diff --git a/content/code-security/concepts/about-code-quality.md b/content/code-security/concepts/about-code-quality.md index 9ce394b43df1..35be6bcc60c2 100644 --- a/content/code-security/concepts/about-code-quality.md +++ b/content/code-security/concepts/about-code-quality.md @@ -7,6 +7,8 @@ product: '{% data reusables.gated-features.code-quality-availability %}' versions: feature: code-quality contentType: concepts +audience: + - driver redirect_from: - /code-security/code-quality/concepts/about-code-quality - /code-security/code-quality/concepts @@ -83,6 +85,65 @@ If you have set up code coverage, the `{% data variables.code-quality.pr_comment Each {% data variables.product.prodname_codeql %} analysis will use {% data variables.product.prodname_actions %} minutes and can be seen on the **Actions** tab of the repository as a run of the dynamic "{% data variables.code-quality.workflow_name_actions %}" workflow. +## How enablement works across your enterprise + +{% data variables.product.prodname_code_quality_short %} is controlled at three levels, so you can decide how much autonomy to give organizations and repositories: + +* **Enterprise:** An enterprise owner must first allow {% data variables.product.prodname_code_quality_short %} for the enterprise. Until they do, organization owners cannot enable it. +* **Organization:** Organization owners control which repositories have {% data variables.product.prodname_code_quality_short %} enabled or disabled, by granting access to all repositories, a selected list, or repositories that match a filter. They can also enforce these settings so that repository administrators cannot change them. +* **Repository:** Repository administrators can enable or disable {% data variables.product.prodname_code_quality_short %} for individual repositories, unless organization-level enforcement applies. + +When {% data variables.product.prodname_code_quality_short %} is enabled on a repository, {% data variables.product.prodname_codeql %} analysis runs via {% data variables.product.prodname_actions %} and surfaces findings in pull requests and on the default branch. Developers see quality checks and annotations on their pull requests. + +## Organization-level repository access + +At the organization level, you control {% data variables.product.prodname_code_quality_short %} with a single **Repository access** setting. This setting determines which repositories have {% data variables.product.prodname_code_quality_short %} enabled and which have it disabled: repositories within your selection are enabled, and repositories outside your selection are disabled. + +> [!IMPORTANT] +> Changing the **Repository access** setting can both enable **and** disable {% data variables.product.prodname_code_quality_short %} across many repositories at once. For example, if you enable {% data variables.product.prodname_code_quality_short %} for repositories matching a filter, any repository that does not match the filter is disabled. Before your change is applied, a dialog shows the total number of enabled and disabled repositories, along with the billing impact. + +### Repository access options + +You can apply one of the following options at a time. + +| Option | Behavior | +| ------ | -------- | +| **No repositories** | Disables {% data variables.product.prodname_code_quality_short %} for all current and future repositories in the organization. | +| **Let repositories decide** | The organization neither enables nor disables {% data variables.product.prodname_code_quality_short %}. Repository administrators choose whether to enable it for their own repositories. This option cannot be enforced. | +| **All repositories** | Enables {% data variables.product.prodname_code_quality_short %} for all current and future repositories. | +| **Selected repositories** | Enables {% data variables.product.prodname_code_quality_short %} for a specific list of repositories that you choose. Repositories you do not select are disabled, and new repositories are not enabled automatically. Best for pilots or exceptions. | +| **Matching a filter** | Enables {% data variables.product.prodname_code_quality_short %} for repositories that match a filter you define, now and in the future. Repositories that do not match are disabled. See [Filtering repositories](#filtering-repositories). | + +### Filtering repositories + +When you choose **Matching a filter**, you create a dynamic filter that automatically enables {% data