Published via GitHub Executive Insights | Authored by Dave Burnison

This Roundup is a must-read for any software developer or engineering leader navigating the rapidly evolving landscape of AI-powered development, security, and platform governance. We have curated the most impactful updates, best practices, and strategic insights from GitHub’s own engineering playbook, blog posts, changelogs, whitepapers and other resources—each link is handpicked to help you and your teams ship faster, reduce toil, and unlock new levels of developer creativity.

We continue to look for additional resources that will enable you to get the most out of GitHub and we have uncovered a new resource this month, the GitHub at Work Podcast. This is a great resource if you like to use your commute time, run/walk time, etc. as an opportunity to continually learn about the latest and greatest from GitHub.

We don't expect every person to read every word of this post. Skim through the topics that apply to how you and your teams use GitHub and dig into links that are the most relevant to you. Since some readers may skip over entire sections, you may see the same link appear in multiple sections such as a link that applies to both Code Security and CI/CD. Pass this Enterprise Roundup along to your colleagues or pass along specific links that will be beneficial to others.

Contents at a Glance

Analyst Reports
Events
GitHub Spark (Preview)
AI & ML – GitHub Copilot
Security
CI/CD
GitHub platform
Developer skills
Engineering
Legend

Analyst Reports

📚 GitHub recognized as a Leader in the Gartner® Magic Quadrant™ for AI Code Assistants - GitHub Copilot has been named a Leader in Gartner’s 2025 Magic Quadrant for AI Code Assistants—placing highest in Ability to Execute and furthest in Completeness of Vision—for the second year in a row. Gartner predicts that by 2028, 90% of enterprise software engineers will be using AI code assistants, and GitHub’s scale (20M+ users across 77K enterprises), agent‑based workflows, hybrid deployment flexibility, robust IDE and DevSecOps integrations, and deep enterprise-grade maturity position it as the tool enterprises need now. Understanding how GitHub continues to innovate—such as through Copilot Coding Agent, App Modernization, and enterprise-scale governance—will help software leaders evaluate whether Copilot can deliver productivity gains, code quality improvements, and scalable AI adoption across their teams.

Events

While GitHub hosts our own marquee events like Universe and Galaxy each year, you will also find GitHub participating in other industry events. Here is the latest news about upcoming events.

📅 GitHub Universe - October 28–29 at the historic Fort Mason in San Francisco. It’s our biggest event of the year—bringing together enterprise leaders and engineering experts shaping the future with AI. We have a lineup of over 100 sessions, demos, and expert panels focused on AI-powered development, enterprise-grade automation, and security best practices, featuring insights from leaders at Red Hat, GM, CVS, and more. This event also offers exclusive one-on-one mentoring and immersive hands-on labs—delivering the strategic know-how and technical depth your team needs to innovate, scale securely, and confidently drive business impact. New this year: Each general admission pass includes a GitHub certification exam, so your teams will have even more skills to bring back to your organization. Check out this blog post which provides a sampling of key sessions: 📢 Your guide to GitHub Universe 2025
📅 Microsoft Ignite - Get the edge you need to drive impact in the era of AI. Join us to bolster your knowledge, build connections, and explore emerging technologies. San Francisco, Moscone Center November 18–21, 2025 and Online November 18–20, 2025. You’ll learn about the latest tech trends and innovations that can help your organization gain a competitive edge and drive impact in the era of AI. Plus, you’ll get hands-on experience with cutting-edge AI, security, and IT solutions to bolster your knowledge and expand your expertise. It’s also a chance to connect with GitHub and Microsoft experts, partners, executives, and customers, allowing you to grow our network. Check out the more than 30 GitHub related sessions.
📅 Check out the complete upcoming conference schedule and upcoming webinar schedule.

GitHub Spark (Preview)

With GitHub Spark, you can describe what you want in natural language and get a fullstack web app with data storage, AI features, and GitHub authentication built in. You can iterate using prompts, visual tools, or code, and then deploy with a click to a fully managed runtime. Spark is seamlessly integrated with GitHub so you can develop your spark via a synced GitHub codespace with Copilot for advanced editing. You can also create a repository for team collaboration, and leverage GitHub's ecosystem of tools and integrations. Consider using GitHub Spark to quickly create a full stack prototype and then hand the repo over to pro devs to turn it into a production ready solution.

