Software development is a team sport, and while developers have used AI to accelerate individual workflows, the biggest gains ahead will come from helping teams work better together across people, projects, and pull requests.
📅 Microsoft Build 2026 - Microsoft Build is occurring in San Francisco at Fort Mason on June 2-3, 2026. GitHub will be front and center at the event and will be participating across all session types, expert meet up spaces, and event activations. At Microsoft Build, you'll go deep on real code, real systems, and real workflows with the teams building and scaling AI. Two days. Hands-on sessions. No fluff.

Enterprise Management & Governance

We have been listening to our enterprise customers for years. We are excited to share product updates and new guidance to assist those who manage GitHub for hundreds if not thousands of stakeholders. This month's updates demonstrate how we are acting on your feedback to address the issues in multiple areas you face managing GitHub Enterprise at scale. General

🛡️ GitHub achieves ISO/IEC 42001 Certification - Published March 25, 2026 - Enterprise AI has moved from experimentation to production with measurable impact. Programs are delivering ~3.7x ROI, and over 80% of Fortune 500 companies are operating AI agents in core workflows. As adoption scales, governance becomes the limiter. Durable ROI depends on embedding responsible AI into the development lifecycle. Enterprise-grade AI governance at scale - GitHub is extending ISO/IEC 42001:2023 certification across the GitHub Copilot portfolio, reinforcing our commitment to independently audited, responsible AI practices. In practice, whether customers use Copilot for developer productivity, enterprise workflows, or custom agents, the same consistent governance controls and assurance model apply. Click here to obtain a copy of GitHub ISO/IEC 42001:2023 Certificate 2026.
🗣️ The Complete Guide to Migrating to GitHub Enterprise Managed Users - Part 1: Discovery & Decision - This opening installment of a six-part migration series lays out the strategic groundwork for an EMU migration—helping enterprise administrators define clear goals, evaluate whether EMU is the right architectural fit, and secure stakeholder buy-in before any technical work begins. Drawing on hard-won field lessons, the guide introduces a six-phase roadmap (12–26 weeks end-to-end), establishes the iterative migration pattern for moving teams in batches rather than all at once, and sets a frank tone about the complexity involved—making it essential reading for any enterprise planning this identity architecture transition.
🚢 GitHub Code Quality enterprise policy - Enterprise administrators can now manage GitHub Code Quality availability independently from Code Security within GitHub Advanced Security policies, enabling finer-grained governance over who gets access to code quality analytics without unintentionally enabling other security tooling or triggering licensing implications.
🚢 Code Quality permissions removed from security manager role - Only repository administrators can now enable or disable Code Quality settings, refining the security manager role to focus exclusively on security products per the principle of least privilege.
🚢 Codespaces is now generally available for GitHub Enterprise with data residency - GitHub Codespaces is now generally available for all GitHub Enterprise Cloud accounts with data residency in all supported regions (Australia, EU, Japan, and US), giving regulated enterprises secure cloud development environments with full feature parity and enterprise-owned Codespaces for data locality compliance.
🚢 EU data residency region expanding to include EFTA countries - Starting May 1, 2026, GitHub Enterprise Cloud's EU data residency region will expand to include Azure infrastructure in Norway and Switzerland (EFTA countries), aligning with Microsoft's EU Data Boundary—organizations that require data strictly within EU member states should contact their account team before May 1.
🚢 Lock and unlock draft repository security advisories - Repository administrators can now lock draft security advisories to prevent collaborator edits while preserving the ability to discuss, giving teams tighter control over vulnerability disclosure workflows.
🚢 Push protection exemptions for apps, teams, and roles - Organizations gain enhanced granular controls and audit logging for push protection bypass exemptions across GitHub Apps, teams, and roles, with full REST API and webhook support for compliance tracking.
🚢 Push protection exemptions from repository settings - Repository administrators can now configure secret scanning push protection exemptions at the repository level—designating specific roles, teams, or apps to bypass enforcement at push time—extending a capability previously available only at the organization and enterprise levels for more granular, repository-specific security governance.
🚢 Email notifications for included usage thresholds - GitHub now proactively alerts account owners and billing managers by email at 90% and 100% of their monthly included usage for Actions, Packages, Git LFS, and Codespaces. Each notification identifies the affected account, specifies the product, and includes a direct link to budgets—giving enterprises the visibility they need to avoid unexpected overages and keep critical workflows running without interruption.
🚢 Deprecating the cost center integration on the enterprise People page - The cost center filter, status, and CSV export columns on the enterprise People page are being removed in favor of the dedicated cost center management page under Billing settings.

GitHub Enterprise Server

🚢 GitHub Enterprise Server 3.20 is now generally available - GHES 3.20 delivers immutable releases, built-in backup management, enterprise teams preview, expanded secret scanning validity checks, and a new enterprise security manager role.
🗣️ Understanding Data Replication in High Availability Configurations for GitHub Enterprise Server - GHES administrators running HA configurations often encounter replication lag and failover issues that the official documentation doesn't fully explain—this deep dive covers the hub-and-spoke replication architecture, per-data-type mechanics for Git, MySQL, Redis, Elasticsearch, file storage, and Pages, and the key performance factors including network bandwidth, repository size, and maintenance windows. For enterprise platform teams responsible for GHES reliability, understanding these replication internals is critical for proactive monitoring, capacity planning, and executing clean failovers without data loss.
📢 How we rebuilt the search architecture for high availability in GitHub Enterprise Server - Search is a foundational dependency in GitHub Enterprise Server, and for years its high-availability architecture carried hidden failure modes that could turn routine maintenance into platform outages. This post breaks down how GitHub rebuilt search to align with true leader/follower semantics using Elasticsearch cross-cluster replication—eliminating a long‑standing class of HA risks while reducing operational burden. If you run or design mission‑critical distributed systems, this is a practical case study in when—and how—to re‑architect core infrastructure instead of layering on more workarounds.

GitHub Copilot & AI NOTE: As of April 1, the GitHub Copilot coding agent is now known as the GitHub Copilot cloud agent, see Research, plan, and code with Copilot cloud agent - GitHub Changelog.

