From 4b5191aebae003a3f9c114cd42d8de4897542366 Mon Sep 17 00:00:00 2001 From: Sunbrye Ly <56200261+sunbrye@users.noreply.github.com> Date: Wed, 1 Jul 2026 12:35:38 -0700 Subject: [PATCH 1/3] Open-weight models in Copilot model picker (#61861) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com> --- .../copilot/reference/ai-models/model-hosting.md | 14 ++++++++++++++ .../reference/ai-models/supported-models.md | 2 +- .../copilot-billing/models-and-pricing.md | 8 ++++++++ .../reusables/copilot/open-weight-model-hosting.md | 1 + data/tables/copilot/model-comparison.yml | 6 ++++++ data/tables/copilot/model-release-status.yml | 5 +++++ data/tables/copilot/model-supported-clients.yml | 9 +++++++++ data/tables/copilot/model-supported-plans.yml | 7 +++++++ data/tables/copilot/models-and-pricing.yml | 9 +++++++++ data/variables/copilot.yml | 2 ++ 10 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 data/reusables/copilot/open-weight-model-hosting.md diff --git a/content/copilot/reference/ai-models/model-hosting.md b/content/copilot/reference/ai-models/model-hosting.md index c6a859e065e3..de5a76536397 100644 --- a/content/copilot/reference/ai-models/model-hosting.md +++ b/content/copilot/reference/ai-models/model-hosting.md @@ -94,6 +94,20 @@ When using {% data variables.copilot.copilot_gemini %} models, input prompts and {% data variables.copilot.copilot_mai_code_1_flash %} is a first-party Microsoft model hosted on Azure in {% data variables.product.github %}'s tenant. +## Open-weight models + +Open-weight models have publicly available weights. {% data reusables.copilot.open-weight-model-hosting %} + +### Moonshot AI models + +Used for: + +* {% data variables.copilot.copilot_kimi_k27_code %} + +{% data variables.copilot.copilot_kimi_k27_code %} was developed by Moonshot AI. It is an open-weight model that may be less aligned than other {% data variables.product.prodname_copilot_short %} models, with an elevated risk of producing harmful content. {% data variables.product.github %}'s content filtering applies, but you should review the [{% data variables.copilot.copilot_kimi_k27_code %} model card](https://huggingface.co/moonshotai/Kimi-K2.7-Code) and conduct your own evaluations before enabling it. + +When using {% data variables.copilot.copilot_kimi_k27_code %}, input prompts and output completions continue to run through {% data variables.product.prodname_copilot %}'s content filters for public code matching, when applied, along with those for harmful or offensive content. + ## Inline suggestions Inline suggestions, including ghost text and next edit suggestions, are powered by models hosted on Azure for {% data variables.copilot.copilot_business_short %} and {% data variables.copilot.copilot_enterprise_short %} plans. {% data variables.copilot.copilot_free_short %} and {% data variables.copilot.copilot_student_short %} user models are hosted on Fireworks AI. diff --git a/content/copilot/reference/ai-models/supported-models.md b/content/copilot/reference/ai-models/supported-models.md index 2672b81cbd49..c17afee410e1 100644 --- a/content/copilot/reference/ai-models/supported-models.md +++ b/content/copilot/reference/ai-models/supported-models.md @@ -161,7 +161,7 @@ The following table shows which AI models are available in each {% data variable {% data reusables.copilot.available-models-per-plan %} > [!NOTE] -> If you're an organization or enterprise owner, you can enable or restrict access to specific models for your members. See [AUTOTITLE](/copilot/how-tos/copilot-on-github/set-up-copilot/configure-access-to-ai-models#setup-for-organization-and-enterprise-use). +> * If you're an organization or enterprise owner, you can enable or restrict access to specific models for your members. See [AUTOTITLE](/copilot/how-tos/copilot-on-github/set-up-copilot/configure-access-to-ai-models#setup-for-organization-and-enterprise-use). ## Fallback and long-term support (LTS) models diff --git a/content/copilot/reference/copilot-billing/models-and-pricing.md b/content/copilot/reference/copilot-billing/models-and-pricing.md index 63b94d004f25..527b640bf835 100644 --- a/content/copilot/reference/copilot-billing/models-and-pricing.md +++ b/content/copilot/reference/copilot-billing/models-and-pricing.md @@ -77,6 +77,14 @@ Anthropic models include a cache