🚢 GitHub Spark in public preview for Copilot Enterprise subscribers - Accelerate your team’s innovation cycle by seamlessly turning ideas into live prototypes—and even production-ready apps—directly within GitHub, using AI-powered Spark with no setup and one-click deployment for Copilot Enterprise subscribers.
🚢 Share read-only Sparks with controlled data access - You can now securely share read‑only Spark applications—letting enterprise teams expose interactive insights without risking data integrity—while also benefiting from improved JSON mode, editor sync, and loading reliability.
For more information, refer to the documentation:

AI & ML - GitHub Copilot

Recent advancements and feature updates for GitHub Copilot, with a particular focus on the coding agent and agent mode. Key updates include new ways to assign work to the GitHub Copilot coding agent e.g. from the CLI, Azure Boards and Microsoft Teams as well as GitHub Copilot app modernization for Java and .NET, a new MCP server registry, aggregate context for GitHub Copilot with Copilot Spaces and more!

NOTE: Key capabilities that are still in Preview as of 2025-10-04 are: GitHub Spark, Upgrade assistant for Java in VS Code, Code feedback in VS Code. To quickly see which GitHub Copilot capabilities are in Preview, go to GitHub Copilot · Your AI pair programmer, Click on "For Business" and scroll down to see a complete list of features. This list highlights which features are Preview.

GitHub Copilot coding agent and Agent Mode

🚢 Copilot coding agent is now generally available! - Enhance your development workflow instantly with the GitHub Copilot coding agent—now GA—which autonomously drafts PRs, addresses bugs, technical debt, feature work, tests, and docs and integrates seamlessly across GitHub and your IDE of choice, scalable for enterprise-level teams under admin-controlled policy.
📢 & 📺 GitHub Copilot coding agent 101: Getting started with agentic workflows on GitHub (9:06) - GitHub’s new Copilot coding agent acts like an asynchronous AI teammate—spin up a task from an issue, let it autonomously create a branch, implement code, run tests via GitHub Actions, and open a pull request for your review. It’s designed to offload time-consuming, low-to-medium complexity work—like refactoring, bug fixes, and improving test coverage—so senior developers and team leads can focus on high-impact design and architecture, all within an enterprise-grade, secure, and auditable workflow.
🚢 Assign Azure Boards work items to Copilot coding agent in public preview - Connects Azure Boards tasks to Copilot for automated progress and completion tracking.
🚢 Work with Copilot coding agent in Microsoft Teams - Integrates AI coding assistance directly into Teams for seamless collaboration between developers and stakeholders.
🚢 Kick off and track Copilot coding agent sessions from the GitHub CLI - Enables developers to launch and monitor AI‑powered coding sessions directly from the command line.
🚢 Copilot coding agent remembers context within the same pull request - Keeps AI suggestions consistent and relevant by retaining PR‑specific context across multiple interactions.
🎧 GitHub Copilot's September Updates and Agentic Future | GitHub at Work Podcast - This episode includes a deep dive into GitHub Universe, agentic development, and the MCP Server's open-sourcing and security.
📢 Spec-driven development with AI: Get started with a new open source toolkit - If you're building enterprise-grade software with AI coding agents like GitHub Copilot, this post introduces a game-changing approach: spec-driven development. GitHub’s new open source toolkit, Spec Kit, transforms vague prompts into structured, executable specs—making AI workflows more reliable, scalable, and aligned with real-world constraints. Learn how to shift from “vibe-coding” to intentional, high-quality development that integrates seamlessly with your architecture, compliance, and design systems.
📢 Spec-driven development: Using Markdown as a programming language when building with AI - Discover how spec-driven development using Markdown as a programming language—paired with AI coding agents like GitHub Copilot—can streamline your workflow, reduce context loss, and accelerate iteration cycles. This post introduces a practical, open-source approach that keeps documentation and implementation in sync, enabling teams to build more maintainable and scalable software with less friction.
🚢 GitHub Copilot app modernization is now generally available for Java and .NET - With the ability to assess legacy Java and .NET applications, apply automated code transformations, patch builds, update dependencies, and containerize services in days instead of months, GitHub Copilot’s new app modernization features empower enterprise teams to accelerate migrations and upgrades with practical, end‑to‑end assistance.
📢 A step-by-step guide to modernizing Java projects with GitHub Copilot agent mode - Harness GitHub Copilot’s new Agent Mode to automatically scan, upgrade, and harden your legacy Java codebase—from deprecated APIs and insecure dependencies to full cloud-readiness with Azure migration—without manual scripting or guesswork. By transforming Copilot into an AI-powered junior engineer, this guide delivers a step-by-step, feedback-driven modernization workflow that slashes manual effort, eliminates build errors, and fast-tracks secure, cloud-native deployments.
🚢 Pick the repository and base branch when assigning issues to Copilot - Adds precision to AI‑driven issue assignment by letting you target specific repos and branches.