📄 Resources for getting approval to use Copilot - Before rolling out GitHub Copilot Business or Enterprise, most organizations must obtain signoff from legal, compliance, and cybersecurity teams—and this page collects the key resources (terms, DPA, trust center, compliance attestations, and network requirements) that accelerate that signoff process. Having these materials organized and ready shortens procurement cycles and helps internal stakeholders evaluate Copilot's data handling and regulatory compliance with confidence.
📄 Maintaining codebase standards in a GitHub Copilot rollout - This guide walks enterprise owners through using GitHub's built-in governance features—branch rulesets, CODEOWNERS files, required CI/CD workflows, and security configurations—to ensure AI-generated code meets the same quality and safety bar as human-written code. Establishing policy-enforced review gates, automated testing, and security scanning before merging is critical to maintaining codebase integrity as Copilot adoption scales across engineering organizations.
🥼 GitHub Next Repo Mind - This GitHub Next research prototype combines vector-based semantic search with a GraphRAG-style hierarchical graph of code declarations and documentation to give both developers and AI agents a holistic understanding of large GitHub repositories—answering fine-grained questions ("Where is X implemented?") and high-level architecture questions from the same index. For enterprise platform teams managing sprawling codebases, this research direction points toward AI-native code navigation that could dramatically reduce the time spent onboarding developers or orienting AI agents to unfamiliar code. NOTE: This is currently a Research Prototype so, may or may not lead new product capabilities.
📚 GitHub Copilot Hackathon Playbook for Enterprise Admins - This playbook gives enterprise administrators a step-by-step framework for planning and running internal hackathons that build practical GitHub Copilot skills and drive measurable business outcomes—from template-based team formation and challenge structuring through to a champion-led model that transforms one-off events into a repeatable engine for Copilot adoption at scale. For organizations looking to accelerate an AI-native development culture while tracking ROI, this guide provides the operational scaffolding to make hackathons a sustainable, company-wide enablement strategy.
🚢 Organization firewall settings for Copilot cloud agent - Organization administrators can now configure Copilot cloud agent firewall settings at the organization level—setting defaults for firewall activation, the recommended allowlist, custom allowlist entries for internal package registries, and whether repository admins can add their own entries—enabling centralized, compliance-aware governance of AI agent internet access without requiring per-repository manual configuration.
🚢 Organization runner controls for Copilot cloud agent - This update explains how enterprise teams can centrally define and enforce where Copilot’s cloud agent runs—unlocking better performance, access to internal resources, and consistent guardrails across all repositories without per-repo setup.
🚢 Configure Copilot coding agent’s validation tools - Repository admins can now toggle which built-in validation tools—CodeQL, advisory database, secret scanning, and Copilot code review—the coding agent runs, giving teams flexibility to tune security and performance per project.
🚢 Manage Copilot coding agent repository access via the API - Organization owners can now use new public preview REST APIs to programmatically set which repositories the Copilot coding agent can access—choosing from none, all, or only selected repositories—enabling compliance-aware, Infrastructure as Code-driven governance of AI agent permissions at scale.
🚢 Copilot organization custom instructions are generally available - Organization administrators on Copilot Business and Enterprise can now define a shared set of AI instructions that apply by default across all Copilot surfaces—including Chat, code review, and the cloud agent on GitHub.com—giving enterprises a centralized, policy-driven mechanism to enforce coding standards, redirect queries to internal resources, and standardize AI behavior consistently across every developer seat.
🚢 Trace any Copilot coding agent commit to its session logs - Every Copilot coding agent commit now includes an Agent-Logs-Url trailer linking directly to the full session logs, providing permanent traceability for audit, compliance, and code review.
🚢 Discover and manage agent activity with new session filters - Enterprise administrators can now filter Copilot coding agent sessions by status, repository, and user for granular tracking and governance of AI-powered automation across their organization.
🚢 Copilot usage metrics now includes per-user GitHub Copilot CLI activity in organization reports - Organization admins can now track individual user Copilot CLI activity—including session counts, request totals, token usage, and CLI version—within organization-level usage reports, providing per-developer visibility into command-line AI adoption to support seat utilization analysis, upgrade planning, and targeted enablement.
🚢 Copilot usage metrics now identify active Copilot coding agent users - Enterprise and organization admins can now see which individual users have Copilot coding agent activity in the usage metrics dashboard and API, enabling more accurate tracking of AI agent adoption and seat utilization beyond traditional IDE usage.
🚢 Copilot usage metrics now includes user-level GitHub Copilot CLI activity - Administrators can now track individual user engagement with Copilot CLI in the usage metrics dashboard, giving organizations granular visibility into command-line adoption for seat utilization and ROI analysis.
🚢 Copilot usage metrics now includes organization-level GitHub Copilot CLI activity - Organizations can now monitor aggregate Copilot CLI usage across all teams in the metrics dashboard, enabling data-driven decisions on license allocation and adoption tracking.
🚢 Copilot usage metrics now resolve auto model selection to actual models - The usage metrics dashboard and API now display the actual model name instead of “Auto” when auto-selection is enabled, giving administrators precise visibility into which models their teams are using.
🚢 Optionally skip approval for Copilot coding agent Actions workflows - Repository admins can now bypass the manual approval step for Actions workflows triggered by the Copilot coding agent, accelerating the feedback cycle for agent-driven code changes.

GitHub Platform

📢 Addressing GitHub’s recent availability issues - GitHub shares a transparent account of recent service disruptions, detailing the root causes, immediate stabilization measures, and longer-term infrastructure and monitoring improvements underway to restore reliability. The post lays out the engineering priorities and architectural changes designed to prevent recurrence—essential reading for enterprise teams planning around platform uptime commitments.
📢 GitHub Availability Report: February 2026 - The monthly report details six incidents that caused degraded performance across GitHub services in February 2026, with breakdowns of each incident’s impact, root cause, and remediation steps. Enterprise teams can use this transparency to track GitHub’s reliability trajectory and inform their own continuity and resilience planning.
🚢 REST API version 2026-03-10 is now available - The first calendar-based REST API version with breaking changes is now available, while the prior 2022-11-28 version remains fully supported for at least 24 months.
🚢 The Security tab is now Security & quality - The repository Security tab has been renamed "Security & quality" across all repositories, organizations, and enterprises on GitHub.com, consolidating code quality findings alongside security alerts in a single unified view—with no changes to API endpoints or existing URLs, making adoption seamless for enterprise teams.
🚢 New pull requests dashboard is in public preview - The refreshed pull requests dashboard at github.com/pulls introduces a prioritized inbox of PRs requiring your attention, saved custom views with advanced AND/OR filtering across repositories and organizations, and includes Copilot-authored PRs in "Authored by me"—giving developers a unified hub for managing all pull requests efficiently.
🚢 Quick access to merge status in pull requests is in public preview - Merge readiness now appears at the top of every pull request page—including the Files changed view—so developers can instantly see and resolve blockers without navigating between tabs.
🚢 View code and comments side-by-side in pull request Files changed page - New docked panels in the Files changed view let reviewers keep comments, PR overview, merge status, and security alerts visible alongside code diffs, eliminating tab-switching during code review.
🚢 GitHub Changelog - GitHub Platform - Skim through all of the recent GitHub Platform related changes.