variables.product.prodname_code_quality_short %} for existing and future repositories that match your criteria. This is useful for ongoing governance at scale. + +You can filter on any combination of the following criteria: + +* **Visibility:** Whether repositories are public, private, or internal. Useful for broad policies, such as enabling {% data variables.product.prodname_code_quality_short %} for all private repositories. +* **Fork status:** Whether repositories are forks. Useful when forks should not consume analysis resources. +* **Custom property:** Whether repositories have a specific custom property value. For example, you could target repositories with a `team:platform` property. + +All conditions in a filter are combined with `AND`, so a repository must match every condition to be enabled. You can also exclude repositories that match specific conditions. + +### Enforcing access + +By default, repository administrators can change {% data variables.product.prodname_code_quality_short %} settings for their own repositories. To prevent this, enable **Enforce access**. + +Enforcement locks in both the enabled and disabled states set by your **Repository access** option, so repository administrators cannot override them. This improves consistency across your organization, but reduces flexibility for individual repository administrators. + +* Enforcement applies to most **Repository access** options you select, including **No repositories**, which enforces {% data variables.product.prodname_code_quality_short %} as disabled. +* Enforcement is not available with **Let repositories decide**, which intentionally leaves the choice to repository administrators. + +## Planning your rollout + +Because enabling {% data variables.product.prodname_code_quality_short %} can affect many repositories at once and each analysis consumes {% data variables.product.prodname_actions %} minutes, plan how you roll it out across your organization: + +* **Start with a pilot group.** Enable a small, representative set of repositories first—for example, by selecting them individually or matching a custom property—so you can validate results before expanding. +* **Check your {% data variables.product.prodname_actions %} capacity.** Confirm your runners can absorb the additional load before you enable {% data variables.product.prodname_code_quality_short %} broadly. +* **Decide whether to enforce enablement.** Enforcement gives you consistent coverage and prevents repository administrators from opting out, but it removes their flexibility. Leaving enforcement off during a pilot lets teams opt in and out as they learn. +* **Expand once results are trusted.** After you've confirmed that analysis runs smoothly and developers understand the findings, widen your selection or filter to cover more repositories. + ## Next steps * **For your repository or organization:** Turn on {% data variables.product.prodname_code_quality_short %} to start generating results. See [AUTOTITLE](/code-security/how-tos/maintain-quality-code/enable-code-quality). diff --git a/content/code-security/how-tos/maintain-quality-code/enable-code-quality.md b/content/code-security/how-tos/maintain-quality-code/enable-code-quality.md index e3cf5e0439f2..f04f0646d54c 100644 --- a/content/code-security/how-tos/maintain-quality-code/enable-code-quality.md +++ b/content/code-security/how-tos/maintain-quality-code/enable-code-quality.md @@ -1,11 +1,13 @@ --- title: Enabling {% data variables.product.prodname_code_quality %} shortTitle: Enable Code Quality -intro: Use {% data variables.product.prodname_code_quality_short %} to automatically catch, fix, and report on code quality issues in pull requests and on your default branch. +intro: Enable {% data variables.product.prodname_code_quality_short %} across your organization's repositories to automatically identify and remediate code quality issues at scale, helping you maintain consistency and reduce operational risk. versions: feature: code-quality product: '{% data reusables.gated-features.code-quality-availability %}' permissions: '{% data reusables.permissions.code-quality-repo-enable %}' +audience: + - driver contentType: how-tos redirect_from: - /code-security/code-quality/how-tos/enable-code-quality @@ -37,17 +39,27 @@ category: > [!TIP] > If your organization has configured caching of private registries, these will be available for code quality analysis to use to resolve dependencies. See [AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/giving-org-access-private-registries#code-quality-access-to-private-registries). -## Enabling {% data variables.product.prodname_code_quality_short %} for an organization +## Enabling {% data variables.product.prodname_code_quality_short %} for your organization -You can enable or disable {% data variables.product.prodname_code_quality_short %} for all repositories in an organization at once. +{% data reusables.code-quality.code-quality-org-targeting-preview-note %} + +At the organization level, you control {% data variables.product.prodname_code_quality_short %} with a single **Repository access** setting. This gives you granular options, from enabling every repository to targeting a specific list or a dynamic filter, so you can pilot {% data variables.product.prodname_code_quality_short %} intentionally and roll it out at your own pace. Repositories within your selection are enabled, and repositories outside your selection are disabled. + +For the available access options, and how filtering and enforcement work, see [AUTOTITLE](/code-security/code-quality/concepts/about-code-quality#organization-level-repository-access). {% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.org_settings %} 1. In the sidebar, under "Security", click **{% data variables.code-quality.code_quality_ui_settings %}**. -1. Next to "Enable Code Quality", use the toggle to enable {% data variables.product.prodname_code_quality_short %} for all repositories. +1. Under "Repository access", select an option from the dropdown menu. + * If you selected **Selected repositories...**, choose the repositories you want to enable. + * If you selected **Matching a filter...**, define your filter. +1. Optionally, to prevent repository administrators from changing these settings, enable **Enforce access**. +1. If your change enables or disables {% data variables.product.prodname_code_quality_short %} on any repositories, a "Review enablement and billing changes" dialog appears, showing the total number of enabled and disabled repositories and the associated costs. Review the details, then click **Confirm**. + +Your changes are saved automatically and begin to propagate immediately. In large organizations, it can take several minutes for the changes to apply across all repositories. ## Next steps * **For your repository:** Explore your code quality findings and merge your first fix. See [AUTOTITLE](/code-security/tutorials/improve-code-quality/quickstart). * **Add code coverage:** Upload test coverage reports to see coverage results directly on pull requests. See [AUTOTITLE](/code-security/how-tos/maintain-quality-code/set-up-code-coverage). -* **For your organization:** Understand the code health of your repositories at a glance. See [AUTOTITLE](/code-security/how-tos/view-and-interpret-data/analyze-organization-data/explore-code-quality). +* **For your organization:** Understand the code health of your repositories at a glance. See [AUTOTITLE](/code-security/how-tos/view-and-interpret-data/analyze-organization-data/explore-code-quality). \ No newline at end of file diff --git a/content/copilot/reference/ai-models/model-hosting.md b/content/copilot/reference/ai-models/model-hosting.md index 1f448ea09635..2c7a06f7c5cc 100644 --- a/content/copilot/reference/ai-models/model-hosting.md +++ b/content/copilot/reference/ai-models/model-hosting.md @@ -16,8 +16,6 @@ contentType: reference ## OpenAI models -{% data reusables.copilot.gpt-55-promo-period %} - Used for: * {% data variables.copilot.copilot_gpt_5_mini %} @@ -105,7 +103,7 @@ Used for: * {% data variables.copilot.copilot_kimi_k27_code %} -{% data variables.copilot.copilot_kimi_k27_code %} was developed by Moonshot AI. It is an open-weight model that may be less aligned than other {% data variables.product.prodname_copilot_short %} models, with an elevated risk of producing harmful content. {% data variables.product.github %}'s content filtering applies, but you should review the [{% data variables.copilot.copilot_kimi_k27_code %} model card](https://huggingface.co/moonshotai/Kimi-K2.7-Code) and conduct your own evaluations before enabling it. +{% data variables.copilot.copilot_kimi_k27_code %} was developed by Moonshot AI. It is an open-weight model. {% data variables.product.github %}'s content filtering applies, but you should review the [{% data variables.copilot.copilot_kimi_k27_code %} model card](https://huggingface.co/moonshotai/Kimi-K2.7-Code) and conduct your own evaluations before enabling it. When