Getting the Most from GitHub Copilot across the Enterprise

📢 GitHub Copilot gets smarter at finding your code: Inside our new embedding model - GitHub Copilot’s new embedding model dramatically improves code search in VS Code—delivering faster, more accurate, and memory-efficient results. With a 37.6% boost in retrieval quality and over 100% improvement in code acceptance for Java and C# developers, this update directly enhances productivity and reliability in large-scale, real-world development workflows. If your team relies on Copilot, understanding this upgrade is key to unlocking smarter, context-aware coding assistance.
📚 Playbook series: Why you need a DRI for your AI program - This post reveals why appointing a Directly Responsible Individual (DRI)—a dedicated leader, strategist, coach, and data storyteller—is the critical linchpin for transforming an AI vision into tangible business outcomes. Learn how GitHub sets this role up for success, and why without a DRI your AI investments risk staying siloed, underutilized, or stuck in “strategy” mode rather than delivering real results.
📚 Playbook series: Fostering AI learning opportunities - Looking to transform your organization's AI tools into real-world impact? This post reveals why access alone isn’t enough—and outlines a proven blueprint for scaling AI fluency: from curated learning hubs and structured paths to real-world use cases and live “office hours” sessions—empowering every developer and leader to go from curiosity to confident, productive AI usage.
📢 5 tips for writing better custom instructions for Copilot - If you're using GitHub Copilot in your enterprise projects, writing effective custom instructions is no longer optional—it’s essential. This guide shows how a well-crafted copilot-instructions.md file can dramatically improve Copilot’s code suggestions by giving it the context your team already knows but the AI doesn’t. Learn how to turn Copilot into a productive teammate by sharing your tech stack, coding standards, and project structure the right way.
📄 Customization library - GitHub Docs - We've published a curated collection of examples you can copy, adjust, and use to enhance your experience with Copilot. This library is designed to inspire and educate people on the options available to customize Copilot responses. We've included examples of custom instructions (widely supported) and prompt files (supported in VS Code only). The examples cover scenarios such as debugging, onboarding, and accessibility.
🙋‍♂️ Mastering-GitHub-Copilot-for-Paired-Programming: A multi-module course teaching everything you need to know about using GitHub Copilot as an AI Peer Programming resource - Mastering Copilot isn’t optional—it’s the new literacy for modern devs. We've recently updated and launched a free, hands-on course that shows you how to pair program with Copilot like a pro—writing smarter code, solving real problems, and unlocking AI workflows that actually scale.
🚢 Manage Copilot and users via Enterprise Teams in public preview - Centralizes AI user and license management for large organizations.
🚢 Premium requests analytics page is now generally available - See how your organization’s premium request usage translates into real costs and gain granular insights—down to users, models, and cost centers—via a new Copilot analytics dashboard and API endpoint available for enterprise and billing teams.

GitHub Copilot and Model Context Protocol (MCP) Servers

📢 Meet the GitHub MCP Registry: The fastest way to discover MCP Servers - Discover how the new GitHub MCP Registry dramatically simplifies and secures the discovery of MCP (Model Context Protocol) servers—centralizing what was previously scattered across repos, threads, and multiple registries into a curated, one-click marketplace built right into VS Code and Copilot. For more information refer to 📄 About Model Context Protocol (MCP) & 📄 Extending GitHub Copilot Chat with the Model Context Protocol (MCP).
📺 A deep dive into the GitHub MCP registry (9:13) - See how the GitHub MCP registry and its open source governance model are transforming the way developers discover, vet, and publish high-quality tools—making it easier than ever to drive innovation securely at scale within enterprise environments. Learn why self-publication, robust API integration, and curated allowlists are game-changers for organizations seeking to accelerate developer productivity and confidently adopt new technologies.
🚢 Internal MCP registry and allowlist controls for VS Code Insiders - Enterprise teams can now securely configure and enforce trusted MCP server access in VS Code Insiders—enabling early testing ahead of the full Copilot rollout.
🚢 Remote GitHub MCP Server is now generally available - This enables enterprise developers to securely connect AI agents to live GitHub data—like issues, pull requests, and code files—using OAuth, one-click install, and automatic updates and without local setup.
📢 & 📺 How to debug a web app with Playwright MCP and GitHub Copilot - Discover how GitHub Copilot, empowered by the Playwright MCP server, can autonomously reproduce, diagnose, and validate web app bugs—dramatically reducing manual debugging effort. If your team struggles with incomplete test coverage or tedious repro steps, this guide shows how to turn Copilot into a hands-on debugging assistant that sees and interacts with your app like a real user.
📢 & 📺 Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences - Traditional AI tool integrations often rely on rigid assumptions and hard-coded defaults, leading to clunky user experiences. This post introduces MCP elicitation, a new capability that enables AI agents like GitHub Copilot to dynamically ask for missing information—transforming interactions from brittle tool calls into intuitive, context-aware workflows.