Developer Skills

General developer expertise based on our own experience and the collective experience of our customers and partners. It's time to start diving into how AI is going to work alongside you to make you a better, more productive developer, not replace you.

📢 & 📺 Scaling AI opportunity across the globe: Learnings from GitHub and Andela (2:48) - This post shares concrete lessons from GitHub and Andela on what actually works when scaling AI adoption in real-world, production engineering teams—especially in globally distributed environments. It shows why embedding tools like GitHub Copilot directly into day‑to‑day development workflows (not side experiments) leads to faster skill development, higher confidence, and more meaningful impact. If you’re responsible for growing AI capability across teams, this offers a proven, repeatable model for turning AI investment into measurable productivity and talent outcomes.
📢, 📺 & 🙋‍♂️ GitHub for Beginners: Getting started with GitHub Actions (8:03) - This beginner-friendly guide walks new developers through setting up their first GitHub Actions workflow step by step, covering automation fundamentals like triggers, jobs, and runners in a hands-on format. It’s a practical onboarding resource for teams looking to upskill developers who are new to CI/CD automation on the GitHub platform.
📢, 📺 & 🙋‍♂️ GitHub for Beginners: Getting started with GitHub security (5:02) - GitHub’s built-in security toolkit—including Dependabot for dependency vulnerability scanning, secret scanning for detecting exposed credentials, CodeQL for code vulnerability analysis, and Copilot Autofix for AI-assisted remediation—provides enterprise-grade protection that developers new to security can enable in minutes with no specialized expertise. For teams onboarding junior developers or standardizing security practices across repositories, this walkthrough demonstrates that building a strong security posture early prevents the technical debt and exposure that accumulate when security is bolted on later.

AI & ML - GitHub Copilot

Recent advancements and feature updates for GitHub Copilot, with a particular focus on the GitHub Copilot cloud agent, GitHub Copilot CLI and the GitHub Copilot SDK. GitHub Copilot cloud agent NOTE: As of April 1, the GitHub Copilot coding agent is now known as the GitHub Copilot cloud agent, see Research, plan, and code with Copilot cloud agent - GitHub Changelog.