write cost in addition to cached input. | {{ entry.model }} | {{ entry.release_status }} | {{ entry.category }} | {{ entry.input }} | {{ entry.cached_input }} | {{ entry.output }} | | {% endif %}{% endfor %} | +### Moonshot AI + +| Model | Release status | Category | Input | Cached input | Output | +| --- | --- | --- | ---: | ---: | ---: | +| {% for entry in tables.copilot.models-and-pricing %}{% if entry.provider == "moonshot_ai" %} | +| {{ entry.model }} | {{ entry.release_status }} | {{ entry.category }} | {{ entry.input }} | {{ entry.cached_input }} | {{ entry.output }} | +| {% endif %}{% endfor %} | + ## Code completions {% data reusables.copilot.tbb-completions %} diff --git a/data/reusables/copilot/open-weight-model-hosting.md b/data/reusables/copilot/open-weight-model-hosting.md new file mode 100644 index 000000000000..bf9626400e6e --- /dev/null +++ b/data/reusables/copilot/open-weight-model-hosting.md @@ -0,0 +1 @@ +These models are hosted on US-based Azure AI Foundry infrastructure managed by {% data variables.product.github %} and Microsoft. Customer prompts and responses are not sent to the original model developers. diff --git a/data/tables/copilot/model-comparison.yml b/data/tables/copilot/model-comparison.yml index 109577762406..62124128e55e 100644 --- a/data/tables/copilot/model-comparison.yml +++ b/data/tables/copilot/model-comparison.yml @@ -110,3 +110,9 @@ task_area: General-purpose coding and writing excels_at: Fast, accurate code completions and explanations further_reading: 'Coming soon' + +# Open-weight models +- name: Kimi K2.7 Code + task_area: General-purpose coding and agent tasks + excels_at: Fast, reliable answers to lightweight coding questions + further_reading: '[Kimi K2.7 Code model card](https://huggingface.co/moonshotai/Kimi-K2.7-Code)' diff --git a/data/tables/copilot/model-release-status.yml b/data/tables/copilot/model-release-status.yml index 9e05c227c2f7..cd2a185b5739 100644 --- a/data/tables/copilot/model-release-status.yml +++ b/data/tables/copilot/model-release-status.yml @@ -108,3 +108,8 @@ - name: 'Raptor mini' provider: 'Fine-tuned GPT-5 mini' release_status: 'GA' + +# Open-weight models +- name: 'Kimi-K2.7-Code' + provider: 'Moonshot AI' + release_status: 'GA' diff --git a/data/tables/copilot/model-supported-clients.yml b/data/tables/copilot/model-supported-clients.yml index 0a45d99d394c..e33839fa169d 100644 --- a/data/tables/copilot/model-supported-clients.yml +++ b/data/tables/copilot/model-supported-clients.yml @@ -203,6 +203,15 @@ xcode: true jetbrains: true +- name: Kimi-K2.7-Code + dotcom: true + cli: true + vscode: true + vs: true + eclipse: false + xcode: false + jetbrains: true + - name: Raptor mini dotcom: false cli: false diff --git a/data/tables/copilot/model-supported-plans.yml b/data/tables/copilot/model-supported-plans.yml index dd0c20882c86..5ac9cb743af1 100644 --- a/data/tables/copilot/model-supported-plans.yml +++ b/data/tables/copilot/model-supported-plans.yml @@ -165,3 +165,10 @@ max: true business: false enterprise: false + +- name: Kimi-K2.7-Code + pro: true + pro_plus: true + max: true + business: false + enterprise: false diff --git a/data/tables/copilot/models-and-pricing.yml b/data/tables/copilot/models-and-pricing.yml index 81a37cde4281..bd4f0c4d447d 100644 --- a/data/tables/copilot/models-and-pricing.yml +++ b/data/tables/copilot/models-and-pricing.yml @@ -267,3 +267,12 @@ cached_input: $0.025 output: $2.00 notes: Uses GPT-5 mini pricing + +# Open-weight models +- model: 'Kimi K2.7 Code' + provider: moonshot_ai + release_status: GA + category: Versatile + input: $0.95 + cached_input: $0.19 + output: $4.00 diff --git a/data/variables/copilot.yml b/data/variables/copilot.yml index ad3c0c7fbfff..805182602e31 100644 --- a/data/variables/copilot.yml +++ b/data/variables/copilot.yml @@ -240,6 +240,8 @@ copilot_qwen_25: 'Qwen2.5' copilot_mai_code_1_flash: 'MAI-Code-1-Flash' # Microsoft fine-tuned: copilot_raptor_mini: 'Raptor mini' +# Open-weight models: +copilot_kimi_k27_code: 'Kimi K2.7 Code' ## Current model used by Copilot cloud agent and Copilot CLI cca_current_model: '{% data variables.copilot.copilot_claude_opus_46 %}' From 976da2b35c37a6547befb875fb667c44c9c4fe33 Mon Sep 17 00:00:00 2001 From: Jenni C <97056108+dihydroJenoxide@users.noreply.github.com> Date: Wed, 1 Jul 