Copilot Spaces

🚢 Copilot Spaces is now generally available - Copilot Spaces let you organize the context that Copilot uses to answer your questions. Spaces can include repositories, code, pull requests, issues, free-text content like transcripts or notes, images, and file uploads. You can ask Copilot questions grounded in that context, or share the space with your team to support collaboration and knowledge sharing. For more information refer to:
- 📄 About GitHub Copilot Spaces
- 📄 Creating GitHub Copilot Spaces
- 📄 Using GitHub Copilot Spaces

GitHub Copilot CLI

🚢 GitHub Copilot CLI is now in public preview - Brings AI‑driven coding assistance to terminal workflows for faster, smarter development. For more information refer to the documentation:
- 📄 About GitHub Copilot CLI
- 📄 Using GitHub Copilot CLI
📺 How to use the GitHub Copilot CLI to onboard, debug, and contribute (6:18) - Discover how GitHub Copilot CLI transforms developer productivity by seamlessly integrating AI-powered collaboration directly into your terminal, eliminating the hassle of API keys and streamlining everything from onboarding to issue resolution. Learn why this tool is becoming the main AI collaborator for leading teams, empowering you to automate common tasks, accelerate codebase understanding, and adopt best practices.
🚢 GitHub Copilot CLI: Enhanced model selection, image support, and streamlined UI - GitHub Copilot CLI now delivers enterprise-grade flexibility and efficiency with preview access to Anthropic’s advanced Claude Sonnet 4.5 model, seamless image‐based context, a refined and intuitive CLI interface, precise session‑and‑permission controls, and improved enterprise authentication and usage transparency.
🚢 Kick off and track Copilot coding agent sessions from the GitHub CLI - Enables developers to launch and monitor AI‑powered coding sessions directly from the command line.

GitHub Copilot Code Reviews

📄 Configuring automatic code review by GitHub Copilot - This article tells you how to set up Copilot code review to review pull requests automatically.
🚢 Copilot code review: Now in JetBrains IDEs and Visual Studio - Expands AI‑assisted code review to more IDEs, improving quality and speed across enterprise projects.
🚢 Copilot code review: Path-scoped custom instruction file support - Enables fine‑grained AI review rules by defining custom instructions per file path.
🚢 Copilot code review: Independent repository rule for automatic reviews - Empower your team to adopt Copilot’s automatic code reviews more flexibly—with a standalone repository rule and granular subsettings for on‑push and draft PRs, you gain precise control without enforcing merge gates or disrupting workflows.

GitHub Copilot - New Models

Anthropic Claude Sonnet 4.5 - Anthropic’s most advanced Copilot model
Anthropic Claude Opus 4.1 - Offers improved AI performance for complex coding tasks.
- 🚢 Generally available in GitHub Copilot
- 🚢 Now available in public preview in Visual Studio, JetBrains IDEs, Xcode, and Eclipse
🚢 OpenAI GPT-5-Codex is rolling out in public preview for GitHub Copilot - Delivers cutting‑edge AI coding capabilities with enhanced context handling.
🚢 OpenAI GPT-5 and GPT-5 mini are now generally available in GitHub Copilot - Introduces faster, more accurate AI models for enterprise coding workflows.
🚢 Copilot-SWE model rolling out to Visual Studio Code Insiders - Copilot‑SWE introduces an experimental, task‑focused AI model in Visual Studio Code Insiders—designed to supercharge code editing, refactoring, and transformations through detailed prompts—and is now available for enterprise teams to evaluate in technical preview with in‑IDE feedback support.
🚢 Bring Your Own Key (BYOK) support for JetBrains IDEs and Xcode in public preview - Unlock unprecedented flexibility and control in your IDEs by using your own API keys (Anthropic, Azure, Gemini, Groq, OpenAI, OpenRouter) for Copilot Chat in JetBrains and Xcode.