🚢 Research, plan, and code with Copilot cloud agent - The Copilot cloud agent now supports branch-first coding without immediately opening a pull request, on-demand implementation plan generation for human review before any code is written, and deep research sessions grounded in full repository context—accessible via the Agents tab or Copilot Chat on all paid Copilot plans (admin-enabled for Business/Enterprise).
📺 Put GitHub Copilot cloud agent to work - Research, plan and code (0:49) - GitHub Copilot cloud agent on github.com (formerly known as the GitHub Copilot coding agent) just got a lot more flexible. You can now it use it to research, plan, and make code changes without needing to open a pull request first. Copilot now gives you more flexibility in how and when you move your work forward by letting you decide when you want a pull request to be created for a code change.
📢 Ten Months with Copilot Coding Agent in dotnet/runtime - Microsoft’s .NET team ran GitHub Copilot Coding Agent on the dotnet/runtime repository for ten months—one of the most rigorous, high-stakes open source codebases in the world—resulting in 878 agent-opened pull requests, 535 merged, and over 95,000 lines of code added across performance improvements, bug fixes, test coverage, and infrastructure updates. The experiment shows that CCA performs best on well-scoped, context-rich tasks and requires the same human review discipline as any other code change, while delivering a reported 50–70% reduction in issue resolution time. For enterprise engineering leaders evaluating how much agentic AI can safely accelerate development in high-rigor environments, this ten-month production study provides one of the most credible benchmarks available.
📢 60 million Copilot code reviews and counting - Copilot Code Review has grown 10-fold since its launch and now accounts for over 20% of all code reviews on GitHub—driven by a deliberate shift from high comment volume to high-signal feedback that actually accelerates pull request completion. The post details the agentic architecture upgrade that gives Copilot full-repository context and dynamic reasoning, and explains how the team uses real production outcomes—like whether flagged issues are resolved before merging—to continuously sharpen accuracy and reduce review noise for enterprise teams.
🚢 Copilot code review now runs on an agentic architecture - Now generally available, Copilot Code Review uses agentic tool-calling to gather full repository context and deliver higher-signal, architecture-aware feedback with fewer but more actionable comments.
📢 Agent-driven development in Copilot Applied Science - GitHub’s Copilot Applied Science team shares a firsthand account of using coding agents to build other coding agents—producing 345 files and over 28,000 lines of code in just three days—by shifting humans into the roles of architecture, review, and prompt engineering rather than line-by-line implementation. The post delivers hard-won lessons on agent-first infrastructure design, treating prompts as iterative dialogue, and building blameless iteration loops with automated guards and CI/CD, providing a practical blueprint for engineering organizations looking to scale agentic development without sacrificing code quality or auditability.
📢 How Squad runs coordinated AI agents inside your repository - GitHub introduces “Squad,” a repository-native orchestration model that coordinates multiple specialized AI agents—each handling distinct tasks like code generation, documentation, or review—to deliver cohesive pull requests with full auditability through standard code review and CI/CD flows. This multi-agent pattern keeps every change inspectable and revertible, giving enterprise teams a safe, transparent path to scaling agentic automation across their codebases.
🚢 GitHub Copilot coding agent for Jira is now in public preview - Teams can now assign Jira issues directly to the Copilot coding agent, which autonomously analyzes the issue, implements changes, opens draft pull requests, and posts updates back into Jira.
🗣️ GitHub Copilot Hackathon Playbook for Enterprise Admins - If you've ever wondered how to turn a one-day GitHub Copilot event into a lasting cultural shift in how your teams build software, this playbook (published as a community discussion alongside the companion whitepaper) gives enterprise admins everything they need—logistics, mentoring guidance, judging criteria, and communication templates—to run a polished hackathon of any scale (3 to 8 hours). Drawing on real enterprise experience where a single hackathon spawned hundreds of champions who sustained weekly developer engagement long after the event ended, it shows how a well-run hackathon goes beyond novelty to generate production-worthy prototypes, surface hidden talent, and measurably accelerate AI adoption. The discussion format makes it a valuable living resource for teams that want peer insights from enterprises already running these programs at scale.
🗣️ Accessibility Developer Guide: Getting Started with GitHub Copilot Custom Agents for Accessibility - This guide shows how to build custom Copilot agents—powered by agent definition files, targeted tooling, and domain-specific instructions—that automate accessibility auditing with axe-core and track accessibility progress across releases, encoding specialist expertise into reusable assistants that any team member can invoke. For enterprise engineering organizations scaling accessible software development, this pattern replaces ad-hoc manual accessibility checks with systematic automation baked directly into the development workflow.
🚢 Copilot coding agent now starts work 50% faster - The Copilot coding agent’s cloud environment now initializes 50% faster, significantly shortening the feedback loop when creating pull requests or iterating on agent-driven changes.
🚢 Organization runner controls for Copilot cloud agent - This update explains how enterprise teams can centrally define and enforce where Copilot’s cloud agent runs—unlocking better performance, access to internal resources, and consistent guardrails across all repositories without per-repo setup.
🚢 Copilot coding agent works faster with semantic code search - The coding agent now uses meaning-based search instead of just text matching to locate relevant code, completing tasks approximately 2% faster with no loss in quality and requiring no configuration.
🚢 Ask @copilot to resolve merge conflicts on pull requests - You can now @mention copilot in a pull request comment with specific natural-language instructions to have the Copilot coding agent automatically resolve merge conflicts and push the resolution, reducing manual effort and context-switching when branches diverge in fast-moving codebases.
🚢 Add images to agent sessions - You can now paste, drag, or click to attach images directly into Copilot coding agent sessions on GitHub.com, adding visual context to agent interactions.
🚢 Pick a model for @copilot in pull request comments - A new model picker in pull request comment boxes lets you choose which AI model handles your @copilot requests, giving finer control over code suggestions and modifications.
🚢 More visibility into Copilot coding agent sessions - Session logs now surface built-in and custom setup steps, plus collapsed subagent activity, giving developers transparent insight into what the Copilot coding agent does before and during task execution.
🚢 Secret scanning in AI coding agents via the GitHub MCP Server - AI coding agents can now proactively scan working changes for secrets through the GitHub MCP Server before code is committed, catching credential leaks at the earliest possible point in the development workflow.
🚢 Copilot cloud agent signs its commits - Copilot cloud agent commits now appear as "Verified" in GitHub—enabling its use in repositories where branch protection requires signed commits while giving enterprise security and compliance teams the commit-level traceability they need for AI-generated code contributions.
🚢 Explore a repository using Copilot on the web - Copilot Chat on the web now lets you browse a repository’s file tree alongside conversations, with selected files automatically added as context references for deeper codebase exploration.
🥼 GitHub Next Repo Mind - This GitHub Next research prototype combines vector-based semantic search with a GraphRAG-style hierarchical graph of code declarations and documentation to give both developers and AI agents a holistic understanding of large GitHub repositories—answering fine-grained questions ("Where is X implemented?") and high-level architecture questions from the same index. For enterprise platform teams managing sprawling codebases, this research direction points toward AI-native code navigation that could dramatically reduce the time spent onboarding developers or orienting AI agents to unfamiliar code. NOTE: This is currently a Research Prototype so, may or may not lead new product capabilities.

GitHub Copilot CLI

📺 Evan Boyle from the Copilot CLI team shares advanced tips & tricks.
📺 How to get a multi-agent code review in Copilot CLI | Advanced tips & tricks (0:41) - Learn how to use the /review command to check for bugs, security issues, and performance problems. Discover how to use multiple models like Gemini, Codex, and Opus simultaneously for a thorough multi-agent code review.
📺 How to query your Copilot CLI session history | Advanced tips & tricks (1:10) - Learn how to query your local SQLite database to pull up session history and recover context from past bug fixes. You can even ask Copilot to analyze your prompting habits to help you write better commands.
📢 Run multiple agents at once with /fleet in Copilot CLI - The new /fleet command in Copilot CLI transforms large, multi-component tasks by deploying an orchestrator that breaks a prompt into independent subtasks and dispatches each as a parallel subagent—completing work that would previously require sequential agent sessions in a single, coordinated operation. Each subagent operates with its own context window on the shared filesystem, dependent tasks are automatically queued until prerequisites are met, and the --no-ask-user flag makes fleet-mode composable with automated pipelines. For enterprise platform teams managing large codebases, this parallel agent execution model fundamentally changes the scale at which complex, cross-cutting tasks—like multi-file refactoring, documentation generation, or test suite expansion—can be safely delegated to Copilot.
🚢 Request Copilot code review from GitHub CLI - Developers can now add Copilot as a pull request reviewer directly from the terminal using gh pr edit --add-reviewer @copilot, with improved performance for reviewer search in large organizations.
📄 Researching with GitHub Copilot CLI - GitHub Copilot CLI’s research mode can turn complex technical questions into durable, shareable research artifacts by autonomously analyzing your codebases, internal repositories, and relevant external sources. For enterprise developers and engineering leaders, this matters because it enables deeper architectural understanding, faster onboarding, and better technical decision-making—without relying on tribal knowledge or manual investigation. It also introduces a practical way to capture and reuse high‑quality technical analysis as documented evidence, not just ephemeral chat answers.
📄 Connecting Copilot CLI to VS Code - By connecting Copilot CLI to VS Code, developers gain a unified workflow where editor selections become prompt context, proposed code changes appear as visual diffs for review, real-time diagnostics from VS Code are accessible to Copilot, and CLI sessions persist across the integrated terminal. For enterprise teams encouraging terminal-based AI workflows while preserving code review discipline, this integration bridges the speed of CLI interaction with the visual tooling engineers already rely on.
📺& 🙋‍♂️ GitHub Copilot CLI for Beginners with Christopher Harrison and Kayla Cinnamon
📺 Getting started with GitHub Copilot CLI | Tutorial for beginners (3:48) – We cover the essentials of getting started with your new terminal-based AI coding assistant: the GitHub Copilot CLI. You will learn how to install using npm, authenticate with your GitHub account, and grant folder permissions. We also run through your very first prompts to generate code directly from the command line.
📺 Interactive vs non-interactive modes | Copilot CLI for beginners (1:53) - Want to know the fastest way to prompt GitHub Copilot from your terminal? In this beginner tutorial, we explore the two main modes of the Copilot CLI. Discover how to use the interactive mode to have GitHub Copilot run your project locally or use the non-interactive mode with the -p flag for quick summaries without leaving your shell context.
📺 A beginner's guide to Copilot CLI slash commands (2:37) - We explore how to use slash commands to control your terminal AI agent. Learn how to switch models with /model, check token usage with /context, and resume past sessions with /resume. Master these commands to keep your terminal workflow smooth and efficient.
📺 Plan, delegate, and review (4:59) - Did you know you can have GitHub Copilot CLI build features for you in the background? We explore how to use the plan and delegate commands to create a draft pull request while you work on other tasks. After the cloud agent finishes coding, we show you how to review the changes directly in your terminal. Watch to see how these three commands streamline your daily developer workflow.