using {% data variables.copilot.copilot_kimi_k27_code %}, input prompts and output completions continue to run through {% data variables.product.prodname_copilot %}'s content filters for public code matching, when applied, along with those for harmful or offensive content. diff --git a/content/copilot/reference/ai-models/supported-models.md b/content/copilot/reference/ai-models/supported-models.md index f0d9f65f8c41..47cf7c756b14 100644 --- a/content/copilot/reference/ai-models/supported-models.md +++ b/content/copilot/reference/ai-models/supported-models.md @@ -132,21 +132,22 @@ Some {% data variables.product.prodname_copilot_short %} models require minimum | Model | {% data variables.product.prodname_vscode %} | {% data variables.product.prodname_vs %} | JetBrains IDEs | Xcode | Eclipse | |----------------------------------------------------------| --- |------------------------------------------| -- | --- | --- | -| {% data variables.copilot.copilot_gemini_3_flash %} | `v1.115.0` and later | `17.14.22` or `18.1.0` and later | `1.5.62` and later | `0.46.0` and later | `0.14.0` and later | -| {% data variables.copilot.copilot_gemini_31_pro %} | `v1.115.0` and later | `17.14.22` or `18.1.0` and later | `1.5.62` and later | `0.46.0` and later | `0.14.0` and later | -| {% data variables.copilot.copilot_gemini_35_flash %} | `v1.115.0` and later | `17.14.22` or `18.1.0` and later | `1.5.62` and later | `0.46.0` and later | `0.14.0` and later | -| {% data variables.copilot.copilot_gpt_52_codex %} | No minimum listed | `17.14.19` or `18.0.0` and later | `1.5.61` and later | `0.45.0` and later | `0.13.0` and later | -| {% data variables.copilot.copilot_gpt_53_codex %} | `v1.104.1` and later | `17.14.19` and later | `1.5.61` and later | `0.45.0` and later | `0.13.0` and later | -| {% data variables.copilot.copilot_gpt_54 %} | `v1.104.1` and later | `17.14.19` and later | `1.5.66` and later | `0.47.0` and later | `0.15.0` and later | -| {% data variables.copilot.copilot_gpt_54_mini %} | `v1.104.1` and later | `17.14.19` and later | `1.5.66` and later | `0.47.0` and later | `0.15.0` and later | -| {% data variables.copilot.copilot_gpt_55 %} | `v1.117` and later | `17.14.19` and later | `1.5.66` and later | `0.47.0` and later | `0.15.0` and later | +| {% data variables.copilot.copilot_gemini_3_flash %} | `v1.115.0` | `17.14.22` or `18.1.0` | `1.5.62` | `0.46.0` | `0.14.0` | +| {% data variables.copilot.copilot_gemini_31_pro %} | `v1.115.0` | `17.14.22` or `18.1.0` | `1.5.62` | `0.46.0` | `0.14.0` | +| {% data variables.copilot.copilot_gemini_35_flash %} | `v1.115.0` | `17.14.22` or `18.1.0` | `1.5.62` | `0.46.0` | `0.14.0` | +| {% data variables.copilot.copilot_gpt_52_codex %} | No minimum listed | `17.14.19` or `18.0.0` | `1.5.61` | `0.45.0` | `0.13.0` | +| {% data variables.copilot.copilot_gpt_53_codex %} | `v1.104.1` | `17.14.19` | `1.5.61` | `0.45.0` | `0.13.0` | +| {% data variables.copilot.copilot_gpt_54 %} | `v1.104.1` | `17.14.19` | `1.5.66` | `0.47.0` | `0.15.0` | +| {% data variables.copilot.copilot_gpt_54_mini %} | `v1.104.1` | `17.14.19` | `1.5.66` | `0.47.0` | `0.15.0` | +| {% data variables.copilot.copilot_gpt_55 %} | `v1.117` | `17.14.19` | `1.5.66` | `0.47.0` | `0.15.0` | | {% data variables.copilot.copilot_gpt_56_luna %} | `1.128.0` | TBD | TBD | TBD | TBD | | {% data variables.copilot.copilot_gpt_56_sol %} | `1.128.0` | TBD | TBD | TBD | TBD | | {% data variables.copilot.copilot_gpt_56_terra %} | `1.128.0` | TBD | TBD | TBD | TBD | -| {% data variables.copilot.copilot_claude_opus_48 %} | `v1.118` and later | `17.14.6` and later | TBD | TBD | TBD | -| {% data variables.copilot.copilot_claude_sonnet_5 %} | `v1.124` and later | `17.14.6` and later | TBD | TBD | TBD | -| {% data variables.copilot.copilot_claude_fable_5 %} | `v1.124` and later | `17.14.6` and later | TBD | TBD | TBD | -| {% data variables.copilot.copilot_mai_code_1_flash %} | `v1.121` and later | TBD | TBD | TBD | TBD | +| {% data variables.copilot.copilot_claude_opus_48 %} | `v1.118` | `17.14.6` | TBD | TBD | TBD | +| {% data variables.copilot.copilot_claude_sonnet_5 %} | `v1.124` | `17.14.6` | TBD | TBD | TBD | +| {% data variables.copilot.copilot_claude_fable_5 %} | `v1.124` | `17.14.6` | TBD | TBD | TBD | +| {% data variables.copilot.copilot_kimi_k27_code %} | `v1.127` | `17.14.6` | `1.9.1-251` | TBD | TBD | +| {% data variables.copilot.copilot_mai_code_1_flash %} | `v1.121` | TBD | TBD | TBD | TBD | {% endrowheaders %} diff --git