2026 12:59:09 -0700 Subject: [PATCH 2/3] removing fable 5 disabled notes (#62023) --- content/copilot/reference/ai-models/model-hosting.md | 2 -- content/copilot/reference/ai-models/supported-models.md | 4 ---- .../copilot/reference/copilot-billing/models-and-pricing.md | 2 -- 3 files changed, 8 deletions(-) diff --git a/content/copilot/reference/ai-models/model-hosting.md b/content/copilot/reference/ai-models/model-hosting.md index de5a76536397..46dcb5a598f1 100644 --- a/content/copilot/reference/ai-models/model-hosting.md +++ b/content/copilot/reference/ai-models/model-hosting.md @@ -61,8 +61,6 @@ Used for: > [!WARNING] > When {% data variables.copilot.copilot_claude_fable_5 %} is used, Anthropic retains data, including prompts and outputs, to operate safety classifiers that detect harmful use. Other Claude models in {% data variables.product.prodname_copilot %} remain covered by {% data variables.product.github %}'s existing data retention agreements, as documented below. Enterprise and business users need to enable the {% data variables.copilot.copilot_claude_fable_5 %} model to make it available for your organization. You can read more about Anthropic's data handling practices for this model under section F of their [Service Specific Terms](https://www.anthropic.com/legal/service-specific-terms). -{% data reusables.copilot.model-fable-disabled %} - These models are hosted by Amazon Web Services, Anthropic PBC, and Google Cloud Platform. {% data variables.product.github %} has provider agreements in place to ensure data is not used for training. Additional details for each provider are included below: * Amazon Bedrock: Amazon makes the [following data commitments](https://docs.aws.amazon.com/bedrock/latest/userguide/data-protection.html): _Amazon Bedrock doesn't store or log your prompts and completions. Amazon Bedrock doesn't use your prompts and completions to train any AWS models and doesn't distribute them to third parties_. diff --git a/content/copilot/reference/ai-models/supported-models.md b/content/copilot/reference/ai-models/supported-models.md index c17afee410e1..18a9a27b6616 100644 --- a/content/copilot/reference/ai-models/supported-models.md +++ b/content/copilot/reference/ai-models/supported-models.md @@ -34,8 +34,6 @@ For all of the default AI models, input prompts and output completions run throu This table lists the AI models available in {% data variables.product.prodname_copilot_short %}, along with their release status. -{% data reusables.copilot.model-fable-disabled %} - {% rowheaders %} | Model name | Provider | Release status | @@ -110,8 +108,6 @@ The following table lists AI models that are retired or scheduled for retirement The following table shows which models are available in each client. -{% data reusables.copilot.model-fable-disabled %} - {% rowheaders %} | Model | {% data variables.product.prodname_dotcom_the_website %} | {% data variables.copilot.copilot_cli_short %} | {% data variables.product.prodname_vscode %} | {% data variables.product.prodname_vs %} | Eclipse | Xcode | JetBrains IDEs | diff --git a/content/copilot/reference/copilot-billing/models-and-pricing.md b/content/copilot/reference/copilot-billing/models-and-pricing.md index 527b640bf835..a6fbba3b8f06 100644 --- a/content/copilot/reference/copilot-billing/models-and-pricing.md +++ b/content/copilot/reference/copilot-billing/models-and-pricing.md @@ -43,8 +43,6 @@ All prices are **per 1 million tokens**. Anthropic models include a cache write cost in addition to cached input. -{% data reusables.copilot.model-fable-disabled %} - | Model | Release status | Category | Input | Cached input | Cache write | Output | | --- | --- | --- | ---: | ---: | ---: | ---: | | {% for entry in tables.copilot.models-and-pricing %}{% if entry.provider == "anthropic" %} | From df951e5d52a9e3fb07572654c0a1230867af16c9 Mon Sep 17 00:00:00 2001 From: Joe Clark <31087804+jc-clark@users.noreply.github.com> Date: Wed, 1 Jul 2026 13:26:22 -0700 Subject: [PATCH 3/3] Reclassify CVE-2026-14340 note in GHES patch release notes (#62026) Co-authored-by: John Clement <70238417+jclement136@users.noreply.github.com> --- data/release-notes/enterprise-server/3-17/17.yml | 2 +- data/release-notes/enterprise-server/3-18/11.yml | 2 +- data/release-notes/enterprise-server/3-19/8.yml | 2 +- data/release-notes/enterprise-server/3-20/4.yml | 2 +- data/release-notes/enterprise-server/3-21/2.