Additional GitHub Copilot Updates

🚢 Auto model selection for Copilot in VS Code in public preview - Unlock hassle‑free AI coding in VS Code with Copilot’s new Auto model picker that intelligently selects the fastest, most available model—complete with usage transparency, policy compliance, and even automatic cost savings for paid plans. NOTE: While this preview of auto model selection optimizes for availability, we’re actively working on future updates to make it more intelligent to account for your task.
🚢 GitHub Copilot in Visual Studio — September update - This update elevates GitHub Copilot in Visual Studio 2022 (v17.14) with enterprise-grade advancements tailored for high-impact software teams.
🚢 GitHub Copilot in VS Code August release (v1.104) - This VS Code update delivers smarter model selection, enhanced security with edit confirmation, refined chat‑and‑agent workflows, customizable AGENTS.md support, and extended control over terminal approvals.
🚢 Start your new repository with Copilot coding agent - Accelerate project bootstrapping by letting Copilot automatically scaffold your repo with context‑aware code and configuration.
🚢 Copilot can create issues with code snippets in public preview - Lets Copilot automatically generate actionable GitHub issues from code, streamlining bug tracking and feature requests.
🚢 New features in GitHub Copilot in Eclipse - Enhances AI coding support with smarter completions and better integration.
🚢 GitHub Changelog - Copilot, September, 2025 - Skim through all of the Copilot changes from September.

Security

Application security with GitHub, ensuring the code that lives in GitHub and the dependencies that go into the solutions you build are secure and do not contain any secrets.

📢 Kicking off Cybersecurity Awareness Month 2025: Researcher spotlights and enhanced incentives - GitHub is launching Cybersecurity Awareness Month with enhanced incentives—offering a 10% bounty bonus for vulnerability reports tied specifically to Copilot Coding Agent, GitHub Spark, and Copilot Spaces. Alongside public spotlights on leading researchers and the announcement of a new “Glass Firewall” conference nurturing diversity in the bug-hunting community, this campaign underscores Microsoft’s commitment to proactive, community-driven security.

Secret Protection

🚢 Accelerate remediation with security campaigns and assignable alerts - You can now leverage Security Campaigns to accelerate the remediation of hard coded secrets found by GitHub Secret Scanning.
🚢 Delegated bypass controls for push protection now available at the enterprise level - Unlock enterprise-wide governance by enabling delegated bypass controls for secret-scanning push protection—allowing you to centrally designate approvers, triage bypass requests across all organizations via UI or API, and ensure secure yet flexible workflow compliance.
🚢 Secret scanning validity checks available for Enterprise Cloud with data residency - Adds compliance‑friendly secret validation for regulated industries.

Code Security

🚢 Accelerate remediation with security campaigns and assignable alerts - Streamlines vulnerability response by assigning alerts directly to responsible teams.
🚢 Improved notifications in security campaigns - Developers now receive automatic email alerts about security campaign milestones—no subscription required.
📢 CodeQL zero to hero part 5: Debugging queries - This post reveals how to go beyond basic query outputs to understand and fix flow problems in complex, real-world scenarios. Learning to wield partial path graphs, AST inspection, quick evaluation, and custom taint steps will empower you to diagnose elusive vulnerabilities—like unsafe deserialization in Gradio apps—fast and confidently.
🚢 Incremental security analysis with CodeQL is now available for all languages - Speeds up secure code scanning by analyzing only changed code.
🚢 CodeQL 2.23.0 adds support for Rust log injection and other security detection improvements - Enhances detection of advanced security vulnerabilities across languages.
🚢 CodeQL 2.23.1 adds support for Java 25, TypeScript 5.9 and Swift 6.1.3 - Unlock enhanced security and developer velocity with expanded language support (Java 25, TypeScript 5.9, Swift 6.1.3), smarter vulnerability detection—like Rust SSRF checks and fewer false positives in Java nullability and JS framework modeling—and improved query precision across your multi-language codebases.
🚢 CodeQL 2.22.4 adds support for Go 1.25 and accuracy improvements - Enhanced security analysis with Go 1.25 compatibility, sharper detection for Rust SQL/storage issues, Java/Kotlin flow source modeling, and refined false‑positive handling across C/C++ and JavaScript/TypeScript.