GitHub Copilot SDK

📢 The era of “AI as text” is over. Execution is the new interface. - The Copilot SDK introduces a programmable execution layer that lets developers embed agentic workflows—planning, tool invocation, file modification, and error recovery—directly inside their own applications, moving beyond isolated text-based interactions. This architectural shift enables dynamically adaptive, observable, and secure AI-powered automation that integrates deeply into organizational tooling and scales with evolving developer needs.
📺 Build a Planning App with the GitHub Copilot SDK | demo (4:04) - What if your personal planning app could actually think with you? In this video, we walk through how to use the GitHub Copilot SDK to upgrade a basic Node.js application into a dynamic AI-powered assistant. Watch as we generate weekly meal plans, regenerate options based on changing preferences, and build custom weekend activity schedules. We also break down the code so you can build something similar today!
📢 Building AI-powered GitHub issue triage with the Copilot SDK - Using "IssueCrush," a React Native app, the post demonstrates how the Copilot SDK can run server-side to generate AI-powered summaries that transform dense GitHub issue backlogs into actionable, swipeable cards—cutting triage time and cognitive load for maintainers and large engineering teams. For enterprise developers looking to extend Copilot beyond the IDE, this is a blueprint for embedding Copilot Chat-quality AI into custom developer tooling, complete with production-grade patterns for graceful degradation, caching, and secure server-side token management.

IDE Related GitHub Copilot Updates

📄 Connecting Copilot CLI to VS Code - By connecting Copilot CLI to VS Code, developers gain a unified workflow where editor selections become prompt context, proposed code changes appear as visual diffs for review, real-time diagnostics from VS Code are accessible to Copilot, and CLI sessions persist across the integrated terminal. For enterprise teams encouraging terminal-based AI workflows while preserving code review discipline, this integration bridges the speed of CLI interaction with the visual tooling engineers already rely on.
🚢 Figma MCP server can now generate design layers from VS Code - Developers can now push UI code from VS Code to Figma as editable design layers and pull Figma designs into code, enabling two-way design-development collaboration through the Figma MCP server.
🚢 GitHub Copilot in Visual Studio Code v1.110 – February release - This release introduces programmable agent hooks, custom agent plugins, shared memory across Copilot surfaces, persistent plans, fork-from-checkpoint, and native Copilot CLI integration in VS Code.
🚢 GitHub Copilot in Visual Studio — March update - This release introduces custom Copilot agents definable via .agent.md files—with full workspace awareness, MCP connections, tool access, and model selection—alongside colorized code completions, click-to-insert partial suggestion acceptance, and a redesigned JSON editor that no longer requires the full web development workload installed.
🚢 GitHub Copilot in Visual Studio — February update - This update brings partial suggestion acceptance, colorized completions, persistent Copilot memories, custom slash-command prompts, NuGet MCP server integration, and specialized agents for WinForms and C++ build performance to Visual Studio.
🚢 Major agentic capabilities improvements in GitHub Copilot for JetBrains IDEs - JetBrains IDEs gain GA support for custom agents, sub-agents, and the Plan Agent, plus public preview of agent hooks, auto-approve for MCP, and instruction file support via AGENTS.md.
🚢 Copilot auto model selection is generally available in JetBrains IDEs - Copilot now dynamically selects the best available model for completions and chat in all JetBrains IDEs, with a 10% premium request discount when using auto mode.
🚢 Gemini 3.1 Pro is now available in JetBrains IDEs, Xcode, and Eclipse - Copilot Business, Enterprise, Pro, and Pro+ users can now access Google's latest Gemini 3.1 Pro model in JetBrains IDEs, Xcode, and Eclipse via the chat model picker—organization administrators must enable the Gemini 3.1 Pro policy before eligible users can see the model.
🚢 Monitor Copilot coding agent logs live in Raycast - The GitHub Copilot Raycast extension now streams coding agent logs in real time, letting developers track task progress without switching to the GitHub web interface.

GitHub Copilot - New Models

🚢 GPT-5.3-Codex long-term support in GitHub Copilot - GPT-5.3-Codex becomes the new base model for Copilot Business and Enterprise with 12 months of guaranteed LTS availability, giving organizations the stability needed for compliance and internal review cycles.
🚢 GPT-5.4 is generally available in GitHub Copilot - OpenAI’s latest agentic coding model is now available across all Copilot plans and environments—organization admins must enable the GPT-5.4 policy for their users to access it.
🚢 GPT-5.4 mini is now generally available for GitHub Copilot - OpenAI’s faster and more cost-effective GPT-5.4 mini model is now available for all Copilot users, complementing the full GPT-5.4 with strong coding performance at lower resource cost.
🚢 Gemini 3.1 Pro is now available in JetBrains IDEs, Xcode, and Eclipse - Copilot Business, Enterprise, Pro, and Pro+ users can now access Google's latest Gemini 3.1 Pro model in JetBrains IDEs, Xcode, and Eclipse via the chat model picker—organization administrators must enable the Gemini 3.1 Pro policy before eligible users can see the model.
🚢 Grok Code Fast 1 is now available in Copilot Free auto model selection - Copilot Free users now get automatic access to xAI’s Grok Code Fast 1 model through intelligent auto model selection, bringing powerful AI coding assistance to all developers at no cost.
🚢 Upcoming deprecation of Claude Sonnet 4 in GitHub Copilot - Claude Sonnet 4 will be retired from all Copilot experiences (Chat, inline edits, ask/agent modes, and code completions) on May 1, 2026—enterprise administrators should enable Claude Sonnet 4.6 in organization policies and communicate the migration timeline to users before the deadline to avoid workflow disruptions.