a/content/rest/search/search.md b/content/rest/search/search.md index 030c33b4aa58..b029c58d589e 100644 --- a/content/rest/search/search.md +++ b/content/rest/search/search.md @@ -31,7 +31,7 @@ Unless another sort option is provided as a query parameter, results are sorted {% data reusables.enterprise.rate_limit %} The REST API has a custom rate limit for searching. For authenticated requests, you can make up to -30 requests per minute{% ifversion fpt or ghec %} for all search endpoints except for the [Search code](/rest/search/search#search-code) endpoint. The [Search code](/rest/search/search#search-code) endpoint requires you to authenticate and limits you to 9 requests per minute{% endif %}. For unauthenticated requests, the rate limit allows you to make up to 10 requests per minute. +30 requests per minute{% ifversion fpt or ghec %} for all search endpoints except for the [Search code](/rest/search/search#search-code) endpoint. The [Search code](/rest/search/search#search-code) endpoint requires you to authenticate and limits you to 10 requests per minute{% endif %}. For unauthenticated requests, the rate limit allows you to make up to 10 requests per minute. For information about how to determine your current rate limit status, see [Rate Limit](/rest/rate-limit/rate-limit). diff --git a/data/reusables/code-quality/code-quality-org-targeting-preview-note.md b/data/reusables/code-quality/code-quality-org-targeting-preview-note.md new file mode 100644 index 000000000000..f715443d3414 --- /dev/null +++ b/data/reusables/code-quality/code-quality-org-targeting-preview-note.md @@ -0,0 +1,2 @@ +> [!NOTE] +> Organization-level repository targeting for {% data variables.product.prodname_code_quality %} is in {% data variables.release-phases.public_preview %} and subject to change. \ No newline at end of file diff --git a/data/tables/copilot/model-release-status.yml b/data/tables/copilot/model-release-status.yml index be46ccda434b..4ef5c0d47611 100644 --- a/data/tables/copilot/model-release-status.yml +++ b/data/tables/copilot/model-release-status.yml @@ -122,6 +122,6 @@ release_status: 'GA' # Open-weight models -- name: 'Kimi-K2.7-Code' +- name: 'Kimi K2.7 Code' provider: 'Moonshot AI' release_status: 'GA' diff --git a/data/tables/copilot/model-supported-clients.yml b/data/tables/copilot/model-supported-clients.yml index a205ac36032f..e4b27fcfb203 100644 --- a/data/tables/copilot/model-supported-clients.yml +++ b/data/tables/copilot/model-supported-clients.yml @@ -230,7 +230,7 @@ xcode: false jetbrains: false -- name: Kimi-K2.7-Code +- name: Kimi K2.7 Code dotcom: true cli: true vscode: true diff --git a/data/tables/copilot/model-supported-plans.yml b/data/tables/copilot/model-supported-plans.yml index bafa9fa622b8..dc23d01a6848 100644 --- a/data/tables/copilot/model-supported-plans.yml +++ b/data/tables/copilot/model-supported-plans.yml @@ -173,21 +173,21 @@ business: true enterprise: true -- name: MAI-Code-1-Flash +- name: Kimi K2.7 Code pro: true pro_plus: true max: true - business: true - enterprise: true + business: false + enterprise: false -- name: Raptor mini +- name: MAI-Code-1-Flash pro: true pro_plus: true max: true - business: false - enterprise: false + business: true + enterprise: true -- name: Kimi-K2.7-Code +- name: Raptor mini pro: true pro_plus: true max: true diff --git a/src/graphql/data/fpt/changelog.json b/src/graphql/data/fpt/changelog.json index 327dd1641520..145797bda24c 100644 --- a/src/graphql/data/fpt/changelog.json +++ b/src/graphql/data/fpt/changelog.json @@ -1,4 +1,18 @@ [ + { + "schemaChanges": [ + { + "title": "The GraphQL schema includes these changes:", + "changes": [ + "
Enum value 'ARCHIVED_EVENTwas added to enumPullRequestTimelineItemsItemType'
Enum value 'UNARCHIVED_EVENTwas added to enumPullRequestTimelineItemsItemType'
Represents aadded_to_project_v2event on a given issue or pull request.
Represents anarchivedevent on a given pull request.
Represents anassignedevent on any assignable object.
Represents atransferredevent on a given issue or pull request.
Represents anunarchivedevent on a given pull request.
Represents anunassignedevent on any assignable object.
Represents aadded_to_project_v2event on a given issue or pull request.
Represents anarchivedevent on a given pull request.
Represents anassignedevent on any assignable object.
Represents atransferredevent on a given issue or pull request.
Represents anunarchivedevent on a given pull request.
Represents anunassignedevent on any assignable object.