Supply Chain Security

📢 Our plan for a more secure npm supply chain - GitHub is responding to a surge in npm registry attacks—like the self-replicating “Shai‑Hulud” worm that compromised over 500 packages—by overhauling how packages are published and authenticated to prevent future supply-chain breaches. These changes significantly raise the bar for securing your build pipelines, reinforcing trust in your open-source dependencies and delivering long-term protection for your development workflows.
🚢 Strengthening npm security: Important changes to authentication and token management - This update forces enterprises to reassess and fortify their npm CI/CD pipelines now to dramatically reduce supply‑chain risks.
📢 & 📺 How to use the GitHub and JFrog integration for secure, traceable builds from commit to production (2:06) - Eliminate the guesswork and manual effort of tracing builds from commit to production by cryptographically linking source code to artifacts and automating security scans across the entire software supply chain. See how to unify traceability, security, and artifact promotion directly within your GitHub Actions workflows.
🚢 Dependabot alerts now support production context prioritization - Helps teams focus on vulnerabilities that impact live systems first.
🚢 Go private registry support for Dependabot now generally available - Now you can automate updates for both public and private Go modules—including those behind GOPROXY-compatible proxies and enterprise registries like JFrog Artifactory and Nexus.

Additional Security Updates

📢 Post-quantum security for SSH access on GitHub - GitHub rolled out a hybrid post‑quantum SSH key‑exchange algorithm to future‑proof SSH connections against “store‑now, decrypt‑later” quantum attacks. This means that even if quantum computers capable of breaking current crypto arrive years from now, your SSH‑based Git traffic remains secure—without any configuration changes.
🚢 Security contact for security notification emails is generally available - Enterprise admins can now set a dedicated security‑incident contact email at the enterprise account level—ensuring timely, targeted alert delivery to the right responsibles rather than flooding general inboxes.
🚢 GitHub Changelog - Security, September, 2025 - Skim through all of the security related changes from September.

CI/CD

Continuous Integration & Continuous Deployment with GitHub Actions.

📢 & 📺 How to use the GitHub and JFrog integration for secure, traceable builds from commit to production - This new GitHub and JFrog integration eliminates the guesswork and manual effort of tracing builds from commit to production by cryptographically linking source code to artifacts and automating security scans across the entire software supply chain. See how to unify traceability, security, and artifact promotion directly within your GitHub Actions workflows.
🚢 Actions: YAML anchors and non-public workflow templates - Harness the newly released YAML anchors for reusable workflow configuration, private workflow templates in non‑public repositories, and built‑in job check_run_id support to supercharge enterprise CI/CD efficiency, security, and traceability.
🚢 GitHub Changelog - Actions, September, 2025 - Skim through all of the security related changes from September.

GitHub Platform

Resources to assist those who manage the rollout and maintenance of GitHub for hundreds if not thousands of stakeholders.

📚 Managing Repositories at Scale – GitHub Well-Architected - As organizations scale their software development efforts, managing large volumes of repositories becomes a complex governance challenge requiring consistent policies, clear ownership, and automated enforcement. Modern platforms like GitHub offer scalable solutions—such as repository rulesets and metadata management—that help ensure security, compliance, and operational visibility across the entire codebase.
🗣️ GitHub Administration certification prep course - Build your Enterprise knowledge of GitHub tools, best practices, and concepts with our GitHub Administration Certification prep course. Join our four week course to help you ace the exam and showcase your GitHub expertise!
🚢 Visualize GitHub Enterprise metered usage by organization - GitHub Enterprise Cloud now breaks out metered usage by individual organization—including cost‑center attributions—right in the Billing & Licensing dashboard, giving you clearer visibility into who’s consuming what so you can optimize licensing decisions and budget allocation.
🚢 Enterprise access restrictions with corporate proxies is now generally available - Ensure only your managed enterprise users can access GitHub—and Copilot—through your corporate proxy by enforcing header‑based access controls for heightened security and compliance.
🚢 GitHub Enterprise license history tracking now available in public preview - Get daily snapshots and full audit trails of license additions, removals, actors, and effective billing dates—enabling enterprise teams to optimize usage, improve cost forecasting, and gain accountability—now available in public preview.
🚢 Updating license-based budgets to accept license counts - Now that license-based budgets are calculated using license counts instead of dollar amounts, enterprise teams can streamline license management and align budgeting more closely with how admins already operate.
🚢 Manage Copilot and users via Enterprise Teams in public preview - Centralizes AI user and license management for large organizations.
🚢 GitHub ruleset exemptions and repository insights updates - GitHub now enables silent ruleset exemptions for trusted automation and introduces more accessible repository insights, streamlining enterprise workflows and improving data visibility. This allows you to exempt specific actors (roles, teams, or GitHub Apps) from all enforced rules with a new exempt bypass type.
🚢 Verified answers generally available in GitHub Discussions - Improves knowledge sharing by highlighting authoritative solutions in developer forums.
🚢 Security contact for security notification emails is generally available - Enterprise admins can now set a dedicated security‑incident contact email at the enterprise account level—ensuring timely, targeted alert delivery to the right responsibles rather than flooding general inboxes.
🚢 GitHub Changelog - GitHub Platform, September, 2025 - Skim through all of the GitHub Platform related changes from September.