Additional GitHub Copilot Updates

🚢 Copilot organization custom instructions are generally available - Organization administrators on Copilot Business and Enterprise can now define a shared set of AI instructions that apply by default across all Copilot surfaces—including Chat, code review, and the cloud agent on GitHub.com—giving enterprises a centralized, policy-driven mechanism to enforce coding standards, redirect queries to internal resources, and standardize AI behavior consistently across every developer seat.
📺 What is MCP and how does it work with AI? (1:30) - Curious about how AI agents interact with the outside world? In this highlight from GitHub Universe 2025, we break down the Model Context Protocol (MCP) and how it helps models access private or recently published data. Learn how GitHub collaborated with Anthropic to take ownership of the official MCP server. We also share why the team decided to rewrite the open-source project from TypeScript to Go.
📢 Updates to GitHub Copilot interaction data usage policy – NOTE: Copilot Business and Copilot Enterprise users are not affected by this update. We are including this blog post so that you can understand exactly what data GitHub’s AI features can and cannot use and how new opt-out controls work for individual licenses. As individual Copilot experiences evolve, enterprise and organization-provided accounts remain contractually protected. For additional details see 🚢 Updates to our Privacy Statement and Terms of Service: How we use your data - GitHub Changelog.
🚢 GitHub Changelog - Copilot - Skim through all of the recent Copilot changes.

CI/CD

Continuous Integration & Continuous Deployment with GitHub Actions. If you are involved in managing and authoring GitHub Actions workflows you'll want to dive into these updates to see how were are addressing enterprise needs in the areas of scalability, debugging, security and bringing AI to GitHub Actions with Agentic Workflows and the GitHub Copilot CLI.

📺 How to use agentic workflows for your repos | GitHub Checkout (12:22) - Andrea Griffiths is joined by Idan Gazit to explore the brand-new agentic workflows. We dive into how you can use plain English and GitHub Copilot to automate complex repository tasks, from syncing documentation to upgrading frameworks. Watch as we build a "super Dependabot" and see how major open-source projects are already using these tools to reduce maintainer burnout.
📢 Under the hood: Security architecture of GitHub agentic workflows - GitHub's security model for agent-based workflows enforces sandboxed isolation, constrained outputs, comprehensive logging, and human-in-the-loop controls to mitigate threats like data exfiltration and prompt injection. Enterprise teams can confidently adopt agentic CI/CD automation knowing every agent action is traceable, interpretable, and tightly governed by both technical and policy safeguards.
🚢 View Agentic Workflow configs in the Actions run summary - The Markdown configuration that defines a GitHub Agentic Workflow is now displayed directly in the Actions run summary, giving reviewers and auditors per-run visibility into the exact instructions, permissions, and tool settings that governed each agentic execution without navigating away from the run page.
🙋‍♂️New GitHub Skills exercises to get hands-on learning to Automate workflows with GitHub Actions:
🙋‍♂️ Work with Workflow Artifacts - Learn how to upload, preview, download, and reuse workflow artifacts in GitHub Actions. Create a CI workflow that uploads a coverage report as a workflow artifact. Upload a Playwright HTML report as a direct single-file artifact that opens in the browser. Build once and reuse that build artifact in a downstream deployment job. Download artifacts across workflows and add an optional production approval gate.
🙋‍♂️ Create and use reusable workflows - Learn how to create reusable GitHub Actions workflows and call them from another workflow. Create a reusable workflow from scratch and use it in another workflow. Deeply understand how permissions work across caller and reusable workflows. Expand your CI workflow to deploy to GitHub Pages and comment on pull requests with deployment details.
📢, 📺 & 🙋‍♂️ GitHub for Beginners: Getting started with GitHub Actions (8:03) - This beginner-friendly guide walks new developers through setting up their first GitHub Actions workflow step by step, covering automation fundamentals like triggers, jobs, and runners in a hands-on format. It’s a practical onboarding resource for teams looking to upskill developers who are new to CI/CD automation on the GitHub platform.
📢 What's coming to our GitHub Actions 2026 security roadmap - GitHub outlines a sweeping 2026 Actions security roadmap covering deterministic dependency locking at the workflow level, policy-driven access controls via the existing ruleset framework, granular secret scoping, native egress firewalls for hosted runners, and an "evaluate mode" for previewing policy impact before enforcement. For enterprise platform engineering teams managing CI/CD at scale, this roadmap signals a significant reduction in the overhead of adopting secure-by-default pipelines, with most features entering public preview in the coming months.
📢 Securing the open source supply chain across GitHub - Attackers are increasingly targeting GitHub Actions workflows to steal secrets and use them to publish malicious packages across the ecosystem—and GitHub responds with a layered set of platform defenses including Trusted Publishing via OpenID Connect (now available across npm, PyPI, NuGet, and RubyGems), CodeQL scanning for workflow security best practices, stricter npm token controls with mandatory 2FA for publishing, and Dependabot integration with the GitHub Advisory Database. For enterprise security and platform teams, this post provides a concrete threat model of the current supply chain attack surface alongside a prioritized set of platform-native controls to activate before the next wave of attacks.
🚢 GitHub Actions: Late March 2026 updates - Workflows can now use environments for secrets and variables without triggering deployments via deployment: false, and scheduled workflows support IANA timezone specification directly in cron expressions.
🚢 GitHub Actions: Early April 2026 updates - Three notable improvements land for enterprise CI/CD: workflows can now override entrypoint and command for service containers (eliminating complex workarounds); OIDC tokens issued by Actions now support repository custom properties as claims for attribute-based cloud trust policies; and Azure private networking for GitHub-hosted runners gains public preview VNET failover support, enabling automatic and manual subnet failover across regions for high-availability pipelines.
🚢 Actions OIDC tokens now support repository custom properties - Repository custom properties can now be included as claims in Actions OIDC tokens, enabling attribute-based access control policies across Azure, AWS, and GCP without duplicating metadata or editing individual workflows.
🚢 Custom images for GitHub-hosted runners are now generally available - Organizations can now build custom VM images on top of GitHub-curated base images for GitHub-hosted runners—preinstalling tools, dependencies, and configurations specific to their workflows—enabling faster job starts, more consistent CI/CD environments, and centralized runner governance at scale.
🚢 Self-hosted runner minimum version enforcement paused - GitHub has temporarily paused the v2.329.0 minimum version enforcement for self-hosted runner registration originally scheduled for March 16, giving teams more time to upgrade.
🚢 Actions Runner Controller release 0.14.0 - ARC 0.14.0 introduces multilabel support for runner scale sets, the public actions/scaleset Go library client, custom Kubernetes resource annotations, and experimental Helm charts for more flexible self-hosted runner management.
🚢 GitHub Changelog - Actions - Skim through all of the recent security related changes.