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/data/release-notes/enterprise-server/3-17/17.yml b/data/release-notes/enterprise-server/3-17/17.yml index 2d928414e322..c9292f5fcae6 100644 --- a/data/release-notes/enterprise-server/3-17/17.yml +++ b/data/release-notes/enterprise-server/3-17/17.yml @@ -2,7 +2,7 @@ date: '2026-06-30' sections: security_fixes: - | - **HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments. + **MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program. - | **MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program. - | diff --git a/data/release-notes/enterprise-server/3-18/11.yml b/data/release-notes/enterprise-server/3-18/11.yml index 2e3325559cf8..11c1f789a726 100644 --- a/data/release-notes/enterprise-server/3-18/11.yml +++ b/data/release-notes/enterprise-server/3-18/11.yml @@ -2,7 +2,7 @@ date: '2026-06-30' sections: security_fixes: - | - **HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments. + **MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program. - | **MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program. - | diff --git a/data/release-notes/enterprise-server/3-19/8.yml b/data/release-notes/enterprise-server/3-19/8.yml index dd6bae2b2ba5..6a1db32aeb95 100644 --- a/data/release-notes/enterprise-server/3-19/8.yml +++ b/data/release-notes/enterprise-server/3-19/8.yml @@ -2,7 +2,7 @@ date: '2026-06-30' sections: security_fixes: - | - **HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments. + **MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program. - | **MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program. - | diff --git a/data/release-notes/enterprise-server/3-20/4.yml b/data/release-notes/enterprise-server/3-20/4.yml index 7b28892c117d..ee76bb01623c 100644 --- a/data/release-notes/enterprise-server/3-20/4.yml +++ b/data/release-notes/enterprise-server/3-20/4.yml @@ -2,7 +2,7 @@ date: '2026-06-30' sections: security_fixes: - | - **HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments. + **MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program. - | **MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program. - | diff --git a/data/release-notes/enterprise-server/3-21/2.yml b/data/release-notes/enterprise-server/3-21/2.yml index bf0e3af4d0a1..cf99d0168fe3 100644 --- a/data/release-notes/enterprise-server/3-21/2.yml +++ b/data/release-notes/enterprise-server/3-21/2.yml @@ -5,7 +5,7 @@ sections: You can now run the pre-upgrade stage of an upgrade outside the maintenance window using `ghe-upgrade --phase pre-upgrade -y UPGRADE-PACKAGE-FILENAME`. Running the pre-upgrade stage in advance can reduce in-maintenance upgrade time by up to 20 minutes. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-upgrade). Additional functionality and documentation will be available when you upgrade to 3.22 and later versions. security_fixes: - | - **HIGH**: Current configurations of the GitHub API access controls could allow an attacker to create issues in any public repository via a u2s token without requiring the underlying installation to have issues write permission. This therefore allows an attacker to impersonate the victim in public repositories by creating issues and commit comments. + **MEDIUM**: An attacker could create issues, issue comments, commit comments, and private vulnerability reports in public repositories they did not have write access to. This was possible by using a user-to-server token against endpoints that validated repository read access but did not validate the required write permission for those operations. GitHub has requested CVE ID [CVE-2026-14340](https://www.cve.org/cverecord?id=CVE-2026-14340) for this vulnerability, which was reported via the [GitHub Bug Bounty](https://bounty.github.com/) program. - | **MEDIUM**: An attacker with site administrator privileges could extract arbitrary data from the instance's database, including user password hashes, by exploiting a blind SQL injection vulnerability in the `dependenciesPrefers` argument of the `dependencyGraphManifests` GraphQL field. This vulnerability affected instances with the dependency graph enabled and was reported via the GitHub Bug Bounty program. - |