Developer Skills

General developer expertise based on our own experience and the collective experience of our customers and partners. It's time to start diving into how AI is going to work along side of you to make you a better, more productive developer not, replace you. Check out the new posts 📢, documentation 📄, and articles 📚 to see how AI can make you an awesome developer and guidance for how large enterprises should approach adopting AI.

📚 Playbook series: Fostering AI learning opportunities - This post reveals why access alone isn’t enough—and outlines a proven blueprint for scaling AI fluency: from curated learning hubs and structured paths to real-world use cases and live “office hours” sessions—empowering every developer and leader to go from curiosity to confident, productive AI usage.
🎧 Why Junior Devs Aren’t Obsolete | GitHub at Work Podcast - This episode recaps August 2025 GitHub releases. The deep dive explores developer joy in the AI era, junior developer relevance, and best practices for successful Copilot rollouts.
🚢 Open sourcing the GitHub Annotation Toolkit - Open‑sourcing this Figma‑based GitHub Annotation Toolkit equips your enterprise design and development teams with a comprehensive, WCAG‑aligned annotation system—complete with flow diagrams, interaction mapping, semantic structuring, and accessible presets—so you can proactively eliminate nearly half of common accessibility issues straight from the design phase.
🗣️ GitHub Administration certification prep course - Build your Enterprise knowledge of GitHub tools, best practices, and concepts with our GitHub Administration Certification prep course. Join our four week course to help you ace the exam and showcase your GitHub expertise!

Engineering

An inside look at how we’re building the home for all developers. Resources based on our internal experiences.

📚 Playbook series: Why you need a DRI for your AI program - Learn how GitHub sets the Directly Responsible Individual (DRI) role up for success, and why without a DRI your AI investments risk staying siloed, underutilized, or stuck in “strategy” mode rather than delivering real results.
📚 How GitHub's Licensing team used AI agents to champion accessibility - By delegating well-defined accessibility fixes, the team resolved 70% of issues autonomously, met their compliance goals, and maintained full velocity on feature delivery—demonstrating how smart AI integration can accelerate both productivity and inclusivity. "In this new era of development, the teams that thrive won't just be those with the most resources, but those who most creatively harness the complementary strengths of humans and AI to deliver better, more accessible experiences for everyone."
🚢 Open sourcing the GitHub Annotation Toolkit - Open‑sourcing this Figma‑based GitHub Annotation Toolkit developed from our internal accessibility work, equips your enterprise design and development teams with a comprehensive, WCAG‑aligned annotation system—complete with flow diagrams, interaction mapping, semantic structuring, and accessible presets—so you can proactively eliminate nearly half of common accessibility issues straight from the design phase.

Legend

📅 Events
📢 GitHub Blog
📺 GitHub on YouTube
🚢 The GitHub Changelog
📚 GitHub Resources
📄 GitHub Docs
🗣️ GitHub public feedback & discussions
🎧 Podcasts such as GitHub at Work Podcast
🙋‍♂️ Training
🌐 Third Party Web Site

That’s it for the October '25 edition of the enterprise roundup. Check back in to the GitHub Executive Insights at the beginning of next month to see the next round of key updates.

We want to hear from you! Did you find this curated list of updates from GitHub helpful? Do you have suggestions on how we can provide the information that is going to be the most useful and timely for your role? Visit the GitHub Community. October ‘25 enterprise roundup - community · Discussion