Security

Application security with GitHub, ensuring the code that lives in GitHub and the dependencies that go into the solutions you build are secure and do not contain any secrets. Code Security

📢 GitHub expands application security coverage with AI-powered detections - GitHub Code Security now combines CodeQL's deep semantic analysis with AI-powered detections to cover a broader range of languages and file types—including Shell/Bash, Terraform, Dockerfiles, and PHP—giving enterprise security teams comprehensive vulnerability detection across the full application stack. In internal testing, over 170,000 findings were processed in a single month with more than 80% positive developer feedback, and Copilot Autofix links detection directly to remediation in pull requests, reducing the expertise barrier for scaling proactive security across large engineering organizations.
🚢 GitHub Advanced Security setup made simple - A new guided experience simplifies configuring GitHub Advanced Security across repositories, with custom configuration options and availability on Enterprise Cloud now and Enterprise Server 3.22 later.
🚢 CodeQL pull requests insights on security overview now cover all protected branches - The CodeQL PR insights tab in GitHub's security overview now aggregates Copilot Autofix statistics and alert data from all protected branches—not just the default branch—giving security teams a complete, organization-wide picture of AI-assisted remediation performance.
🚢 Faster incremental analysis with CodeQL in pull requests - CodeQL scans in pull requests for C#, Java, JavaScript/TypeScript, Python, and Ruby are now incremental by default—building a partial database for only changed code and merging it with a cached full-database—delivering up to 70% faster security checks on large repositories with no additional configuration required.
📢 How to scan for vulnerabilities with GitHub Security Lab's open source AI-powered framework - GitHub Security Lab has open-sourced the Taskflow Agent, an AI-powered vulnerability research framework that chains YAML-defined tasks with LLMs to discover, classify, and reason about high-impact security issues—and has already uncovered over 80 significant vulnerabilities across dozens of real open source projects. For enterprise security and platform engineering teams, this is a practical, extensible toolkit for scaling proactive vulnerability research without requiring deep security expertise in every team.
🚢 CodeQL 2.25.0 adds Swift 6.2.4 support - This release brings Swift 6.2.4 language support, a fully rewritten Java/Kotlin control flow graph for more accurate security analysis, C# 14 partial constructor support, and expanded JavaScript/TypeScript source handling for broader vulnerability detection coverage.
🚢 CodeQL 2.24.3 adds Java 26 support and other improvements - This release includes bug fixes such as resolving race conditions in overlay tests, skipping errant directories during extraction, and cleaning up command help output warnings.

Secret Protection

🚢 Secret scanning in AI coding agents via the GitHub MCP Server - AI coding agents can now proactively scan working changes for secrets through the GitHub MCP Server before code is committed, catching credential leaks at the earliest possible point in the development workflow.
🚢 Credential revocation API now supports GitHub OAuth and GitHub app credentials - The Credential Revocation API now covers OAuth app tokens, GitHub App user-to-server tokens, and refresh tokens—enabling unauthenticated bulk revocation of up to 1,000 exposed tokens per request with immediate access removal and owner notification, extending proactive secret containment across the full credential surface.
🚢 GitHub secret scanning — coverage update - This update adds nine new secret detector types across providers including Langchain, Salesforce, and Figma, enables push protection by default for Figma, Google, OpenVSX, and PostHog secrets, and introduces npm access token validity checks for sharper alert prioritization.
🚢 Secret scanning pattern updates — March 2026 - This update adds 28 new secret detectors across 15 providers, enables push protection by default for 39 patterns, and introduces additional validity checks for services like Airtable, DeepSeek, and Pinecone.

Supply Chain Security

🚢 Dependabot alert assignees are now generally available - Organizations can now assign specific users to Dependabot alerts directly from the alert detail page, bringing the same clear ownership and accountability model already used for code scanning and secret scanning alerts—with full REST API support, webhook events, and enterprise-wide visibility—to dependency vulnerability management.
🚢 Dependabot now supports pre-commit hooks - Dependabot can now automatically update pre-commit hook versions by parsing your .pre-commit-config.yaml, supporting tag and SHA pinning, grouped updates, and changelog inclusion across GitHub, GitLab, and Bitbucket-hosted hooks.
📢 Securing the open source supply chain across GitHub - Attackers are increasingly targeting GitHub Actions workflows to steal secrets and use them to publish malicious packages across the ecosystem—and GitHub responds with a layered set of platform defenses including Trusted Publishing via OpenID Connect (now available across npm, PyPI, NuGet, and RubyGems), CodeQL scanning for workflow security best practices, stricter npm token controls with mandatory 2FA for publishing, and Dependabot integration with the GitHub Advisory Database. For enterprise security and platform teams, this post provides a concrete threat model of the current supply chain attack surface alongside a prioritized set of platform-native controls to activate before the next wave of attacks.
📢 A year of open source vulnerability trends: CVEs, advisories, and malware - GitHub's analysis of the 2025 advisory landscape shows that while total reviewed advisories hit a four-year low due to backlog clearance, newly reported vulnerabilities rose 19% year over year, and malware advisories surged—reflecting growing attacker investment in supply chain compromise. For enterprise security teams, the takeaway is that the risk environment is actively shifting toward fresh, ecosystem-targeted threats, underscoring the value of automated dependency scanning and continuous monitoring through the GitHub Advisory Database.
🚢 Dependabot now supports Xcode projects using SwiftPM with .xcodeproj manifests - Enterprise teams developing iOS and macOS apps can now get automatic dependency update pull requests and security alerts from Dependabot for Swift packages managed through Xcode's native .xcodeproj format, extending supply chain coverage to the most common Apple development workflow.

Additional Security Updates

📢, 📺 & 🙋‍♂️ GitHub for Beginners: Getting started with GitHub security (5:02) - GitHub’s built-in security toolkit—including Dependabot for dependency vulnerability scanning, secret scanning for detecting exposed credentials, CodeQL for code vulnerability analysis, and Copilot Autofix for AI-assisted remediation—provides enterprise-grade protection that developers new to security can enable in minutes with no specialized expertise. For teams onboarding junior developers or standardizing security practices across repositories, this walkthrough demonstrates that building a strong security posture early prevents the technical debt and exposure that accumulate when security is bolted on later.
📢 Under the hood: Security architecture of GitHub agentic workflows - GitHub's security model for agent-based workflows enforces sandboxed isolation, constrained outputs, comprehensive logging, and human-in-the-loop controls to mitigate threats like data exfiltration and prompt injection. Enterprise teams can confidently adopt agentic CI/CD automation knowing every agent action is traceable, interpretable, and tightly governed by both technical and policy safeguards.
📢 Investing in the people shaping open source and securing the future together - GitHub outlines its multifaceted investment in open source sustainability—funding maintainers, partnering with Alpha-Omega on proactive vulnerability research, and expanding access to security tooling—to strengthen the software supply chain that enterprises depend on. The post makes a compelling case that securing open source requires supporting the people behind it, not just scanning the code.
🚢 Dependabot now detects malware in npm dependencies - Dependabot can now alert on known malicious npm package versions with distinct malware alerts, configurable rules, and automatic backfill scanning when enabled—adding a critical supply chain defense layer.
🚢 GitHub Changelog - Security - Skim through all of the recent security related changes.

GitHub Code Quality

GitHub Code Quality is now available in public preview! It turns every pull request into an opportunity to improve. With in-context findings, one-click Copilot fixes, and reliability and maintainability scores, you spend less time chasing nits and more time building. Check out the documentation to learn more.

🚢 GitHub Code Quality: Batch apply quality suggestions on pull requests - Teams can now select and commit multiple Code Quality fixes at once in the Files changed tab, requiring only a single scan to validate all changes and dramatically reducing remediation time.
🚢 GitHub Code Quality enterprise policy - Enterprise administrators can now manage GitHub Code Quality availability independently from Code Security within GitHub Advanced Security policies, enabling finer-grained governance over who gets access to code quality analytics without unintentionally enabling other security tooling or triggering licensing implications.
🚢 Code Quality permissions removed from security manager role - Only repository administrators can now enable or disable Code Quality settings, refining the security manager role to focus exclusively on security products per the principle of least privilege.

Engineering

An inside look at how we’re building the home for all developers. Resources based on our internal experiences.

📢 Continuous AI for accessibility: How GitHub transforms feedback into inclusion - GitHub uses AI to automate the triage and prioritization of accessibility feedback, allowing engineering teams to focus on resolving the most impactful barriers instead of being overwhelmed by a chaotic backlog. The approach turns accessibility from a compliance checklist into a continuous, user-driven improvement process—a model any large engineering organization can adopt to scale inclusion.
📢 Agent-driven development in Copilot Applied Science - GitHub’s Copilot Applied Science team shares a firsthand account of using coding agents to build other coding agents—producing 345 files and over 28,000 lines of code in just three days—by shifting humans into the roles of architecture, review, and prompt engineering rather than line-by-line implementation. The post delivers hard-won lessons on agent-first infrastructure design, treating prompts as iterative dialogue, and building blameless iteration loops with automated guards and CI/CD, providing a practical blueprint for engineering organizations looking to scale agentic development without sacrificing code quality or auditability.
📢 The uphill climb of making diff lines performant - Before optimizations, GitHub’s most complex pull requests caused JavaScript heap usage to exceed 1 GB and DOM node counts above 400,000—each diff line carrying 20+ event handlers multiplied across thousands of instances, resulting in input lag developers could feel. GitHub’s engineering team tackled this with a layered approach: migrating to a React-based rendering architecture, introducing virtualization to cap DOM usage on extreme diffs, and driving every improvement with real Interaction to Next Paint (INP) and memory metrics. For teams building or scaling developer tooling, this is a rigorous case study in tackling web performance at scale without sacrificing feature depth.
📢 How we rebuilt the search architecture for high availability in GitHub Enterprise Server - Search is a foundational dependency in GitHub Enterprise Server, and for years its high-availability architecture carried hidden failure modes that could turn routine maintenance into platform outages. This post breaks down how GitHub rebuilt search to align with true leader/follower semantics using Elasticsearch cross-cluster replication—eliminating a long‑standing class of HA risks while reducing operational burden. If you run or design mission‑critical distributed systems, this is a practical case study in when—and how—to re‑architect core infrastructure instead of layering on more workarounds.

Legend This legend represents the icons used above and links each icon to its corresponding resource page. These are the primary sources we review each month when compiling the Monthly Enterprise Roundup. Note that not every resource will appear in every edition.

📅 Events
📢 GitHub Blog
📺 GitHub on YouTube
🚢 The GitHub Changelog
🛡️ GitHub Copilot Trust Center
📚 GitHub Resources
📄 GitHub Docs
📐 GitHub Well-Architected
🗣️ GitHub public feedback & discussions
🙋‍♂️ Training, e.g. GitHub Skills, GitHub Copilot for Beginners
💡 Executive Insights
🥼 GitHub Next
🌐 Third Party Web Site, e.g. LinkedIn

That’s it for the April '26 edition of the MER. Follow GitHub Enterprise on LinkedIn to see when the next round of key updates become available. We want to hear from you! Did you find this curated list of updates from GitHub helpful? Do you have suggestions on how we can provide the information that is going to be the most useful and timely for your role? Provide your feedback in the GitHub Community: April ‘26 enterprise roundup.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly